You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2003/03/03 16:33:24 UTC
DO NOT REPLY [Bug 17599] New: -
auth ldap binds as user and loses access rights
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17599>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17599
auth ldap binds as user and loses access rights
Summary: auth ldap binds as user and loses access rights
Product: Apache httpd-2.0
Version: HEAD
Platform: PC
OS/Version: Linux
Status: NEW
Severity: Normal
Priority: Other
Component: mod_auth_ldap
AssignedTo: bugs@httpd.apache.org
ReportedBy: sebastian.tusk@gmx.net
On a new connection to a ldap server auth_ldap binds as admin with the binddn
and bindpassword given in the apache configuration file. With this binding the
first user is authenticated. The authentication process binds this user to the
ldap connection. The problem herein is that subsequent authentications are done
with the access rights of the user and not as admin. If the users doesn't have
the right to read from the ldap server, the user search done during the
authentication process fails and so the entire authentication.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org