Hi all. I'm trying to convert an apache 2.0 config to 2.2 where the <Directory> section in httpd.conf configures access via ldap, and an .htaccess file overrides that setting for a particular subdirectory of that space. Here's what I'm trying to use on apache 2.2.9 (ip addresses and paths changed to protect the innocent) <Directory /path/to/my/site/cgi-bin> AllowOverride AuthConfig AuthBasicProvider ldap AuthName "Default Auth" AuthType Basic AuthLDAPURL "ldap://aa.bb.cc.dd/ou=people,dc=myplace,dc=com,dc=au?uid?one?"; require valid-user AuthzLDAPAuthoritative off Options FollowSymLinks Order allow,deny Allow from all </Directory> And here's what I have in /path/to/my/site/cgi-bin/test/.htaccess: AuthName "Local Auth" AuthType Basic AuthUserFile /path/to/my/site/cgi-bin/test/.htpasswd AuthGroupFile /dev/null require user testme1 The .htpasswd file contains one entry - that for the 'testme1' user When only one of these settings is in place (and the other commented out) then the authentication seems to work fine. However with both configured neither set of credentials (ldap or .htpasswd based) are accepted. Here is the debug output from the apache error log when both are enabled [Tue Nov 11 14:26:41 2008] [debug] mod_authnz_ldap.c(377): [client ww.xx.yy.zz] [18978] auth_ldap authenticate: using URL ldap://aa.bb.cc.dd/ou=people,dc=myplace,dc=com,dc=au?uid?one? [Tue Nov 11 14:26:41 2008] [warn] [client ww.xx.yy.zz] [18978] auth_ldap authenticate: user testme1 authentication failed; URI /cgi-bin/test/printenv [User not found][No such object] [Tue Nov 11 14:26:41 2008] [error] [client ww.xx.yy.zz] user testme1 not found: /cgi-bin/test/printenv Here's is the output when ldap auth is used and .htaccess is disabled [Tue Nov 11 14:29:17 2008] [debug] mod_authnz_ldap.c(377): [client ww.xx.yy.zz] [2500] auth_ldap authenticate: using URL ldap://aa.bb.cc.dd/ou=people,dc=myplace,dc=com,dc=au?uid?one? [Tue Nov 11 14:29:17 2008] [debug] mod_authnz_ldap.c(474): [client ww.xx.yy.zz] [2500] auth_ldap authenticate: accepting ldapguy [Tue Nov 11 14:29:17 2008] [debug] mod_authnz_ldap.c(847): [client ww.xx.yy.zz] [2500] auth_ldap authorise: declining to authorise There is no debug info in the apache log when the .htaccess auth is used and ldap is disabled. >From the first set of debugging info it appears authnz_ldap is still trying to do authentication checking even when the .htaccess should be overriding it. Can anyone else repeat this problem or suggest the proper configuration to make it work. Thanks, Admin --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|