Re: [us...@httpd] Apache + LDAP + DAV + homes without ~
Great!
I understand your idea.
Thanks a lot!
Saxa
El 08/08/2010 13:29, Stefano Sasso escribió:
2010/8/3 Saxa Egeas...@saxa.dyndns.org:
Dear all,
I have compiled a httpd 2.2.16 with LDAP and DAV support running over SuSE
linux.
I'm trying to create a ftp like server through mod_dav. The authentication
is made to a LDAP directory.
I want to access with URL's like:
http://servername/user1000/
http://servername/user1001/
http://servername/user1002/
And just the user1000 should be able to access the user1000 directory, the
user1001 its own user1001 directory, etc.
I don't want to create a dedicated rule for each user/directory. And I don't
want to use the ~ at the beginning of the URL.
I resolved a problem like this using only servername, without the /user1001.
I have a virtualhost dav.mydomain.com with DAV enabled for read-write
access, and a virtualhost, web.mydomain.com for read-only access,
without DAV. (the r-o access from web.mydomain is in
web.mydomain/user123 format).
The dav.mydomain configuration is like this:
VirtualHost 192.168.17.124
ServerName dav.gnustile.lan
ServerAlias dav.*
DocumentRoot /srv/web
Directory /srv/web
DAV On
Options Indexes
Options +FollowSymLinks
AllowOverride None
AuthType Basic
AuthName WebDAV
AuthUserFile /etc/apache2/vhost.dav
require valid-user
/Directory
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/icons/
RewriteRule ^/(.*) /srv/web/%{LA-U:REMOTE_USER}/$1
Location /icons
LimitExcept GET
deny from all
/LimitExcept
/Location
# ...
/VirtualHost
bye,
stefano
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Apache + LDAP + DAV + homes without ~
2010/8/3 Saxa Egea s...@saxa.dyndns.org:
Dear all,
I have compiled a httpd 2.2.16 with LDAP and DAV support running over SuSE
linux.
I'm trying to create a ftp like server through mod_dav. The authentication
is made to a LDAP directory.
I want to access with URL's like:
http://servername/user1000/
http://servername/user1001/
http://servername/user1002/
And just the user1000 should be able to access the user1000 directory, the
user1001 its own user1001 directory, etc.
I don't want to create a dedicated rule for each user/directory. And I don't
want to use the ~ at the beginning of the URL.
I resolved a problem like this using only servername, without the /user1001.
I have a virtualhost dav.mydomain.com with DAV enabled for read-write
access, and a virtualhost, web.mydomain.com for read-only access,
without DAV. (the r-o access from web.mydomain is in
web.mydomain/user123 format).
The dav.mydomain configuration is like this:
VirtualHost 192.168.17.124
ServerName dav.gnustile.lan
ServerAlias dav.*
DocumentRoot /srv/web
Directory /srv/web
DAV On
Options Indexes
Options +FollowSymLinks
AllowOverride None
AuthType Basic
AuthName WebDAV
AuthUserFile /etc/apache2/vhost.dav
require valid-user
/Directory
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/icons/
RewriteRule ^/(.*) /srv/web/%{LA-U:REMOTE_USER}/$1
Location /icons
LimitExcept GET
deny from all
/LimitExcept
/Location
# ...
/VirtualHost
bye,
stefano
--
Stefano Sasso
http://stefano.dscnet.org/
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] Apache + LDAP + DAV + homes without ~
Dear all, I have compiled a httpd 2.2.16 with LDAP and DAV support running over SuSE linux. I'm trying to create a ftp like server through mod_dav. The authentication is made to a LDAP directory. I want to access with URL's like: http://servername/user1000/ http://servername/user1001/ http://servername/user1002/ And just the user1000 should be able to access the user1000 directory, the user1001 its own user1001 directory, etc. I don't want to create a dedicated rule for each user/directory. And I don't want to use the ~ at the beginning of the URL. I have tried: --- AliasMatch ^/user(.[0-9])/(.*) /home/user$1/$2 DirectoryMatch /user(.[0-9])/(.*) DAV on Order Allow,Deny Allow from All AuthType Basic AuthName LDAP Auth AuthBasicProvider ldap AuthzLDAPAuthoritative On AuthLDAPURL ldap://LDAPSERVER:389/o=LDAPBASE?userid?sub?(objectClass=Person) NONE AuthLDAPBindDN cn=LDAPUSER,o=LDAPBASE AuthLDAPBindPassword LDAPPASSWD /DirectoryMatch --- This is working fine until I try to limit the user user$1 to access the user$1 directory (example: user1000 is trying to access to the user1000 directory). I'm trying with the require user user$1. But it is not processed, it thinks is user$1, not user1000 user. I have also tried to user the require valid-user. But once you are authenticated then you can change the URL to any other directory. I have also tried to set and env (SetEnv UserID...) but it is not working too. Is there any solution for that? Any Idea? Thanks in advance Saxa - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
