The problem I'm having is authenticating using groups to authorize access.
I'm using LoadModule authn_alias_module modules/mod_authn_alias.so as to identify multiple authentication providers. The below works fine when Require valid-user is used instead of ldap-group. You might note I'm using svn but I'm simply hitting the Apache Server with a browser. I haven't found an example where authorization is group. Found pelenty of examples where Require valid-user which, of course, is of no value to me.
Please someone repond to this despirate post.
<AuthnProviderAlias ldap ldap-01>
AuthLDAPBindDN "CN=ldapuser,OU=StandardUsers,OU=My Company,OU=Users,OU=EIT Central,DC=ad,DC=mycompany,DC=com"
AuthLDAPBindPassword mypassword
AuthLDAPURL ldap://ldap.ad.mycompany.com:389/DC=ad,DC=mycompany,DC=com?sAMAccountName?sub
</AuthnProviderAlias>
<AuthnProviderAlias ldap ldap-02>
AuthLDAPBindDN "CN=ldapuser,OU=StandardUsers,OU=My Company,OU=Users,OU=EIT Central,DC=ad,DC=mycompany,DC=com"
AuthLDAPBindPassword mypassword
AuthLDAPURL ldap://ldap.other.mycompany.com:389/DC=other,DC=mycompany,DC=com?sAMAccountName?sub
</AuthnProviderAlias>
# Location for the Subversion repository
<Location /repository>
DAV svn
SVNPath c:/svn_repository
#
Order deny,allow
Allow from all
AuthBasicProvider ldap-01 ldap-02
AuthType Basic
AuthName 'Subversion
Repository'
AuthzLDAPAuthoritative off
Require ldap-group CN=G-MyGroup,OU=Groups,OU=LAN Services,DC=ad,DC=mycompany,DC=com
SVNAutoversioning on
ModMimeUsePathInfo on
</Location>
