After authentication, How to authorize users according to IP (or host)?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

According to this page: http://httpd.apache.org/docs/current/mod/mod_authz_host.html , we can authorize the users  after Authentication, Is this true?

My problem is I'm trying to authenticate all my users (using LDAP) except some IPs, it have worked will:

<Directory /var/www/html/ldap>
      Order allow,deny
      Allow from 192.168.1.2 192.168.1.7
      Satisfy any
      AuthName "LDAP Authentication"
      AuthType Basic

      AuthBasicProvider ldap
      AuthzLDAPauthoritative off
      AuthLDAPURL ldap://192.168.1.3/dc=hiast,dc=com?uid?sub?(objectClass=*)
      Require host
</Directory>

but when I add this line "Require ip 192.168.1.2"

<Directory /var/www/html/ldap>
      Order allow,deny
      Allow from 192.168.1.2 192.168.1.7
      Satisfy any
      AuthName "LDAP Authentication"
      AuthType Basic
      Require ip 192.168.1.2
      AuthBasicProvider ldap
      AuthzLDAPauthoritative off
      AuthLDAPURL ldap://192.168.1.3/dc=hiast,dc=com?uid?sub?(objectClass=*)
      Require valid-user
</Directory>


apache let 192.168.1.2 && 192.168.1.7 to enter the directory, so where is the authorization? How can I make this directory available only for 192.168.1.2 and not to 192.168.1.7?
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux