[CentOS] mod_auth_ldap Apache2 on CentOS 5 and require group
David Hláčik
david at hlacik.eu
Thu Apr 10 21:01:15 UTC 2008
Hi, all,
1) it is CentOs 5.1
2) i am sure that LDAP is working according to error and access logs (when i
will type bad user it will fail, when i will type bad password it will
inform me about password mismath)
3) yes it is in correct <Location> directory
I am sending whole config file :
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.
<IfModule mod_dav_svn.c>
# - uncomment location section below and modify it according to your
situation.
# You will need to change at least the AuthLDAPURL
parameter.
#
# Documentation of the LDAP module used, and its parameters, is available
at
# http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html
# http://httpd.apache.org/docs/2.2/mod/mod_ldap.html
#
<Location
/repo>
# # enable Web DAV HTTP access methods
DAV svn
#
# # repository
location
SVNPath
"/srv/polarion/svn/repo"
#
# # write requests from WebDAV clients result in automatic commits
SVNAutoversioning
on
#
AuthName "Subversion
repository"
#
# # per-directory access control
AuthzSVNAccessFile
"/srv/polarion/svn/access"
#
AuthType
Basic
AuthBasicProvider
ldap
#
# # allow mod_authnz_ldap to decline group authentication so that
Apache
# # will fall back to file authentication for checking group
membership
AuthzLDAPAuthoritative On
#
# AuthLDAPURL "
ldap://yourExampleServer.com:389/ou=People,o=organization.org?uid"
#
# Require valid-user
#
AuthLDAPURL "ldap://server/ou=Users,o=Organization?uid"
Require ldap-group "cn=tester2,ou=Groups,o=Organization"
#Require ldap-dn cn=Hlacik David,ou=Users,o=Organization
AuthLDAPBindDN cn=svn,ou=Operators,o=Organization
AuthLDAPBindPassword svn1
</Location>
</IfModule>
2008/4/10 Jim Perrin <jperrin at gmail.com>:
> On Thu, Apr 10, 2008 at 2:35 PM, David Hláčik <david at hlacik.eu> wrote:
> > Hi , i am facing a strange problem.
> >
> > I have centos , i wan to access svn trought apache using mod auth ldap.
> >
> > This is what i have configured
> >
> > AuthLDAPBindDN cn=svn,ou=Operators,o=Organization
> > AuthLDAPBindPassword Pass1
> > AuthLDAPURL "ldap://ldap/ou=Users,o=Organization?uid"
> > AuthLDAPGroupAttribute member
> > AuthLDAPGroupAttributeIsDN on
> > Require group cn=tester2,ou=Groups,o=Organization
> >
> > What is strange?
> >
> > According to doc it will accept only users which DN is in group
> > cn=teste2,ou=Groups,o=Organization.
> >
> > How come, for me it will accept every one user from LDAP?
> >
> > Thanks in advance!
>
> Is this for centos 4 or centos5?
>
>
> --
> During times of universal deceit, telling the truth becomes a
> revolutionary act.
> George Orwell
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20080410/fc68ef18/attachment.html>
More information about the CentOS
mailing list