On 11/29/06, Graham Leggett <[EMAIL PROTECTED]> wrote:
On Wed, November 29, 2006 2:19 pm, Nick Kew wrote:
> When the configuration is merged, the one that appears later in
> httpd.conf overrides the other where there is conflict.
What constitutes a conflict?
> What Satisfy value are you using?
The config looks like this:
# Password protect bugzilla with native LDAP plugin
<Location /bugzilla>
AuthType Basic
AuthName "User principal name"
AuthLDAPEnabled on
AuthLDAPBindDN zzz
AuthLDAPBindPassword zzz
AuthLDAPURL ldap://zzz:3268/?userPrincipalName,mail,cn?sub
AuthLDAPAuthoritative on
require valid-user
Satisfy all
</Location>
# Password protect this entire website using Redhat LDAP plugin
<Location />
AuthName "Username"
AuthzLDAPMethod ldap
AuthzLDAPAuthoritative on
AuthzLDAPServer zzz:3268
AuthzLDAPUserBase zzz
AuthzLDAPUserKey sAMAccountName
AuthzLDAPUserScope subtree
AuthzLDAPBindDN zzz
AuthzLDAPBindPassword zzz
AuthType basic
require valid-user
Order allow,deny
Allow from 127.0.0.1/32 10.182.227.16
Satisfy Any
</Location>
If I swap the two Locations around, the effect is the same - / always wins.
The Order/Allow stuff in / will apply to both places because it isn't
overridden in /bugzilla.
Easy fix: Use <LocationMatch ^/(?!bugzilla)> instead of <Location />.
Joshua.