RE: A openldap question!!!
No wonder it doesn't work, first of all you DENIED everyone
and ALLOW nobody. Also, your AuthLDAPUrl is incorrect.
I don't understand why you are log in as admin to do basic authentication.
You don't need that, and if you really have to login as admin encrypt your
password.
btw AuthLDAPAuthoritative is on by default
here is a sample of how I would do it
----begin-----
AuthName "My super secret web site"
AuthLDAPUrl ldap://192.168.20.220/dc=localhost
AuthType Basic
<Limit GET POST>
order deny,allow
deny from all
allow from 192.168.20.220
require user cc4f4
</Limit>
---end-----
however, it maybe better to setup a group for people allowed to access
the site and then use something like
Require group cn=cn,ou=groups,dc=localhost
all it can be done by limiting access on AuthLDAPUrl level
for example in your case it would be something like
AuthLDAPUrl ldap://10.20.33.12/dc=localhost?uid??(uid=cc4f4)
require valid-user
same process applies to groups
Marcin Kurc
CAD Systems Administrator
Cooper-Standard Automotive
-----Original Message-----
From: axacheng [mailto:axanet@ms32.hinet.net]
Sent: Wednesday, March 20, 2002 4:04 AM
To: debian-user@lists.debian.org
Subject: A openldap question!!!
Hello List
i have already used apt-get install libapache-auth-ldap and
i used the .htaccess to restrict access permission
so that,i made a config for .htaccess
###BEGIN .htaccess
AuthLDAPAuthoritative on
AuthLDAPUrl ldap://192.168.20.220/
AuthLDAPBindDN cn=root2,dc=localhost
AuthLDAPBindPassword cc4f4
AuthType Basic
<Limit GET POST>
order deny,allow
deny from all
require user cc4f4
</Limit>
###END
my openldap server is 192.168.20.220
openldap adminstrator is root2
openldap adminstrator passwd is cc4f4
NOW,i use IE5.5 browser to connect to my webserver but LDAP seems
NOT WORK......... might be .htaccess IS NOT fetch adminstrator passwd
to openldap config file (slapd.conf)
ANY HELPER CAN HELP ME?
--
Trust & Unique ...
axacheng <axanet@ms32.hinet.net>
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: