Re: Authenticating Apache against multiple groups in LDAP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, May 7, 2010 at 4:00 PM, Rodrigo Montenegro
<montenegro.r@xxxxxxxxx> wrote:
> Hey Guys!
>
> I have the following scenario. I want to authenticate and authorize users in
> a Apache server against an LDAP server.
> The things is that there is so a need to make this authorization checking up
> if the user is in one of many groups.
> The question is: is that possible? If it is, how can I make it happen?
>
> I have sucess on doing this authorization against one single group, but not
> search in many.
>
> <Location /somepath>
>
> AuthType Basic
> AuthName "Secret path"
> AuthBasicProvider ldap
> AuthLDAPUrl ldap://ldapserver/ou=organization,ou=org
> AuthzLDAPAuthoritative on
> AuthLDAPBindDN "uid=serviceuser,ou=services,ou=corp,ou=organization,ou=org"
> AuthLDAPBindPassword "servicepwd"
>
> AuthLDAPGroupAttribute uniqueMember
> AuthLDAPGroupAttributeIsDN on
>
> require ldap-group cn=group1,ou=Groups,ou=corp,ou=organization,ou=org
>
> </Location>
>
> In group1 there is a list in uniqueMember attribute containing all the DN
> users.

Just repeat the require for each group. Membership in any group lets them in.


-- 
Eric Covener
covener@xxxxxxxxx

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux