You are viewing a plain text version of this content. The canonical link for it is here.
Posted to docs@httpd.apache.org by Darren Spruell <ph...@gmail.com> on 2007/01/23 18:13:43 UTC
[PATCH] clarification of fallthrough in mod_authnz_ldap
I wanted to propose a point of clarification to the documentation
surrounding the authorization phase described for mod_authnz_ldap.
This point is clarified a little further down in the file but could
stand to be more clear outside of the specific place it is mentioned.
Index: manual/mod/mod_authnz_ldap.xml
===================================================================
--- manual/mod/mod_authnz_ldap.xml (revision 499068)
+++ manual/mod/mod_authnz_ldap.xml (working copy)
@@ -226,8 +226,14 @@
<li>otherwise, deny or decline access</li>
</ul>
- <p>Other <directive module="core">Require</directive> values may also be
- used which may require loading additional authorization modules.</p>
+ <p>Other <directive module="core">Require</directive> values may also
+ be used which may require loading additional authorization modules.
+ Note that if you use a <directive module="core">Require</directive>
+ value from another authorization module, you will need to ensure that
+ <directive module="mod_authnz_ldap">AuthzLDAPAuthoritative</directive>
+ is set to <code>off</code> to allow the authorization phase to fall
+ back to the module providing the alternate
+ <directive module="core">Require</directive> value.</p>
<ul>
<li>Grant access if there is a <a href="#requser"><code>require
--
Darren Spruell
phatbuckett@gmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org
Re: [PATCH] clarification of fallthrough in mod_authnz_ldap
Posted by Noirin Plunkett <no...@apache.org>.
+1
Sounds good, thanks for this =)
Noirin
On Tue, Jan 23, 2007 at 10:13:43AM -0700, Darren Spruell wrote:
> I wanted to propose a point of clarification to the documentation
> surrounding the authorization phase described for mod_authnz_ldap.
> This point is clarified a little further down in the file but could
> stand to be more clear outside of the specific place it is mentioned.
>
> Index: manual/mod/mod_authnz_ldap.xml
> ===================================================================
> --- manual/mod/mod_authnz_ldap.xml (revision 499068)
> +++ manual/mod/mod_authnz_ldap.xml (working copy)
> @@ -226,8 +226,14 @@
> <li>otherwise, deny or decline access</li>
> </ul>
>
> - <p>Other <directive module="core">Require</directive> values may also
> be
> - used which may require loading additional authorization modules.</p>
> + <p>Other <directive module="core">Require</directive> values may also
> + be used which may require loading additional authorization modules.
> + Note that if you use a <directive module="core">Require</directive>
> + value from another authorization module, you will need to ensure that
> + <directive module="mod_authnz_ldap">AuthzLDAPAuthoritative</directive>
> + is set to <code>off</code> to allow the authorization phase to fall
> + back to the module providing the alternate
> + <directive module="core">Require</directive> value.</p>
>
> <ul>
> <li>Grant access if there is a <a href="#requser"><code>require
>
> --
> Darren Spruell
> phatbuckett@gmail.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
> For additional commands, e-mail: docs-help@httpd.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org