You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2011/09/25 23:25:44 UTC

DO NOT REPLY [Bug 47676] mod_authnz_ldap successful authorization passed through to mod_authz_groupfile

https://issues.apache.org/bugzilla/show_bug.cgi?id=47676

Eric Covener <co...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |INVALID

--- Comment #15 from Eric Covener <co...@gmail.com> 2011-09-25 21:25:44 UTC ---
After looking again at this, I think the user must make authz_groupfile
non-authoritative since all access checks in 2.2 must be run.  

Just changing the order LDAP registers itself IMO is only applicable to 2.2.x
and is unnecessary change for users expecting the other order.

Net: all authz providers are checked, and generally if an authz provider has
any of its own requirements in effect it will return unauthorized unless you
set it's authoritative flag.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org