> -----Original Message----- > From: Christophe Gravier > [mailto:christophe.gravier@xxxxxxxxxxxxxxxxxx] > Sent: Friday, November 10, 2006 12:05 AM > Sohail Somani a écrit : > > Hi, > > > > I'm trying to set up ldap authentication. I am pretty sure that it > > authenticates because if I get the following results from > the error logs > > in specific situations: > > > > Invalid user: auth_ldap authenticate: user <bad_user> authentication > > failed; URI /mypaty [User not found][No such object] > > Valid user/invalid pw: user <good_user>: authentication failure for > > "/mypath": Password Mismatch > > Valid user/valid pw: No output from error log > > > > So I assume that it works and is set up correctly. > Additionally, I have > > used ldapsearch to verify that the ldap strings are doing the right > > dance. > > > > However, in the last case, when it appears that I have > authenticated, > > Firefox/IE keep popping up the authorization box even when > the user/pw > > are correct! Here is my relevant (I hope) config: [snip] > Are you using Apache >= 2.2 ? > > If yes, the "require valid-user" is not the directive for authnz_ldap > module/ > If you're using apache >= 2.2 and you want to: > > 1/ allow "any" authenticated user to enter (whatever his group > membership is (i.e. no authorization control), you must "bypass" the > authz_ldap authorization module by setting > "AuthzLDAPAuthoritative" to > off (else apache searches for require ldap-user or ldap-group > directives) [snip] Thanks, these configs did the trick. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|