I'm trying to use the following configuration with Apache 2.4.54:
<AuthnProviderAlias ldap example>
AuthLDAPURL ldap://ldap/ou=users,dc=example,dc=com?cn
AuthLDAPBindDN uid=authreader,ou=system,dc=example,dc=com
AuthLDAPBindPassword secret
</AuthnProviderAlias>
<Location "/">
AuthName "LDAP"
AuthType Basic
AuthBasicProvider example
Require ldap-user user1
</Location>
This fails, and with `LogLevel debug` I see:
... AH01697: auth_ldap authenticate: accepting user1
... AH01626: authorization result of Require ldap-user user1: denied
So mod_authnz_ldap is getting the correct user id, but it's not matching the
Require line.
I thought maybe I needed to use the provider alias instead of ldap- in
Require, like this:
Require example-user user1
But that fails with:
Unknown Authz provider: example-user
That makes me think I'm close.
This *particular* problem can be solved by just setting:
Require user user1
That works fine, but any of the other ldap-specific actions (Require
ldap-group, Require ldap-dn, etc) seem to fail the same way as Require
ldap-user.
What I'm doing here seems to match everything I've been able to find
in the documentation. Is this a bug, or have I missed something?
Thanks!
--
Lars Kellogg-Stedman <lars@xxxxxxxxxx> | larsks @ {irc,twitter,github}
http://blog.oddbit.com/ | N1LKS
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|