You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "William A. Rowe, Jr." <wr...@rowe-clan.net> on 2005/03/23 01:04:03 UTC
Re: svn commit: r125465
httpd/httpd/trunk/modules/ldap/util_ldap.c
At 03:29 PM 3/22/2005, Paul Querna wrote:
>Rici Lake wrote:
>>The referenced commit added two OR_ALL directives to util_ldap:
>> LDAPTrustedClientCert
>> LDAPTrustedMode
>
>I am going to change these to RSRC_CONF right now. It is just completely broken to attempt to use the OR_ALL context.
Nope, the correct context would have been OR_AUTHCFG. Now, as
far as if we can/should allow these in htaccess is another question.
OR_ALL would have introduced a security hole.