On Thu, Feb 25, 2010 at 4:35 PM, Thomas, Peter <pthomas@xxxxxxxx> wrote: > I continue to fight with this. I added in "stub" handlers for Access, I've > determined that the authorization check of mod_authnz_ldap is being executed > in the Access phase of AAA. This isn't documented; it's causing two > problems: early auth failure as well as a side-effect of an extra, useless > LDAP query with a blank filter. > > How do I instruct Apache to remove mod_authnz_ldap's authorization handler > from the access phase, while leaving it in for authorization? > That doesn't seem possible, as mod_authnz_ldap doesn't hook access_checker (and access_checker is before e.g. mod_auth_basic can even perform authn -- how can you do authz if you don't know who the user is?) -- Eric Covener covener@xxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|