https://bz.apache.org/bugzilla/show_bug.cgi?id=65945
Bug ID: 65945 Summary: Enhance mod_authnz_ldap to set attribute with group memberships Product: Apache httpd-2 Version: 2.5-HEAD Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P2 Component: mod_authnz_ldap Assignee: bugs@httpd.apache.org Reporter: christopher.l...@icloud.com Target Milestone: --- Please extend mod_authnz_ldap to set a computed/generated attribute with the LDAP group information of the current requests user. I was successful in configuring the module to set environment variables from the user's LDAP entry such as uid ("AUTHORIZE_uid") and cn ("AUTHORIIZE_cn") as documented here: https://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html#exposed However I cannot find any attribute that holds the list of group memberships. I tried the attributes member, uniqueMember and memberof; none seem to be set by mod_authnz_ldap. I think we're using a simple & standard LDAP group. It's defined with "objectClass: groupOfUniqueNames", a dn and cn, plus a list of uniqueMember items that name our users. I'm not the only one who would like this :) here are other people asking for this same capability: https://stackoverflow.com/questions/53496804/exposing-group-information-with-mod-authnz-ldap https://serverfault.com/questions/732107/can-apache-expose-the-ldap-group-used-to-authenticate-to-a-php-application# Thanks for considering it! -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org