Hi,We've currently moved from 2.0 to 2.2 and have noticed a difference in out .htaccess files under the two.
We use mod_auth(nz)_external on both and ahve a user and group auth program to authenticate/authorise.
In 2.0 with .htaccess containing: Deny from All AuthType Basic #so only 2.2 apache uses it <IfModule mod_authnz_external.c> AuthBasicProvider external </IfModule> AuthName "Access restricted to Maths Staff only" AuthExternal LDAPUser GroupExternal LDAPGroup <Limit GET> require group ou=st,ou=foo,ou=bar,o=baz require user fred Satisfy Any </Limit> A user in group st,foo,bar,baz would get in, as would user fred.In 2.2, it seems to check the user against fred, and then if that does not match, it doesn't even try the group auth (checked with the auth programs dumping debug info to files)
Is there some magic option that appeared between versions which we'v eoverlooked that could explain the change in behaviour?
-- John Gilbertson The University of Liverpool --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|