You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2010/05/30 00:49:17 UTC
svn commit: r949444 - in /httpd/httpd/trunk/docs/manual/mod:
mod_authnz_ldap.html.en mod_authnz_ldap.xml
Author: covener
Date: Sat May 29 22:49:17 2010
New Revision: 949444
URL: http://svn.apache.org/viewvc?rev=949444&view=rev
Log:
emphasize that trying to use the basic auth credentials directly
is a last resort.
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.html.en
httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml
Modified: httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.html.en?rev=949444&r1=949443&r2=949444&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.html.en Sat May 29 22:49:17 2010
@@ -975,6 +975,11 @@ own username, instead of anonymously or
<p> If the verbatim username can't directly bind, but needs some
cosmetic transformation, see <code class="directive"><a href="# authldapinitialbindpattern">
AuthLDAPInitialBindPattern</a></code>.</p>
+
+ <p> This directive should only be used when your LDAP server doesn't
+ accept anonymous searches and you cannot use a dedicated
+ <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code>.
+ </p>
<div class="note"><h3>Not available with authorization-only</h3>
This directive can only be used if this module authenticates the user, and
@@ -1007,6 +1012,11 @@ to perform a DN lookup</td></tr>
<p> The regular expression argument is compared against the current basic authentication username.
The substitution argument may contain backreferences, but has no other variable interpolation.</p>
+ <p> This directive should only be used when your LDAP server doesn't
+ accept anonymous searches and you cannot use a dedicated
+ <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code>.
+ </p>
+
<div class="example"><p><code> AuthLDAPInitialBindPattern (.+) $1@example.com </code></p></div>
<div class="example"><p><code> AuthLDAPInitialBindPattern (.+) cn=$1,dc=example,dc=com</code></p></div>
Modified: httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml?rev=949444&r1=949443&r2=949444&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_authnz_ldap.xml Sat May 29 22:49:17 2010
@@ -824,6 +824,11 @@ own username, instead of anonymously or
<p> If the verbatim username can't directly bind, but needs some
cosmetic transformation, see <directive module="mod_authnz_ldap">
AuthLDAPInitialBindPattern</directive>.</p>
+
+ <p> This directive should only be used when your LDAP server doesn't
+ accept anonymous searches and you cannot use a dedicated
+ <directive module="mod_authnz_ldap">AuthLDAPBindDN</directive>.
+ </p>
<note><title>Not available with authorization-only</title>
This directive can only be used if this module authenticates the user, and
@@ -852,6 +857,11 @@ to perform a DN lookup</description>
<p> The regular expression argument is compared against the current basic authentication username.
The substitution argument may contain backreferences, but has no other variable interpolation.</p>
+ <p> This directive should only be used when your LDAP server doesn't
+ accept anonymous searches and you cannot use a dedicated
+ <directive module="mod_authnz_ldap">AuthLDAPBindDN</directive>.
+ </p>
+
<example> AuthLDAPInitialBindPattern (.+) $1@example.com </example>
<example> AuthLDAPInitialBindPattern (.+) cn=$1,dc=example,dc=com</example>