You are viewing a plain text version of this content. The canonical link for it is here.

Posted to docs@httpd.apache.org by Darren Spruell <ph...@gmail.com> on 2007/01/22 22:50:07 UTC

Clarification in /mod/mod_authnz_ldap.html: authorization

I wanted to propose a point of clarification to the documentation
surrounding the authorization phase described under "Apache Module
mod_authnz_ldap" at
http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html;
documentation for the 2.3 version appears to be the same WRT this
item.

The section "The Authorization Phase" contains this statement:

"Other Require values may also be used which may require loading
additional authorization modules."

I think this could be improved by extending it some:

"Other Require values may also be used which may require loading
additional authorization modules. Note that if you use a Require value
from another authorization module, you will have to ensure that
AuthzLDAPAuthoritative is set to Off to allow the authorization to
fall back to the module providing the alternate Require value."

Afterward, it might be beneficial to illustrate this with an addition
to the Examples which follow.

If there's a negative reaction to this proposal it may be because the
operation is obvious to the astute reader. I for one spent the better
part of 4 hours trying to diagnose this issue and would benefit from
it being spelled out.

Regards,

-- 
Darren Spruell
phatbuckett@gmail.com

---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org

Re: Clarification in /mod/mod_authnz_ldap.html: authorization

Posted by Brad Nicholes <BN...@novell.com>.

>>> On 1/22/2007 at 2:50 PM, in message
<83...@mail.gmail.com>, "Darren Spruell"
<ph...@gmail.com> wrote:
> I wanted to propose a point of clarification to the documentation
> surrounding the authorization phase described under "Apache Module
> mod_authnz_ldap" at
> http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html;
> documentation for the 2.3 version appears to be the same WRT this
> item.
> 
> The section "The Authorization Phase" contains this statement:
> 
> "Other Require values may also be used which may require loading
> additional authorization modules."
> 
> I think this could be improved by extending it some:
> 
> "Other Require values may also be used which may require loading
> additional authorization modules. Note that if you use a Require value
> from another authorization module, you will have to ensure that
> AuthzLDAPAuthoritative is set to Off to allow the authorization to
> fall back to the module providing the alternate Require value."
> 
> Afterward, it might be beneficial to illustrate this with an addition
> to the Examples which follow.
> 
> If there's a negative reaction to this proposal it may be because the
> operation is obvious to the astute reader. I for one spent the better
> part of 4 hours trying to diagnose this issue and would benefit from
> it being spelled out.
> 
> Regards,


Good idea.  Can you submit a patch to the doc?

Brad

---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org