You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Rainer Sokoll <r....@intershop.de> on 2010/09/14 10:48:34 UTC
[users@httpd] Zugriff fuer eine LDAP-Gruppe verbieten
Hallo,
folgendes Problem (apache 2.0.63):
Auf einen bestimmten Pfad, der zugriffsgeschützt ist (mod_ldap) sollen
alle authentifizierten User zugreifen können - bis auf eine bestimmte
LDAP-Gruppe.
Ich dachte an sowas:
<Location /pfad/>
Auth-Geraffel
require valid-user
<LimitExcept ALL>
require group cn=....
</LimitExcept>
</Location>
Aber das LimitExcept macht mir Sorgen - ich mag dort eigentlich nicht
jede denkbare Methode verewigen.
Hat jemand hier vielleicht einen inteligenteren Vorschlag?
Rainer
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Zugriff fuer eine LDAP-Gruppe verbieten
Posted by Rainer Sokoll <r....@intershop.de>.
Oh, stupid me. I apologize for the previous post in German.
My problem (apache 2.0.63):
I have a certain path, protected by mod_auth_ldap. Access is granted to
authenticated users only.
Now, I need to deny access for all members of a certain LDAP group, but
all the other users still must have access.
I thought somthing like this can solve the problem:
<Location /path/to/somewhere/>
Auth-stuff
require valid-user
<LimitExcept ALL>
require group cn=....
</LimitExcept>
</Location>
But I wonder about the LimitExcept directive. I do not want to include
all possible methods here.
Is there a more intelligent way to solve my problem?
Again, sorry for the German noise :-)
Rainer
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org