According to this page: http://httpd.apache.org/docs/current/mod/mod_authz_host.html , we can authorize the users after Authentication, Is this true?
My problem is I'm trying to authenticate all my users (using LDAP) except some IPs, it have worked will: <Directory /var/www/html/ldap> Order allow,deny Allow from 192.168.1.2 192.168.1.7 Satisfy any AuthName "LDAP Authentication" AuthType Basic AuthBasicProvider ldap AuthzLDAPauthoritative off AuthLDAPURL ldap://192.168.1.3/dc=hiast,dc=com?uid?sub?(objectClass=*) Require host </Directory> but when I add this line "Require ip 192.168.1.2" <Directory /var/www/html/ldap> Order allow,deny Allow from 192.168.1.2 192.168.1.7 Satisfy any AuthName "LDAP Authentication" AuthType Basic Require ip 192.168.1.2 AuthBasicProvider ldap AuthzLDAPauthoritative off AuthLDAPURL ldap://192.168.1.3/dc=hiast,dc=com?uid?sub?(objectClass=*) Require valid-user </Directory> apache let 192.168.1.2 && 192.168.1.7 to enter the directory, so where is the authorization? How can I make this directory available only for 192.168.1.2 and not to 192.168.1.7? |