thr3ads.net - CentOS - [CentOS] mod_auth_ldap Apache2 on CentOS 5 and require group [Apr 2008]

If this information is useful, please help other people find it:
Share via:

David Hláčik

2008-Apr-10 18:35 UTC

[CentOS] mod_auth_ldap Apache2 on CentOS 5 and require group

Hi , i am facing a strange problem.

I have centos , i wan to access svn trought apache using mod auth ldap.

This is what i have configured

       AuthLDAPBindDN cn=svn,ou=Operators,o=Organization
        AuthLDAPBindPassword Pass1
        AuthLDAPURL "ldap://ldap/ou=Users,o=Organization?uid"
        AuthLDAPGroupAttribute member
        AuthLDAPGroupAttributeIsDN on
        Require group cn=tester2,ou=Groups,o=Organization

What is strange?

According to doc it will accept only users which DN is in group
cn=teste2,ou=Groups,o=Organization.

How come, for me it will accept every one user from LDAP?

Thanks in advance!
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.centos.org/pipermail/centos/attachments/20080410/89a47ebe/attachment-0001.html>

Jeff Larsen

2008-Apr-10 18:54 UTC

head link

[CentOS] mod_auth_ldap Apache2 on CentOS 5 and require group

On Thu, Apr 10, 2008 at 1:35 PM, David Hl??ik <david at hlacik.eu>
wrote:> Hi , i am facing a strange problem.
>
> I have centos , i wan to access svn trought apache using mod auth ldap.
>
> This is what i have configured
>
>        AuthLDAPBindDN cn=svn,ou=Operators,o=Organization
>         AuthLDAPBindPassword Pass1
>         AuthLDAPURL "ldap://ldap/ou=Users,o=Organization?uid"
>         AuthLDAPGroupAttribute member
>         AuthLDAPGroupAttributeIsDN on
>          Require group cn=tester2,ou=Groups,o=Organization
>
> What is strange?
>
> According to doc it will accept only users which DN is in group
> cn=teste2,ou=Groups,o=Organization.
>
> How come, for me it will accept every one user from LDAP?
Your config looks correct, if it is in the correct context element in
your .conf file. Is it within a <Location> element that references
your svn repository path? Please show more of your config.

Are you sure Apache is querying the LDAP server? Are you prompted for
a login. Are you denied if a bad password or username is given?

--
Jeff

Jim Perrin

2008-Apr-10 19:03 UTC

head link

[CentOS] mod_auth_ldap Apache2 on CentOS 5 and require group

On Thu, Apr 10, 2008 at 2:35 PM, David Hl??ik <david at hlacik.eu>
wrote:> Hi , i am facing a strange problem.
>
> I have centos , i wan to access svn trought apache using mod auth ldap.
>
> This is what i have configured
>
>        AuthLDAPBindDN cn=svn,ou=Operators,o=Organization
>         AuthLDAPBindPassword Pass1
>         AuthLDAPURL "ldap://ldap/ou=Users,o=Organization?uid"
>         AuthLDAPGroupAttribute member
>         AuthLDAPGroupAttributeIsDN on
>          Require group cn=tester2,ou=Groups,o=Organization
>
> What is strange?
>
> According to doc it will accept only users which DN is in group
> cn=teste2,ou=Groups,o=Organization.
>
> How come, for me it will accept every one user from LDAP?
>
> Thanks in advance!
Is this for centos 4 or centos5?


-- 
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell

Apparently Analagous Threads

Search for more seemingly similar threads

CentOS - Apr 2008 - mod_auth_ldap Apache2 on CentOS 5 and require group

[CentOS] mod_auth_ldap Apache2 on CentOS 5 and require group

[CentOS] mod_auth_ldap Apache2 on CentOS 5 and require group

[CentOS] mod_auth_ldap Apache2 on CentOS 5 and require group

Apparently Analagous Threads