On 3/18/06, Graham Leggett <[EMAIL PROTECTED]> wrote: > [EMAIL PROTECTED] wrote: > > > URL: http://svn.apache.org/viewcvs?rev=386776&view=rev > > Log: > > LDAPConnectionTimeout and LDAPVerifyServerCert can be configured > > per-vhost > > We need to note in addition to this that not all LDAP SDK libraries > support the concept of separately configurable "verify server cert" > behaviour. > > In other words, even though you specify LDAPVerifyServerCert in LDAP > connections from vhost A, you end up overriding this when you specify it > in vhost B. > > This affects people using the Novell SDK.
Beyond doc, do you agree we can change the code so that the virtual host configuration is disallowed when APR_HAS_NOVELL_LDAPSDK? > I think putting a note in the directive pointing people to > http://httpd.apache.org/docs/2.2/mod/mod_ldap.html#settingcerts will > save some questions on mailing lists. Sure. If we tweak the code to disallow vhost coding for libraries where we know it doesn't work, that will affect the wording.