asommer |
04-13-2007 02:46 PM |
Apache LDAP Group
Hello,
I've configured Apache to use LDAP to authenticate users, and it works great. What I want to do is restrict access to users in a specific group. I've added the directives that I believe will do that, but everything I've tried still lets any user login.
I've followed the info here:
http://httpd.apache.org/docs/2.0/mod....html#reqgroup
http://httpd.apache.org/docs/2.0/mod...groupattribute
I'm using a Gentoo 2006.1 system with Apache 2.0.58 and an OpenLDAP 2.2.13 server.
This is my config:
Code:
<IfDefine SVN>
<IfModule !mod_dav_svn.c>
LoadModule dav_svn_module modules/mod_dav_svn.so
</IfModule>
<Location /svn>
DAV svn
SVNPath /var/svn/
AuthType Basic
Options Indexes FollowSymLinks
AllowOverride None
order allow,deny
allow from all
AuthName "Authorize Me"
AuthLDAPURL ldaps://adam-test01.salem.edu:636/dc=salem,dc=edu?uid?sub?(objectClass=posixAccount)
AuthLDAPBindDN "cn=Manager,dc=salem,dc=edu"
AuthLDAPBindPassword password
Require valid-user
SVNIndexXSLT "/svnindex.xsl"
#AuthLDAPGroupAttribute uniqueMember
AuthLDAPGroupAttributeIsDN on
Require group cn=SVNGroup,ou=Groups
</Location>
</IfDefine>
Any ideas and/or links to other documentation is greatly appreciated.
|