Just repeat the require for each group. Membership in any group lets them in.On Fri, May 7, 2010 at 4:00 PM, Rodrigo Montenegro
<montenegro.r@xxxxxxxxx> wrote:
> Hey Guys!
>
> I have the following scenario. I want to authenticate and authorize users in
> a Apache server against an LDAP server.
> The things is that there is so a need to make this authorization checking up
> if the user is in one of many groups.
> The question is: is that possible? If it is, how can I make it happen?
>
> I have sucess on doing this authorization against one single group, but not
> search in many.
>
> <Location /somepath>
>
> AuthType Basic
> AuthName "Secret path"
> AuthBasicProvider ldap
> AuthLDAPUrl ldap://ldapserver/ou=organization,ou=org
> AuthzLDAPAuthoritative on
> AuthLDAPBindDN "uid=serviceuser,ou=services,ou=corp,ou=organization,ou=org"
> AuthLDAPBindPassword "servicepwd"
>
> AuthLDAPGroupAttribute uniqueMember
> AuthLDAPGroupAttributeIsDN on
>
> require ldap-group cn=group1,ou=Groups,ou=corp,ou=organization,ou=org
>
> </Location>
>
> In group1 there is a list in uniqueMember attribute containing all the DN
> users.
--
Eric Covener
covener@xxxxxxxxx
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|