Re: If statement against AUTHENTICATE_memberOf variable created by authnz_ldap

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> So the first question is: Is it normal that I have to use mod_rewrite to
> check for group membership ? I tried hundred of syntaxes with SetEnvIf
> or SetEnvIfExpr but I never managed to get it working. I'm not sure why
> but I guess it's somehow related to "race condition" (lazy evaluation)
> while evaluating environment variable, does it makes sense ?

SetEnvIf[expr] is evaluated very early, long before authn/authz occurs
and those environment variables can be filled out.

>
> Second question is: I cannot use "$" to make a proper regex matcher. If
> the group is not the last one, I can match it with ;.*$, if it is the
> last one, I should be able to match [...]DC=internal$, however that does
> not work. There's is one unknown character and I have no idea what it
> is. Matching with DC=internal.?$ works, so that's one SINGLE char... Any
> idea ?
>

You could send it out as a response header for debugging, or maybe
observe it with rewrite:trace8 in the error_log

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux