On 25 Sep 2010, at 08:14, swm38 swm38 wrote:
Hello,
I've set up ldap authentication and would like to allow access to all
users in groupA and another user userA (not part of the group).
Require user userA
Require ldap-group groupA
Satisfy any
This doesn't work, it accepts any user.
2010/9/25, Nick Kew n...@webthing.com:
The concept you're looking for is Authoritative authorization (you need
to turn it Off to use more than one Require with OR logic).
I tried setting AuthzLDAPAuthoritative off, without success, it's
still AND logic (group and user must match).
Reading the
Just a side note : Apache should be able to do form authentication soon
(?) :
http://httpd.apache.org/docs/trunk/mod/mod_auth_form.html
Emmanuel
(...)
I've seen mention of apache using a login page, rather than the usual
popup. Is there a way to do that? It might have a nicer feel for
users.
Hi,
Ross Boylan schrieb:
Suppose I have apache running in front of a web application and
subversion.
I don't use svn, but I think it is (in apache) somehow related with
WebDAV, which we use.
I am thinking of a scenario in which the web application provides a
login page. However, the user
Ross et al.,
I'm not sure I understand the actual question at hand -- you have (or
want to write) a Smalltalk-based application that runs in it's own
webserver, and proxy to that with httpd? Where is the SVN access
happening? From the Smalltalk app? From httpd?
Is this SVN-webapp something like
Peter Schober wrote:
Ross et al.,
I agree, and that is what I was trying to tell Ross, although apparently
not as clearly :
You should not try to do the authentication at the level of one
application, and then pass it up to Apache for other applications to
use. That will always give you
[tangent alert]
On Tue, May 12, 2009 at 10:05:41AM +0200, Peter Schober wrote:
[other good advice trimmed]
Your problem will be to make the various applications running under
Apache aware of the single sign-on.
This is indeed as much an art as a science. Every self-respecting
Thanks to everyone for some really good information.
@Marc Paterman, svn's apache module is dav_svn, so it's definitely DAV
related. I'm not sure if it simply supports DAV or if that is its
native mode; I suspect the former.
On Tue, 2009-05-12 at 10:05 +0200, Peter Schober wrote:
Ross et al.,
* Ross Boylan r...@biostat.ucsf.edu [2009-05-12 18:17]:
Where is the SVN access
happening? From the Smalltalk app? From httpd?
Both, though the smalltalk app is only going to talk to svn via http.
There are potentially several scenarios (though I could probably
dispense with some of them):
Ross Boylan wrote:
...
Without going into the details of the why and the when and the where,
let's assume that if the organisation has decided to implement some
global authentication scheme, and roll it out over time, then the first
thing I would do, before starting to implement my own
Ross Boylan wrote:
...
I've seen mention of apache using a login page, rather than the usual
popup. Is there a way to do that? It might have a nicer feel for
users.
The usual popup is built into each browser. It appears only when the
HTTP server is requesting a Basic or Digest type of
Ross Boylan wrote:
Suppose I have apache running in front of a web application and
subversion.
I am thinking of a scenario in which the web application provides a
login page. However, the user may also browse to web pages served by
subversion.
Is there a way that my app can have someone
Jonathan Zuckerman wrote:
On Sat, May 9, 2009 at 9:34 AM, Ross Boylan r...@biostat.ucsf.edu wrote:
Suppose I have apache running in front of a web application and
subversion.
I am thinking of a scenario in which the web application provides a
login page. However, the user may also browse to
On Sat, May 9, 2009 at 12:34 PM, Ross Boylan r...@biostat.ucsf.edu wrote:
Suppose I have apache running in front of a web application and
subversion.
I am thinking of a scenario in which the web application provides a
login page. However, the user may also browse to web pages served by
On Mon, 2009-05-11 at 11:21 -0400, Nick Owen wrote:
On Sat, May 9, 2009 at 12:34 PM, Ross Boylan r...@biostat.ucsf.edu wrote:
Suppose I have apache running in front of a web application and
subversion.
I am thinking of a scenario in which the web application provides a
login page.
Ross Boylan wrote:
On Mon, 2009-05-11 at 11:21 -0400, Nick Owen wrote:
On Sat, May 9, 2009 at 12:34 PM, Ross Boylan r...@biostat.ucsf.edu wrote:
Suppose I have apache running in front of a web application and
subversion.
I am thinking of a scenario in which the web application provides a
* André Warnier a...@ice-sa.com [2009-05-11 19:24]:
in all kinds of applications that can run under Apache, to obtain a
user-id ? The answer is basically no, because Apache (and HTTP) do not
define such a standard mechanism.
Support for REMOTE_USER is not so bad, I'd say.
-peter
Peter Schober wrote:
* André Warnier a...@ice-sa.com [2009-05-11 19:24]:
in all kinds of applications that can run under Apache, to obtain a
user-id ? The answer is basically no, because Apache (and HTTP) do not
define such a standard mechanism.
Support for REMOTE_USER is not so bad, I'd
On Mon, May 11, 2009 at 1:01 PM, Ross Boylan r...@biostat.ucsf.edu wrote:
On Mon, 2009-05-11 at 11:21 -0400, Nick Owen wrote:
On Sat, May 9, 2009 at 12:34 PM, Ross Boylan r...@biostat.ucsf.edu wrote:
Suppose I have apache running in front of a web application and
subversion.
I am
On Mon, 2009-05-11 at 19:23 +0200, André Warnier wrote:
Ross Boylan wrote:
On Mon, 2009-05-11 at 11:21 -0400, Nick Owen wrote:
On Sat, May 9, 2009 at 12:34 PM, Ross Boylan r...@biostat.ucsf.edu wrote:
Suppose I have apache running in front of a web application and
subversion.
I am
On Sat, May 9, 2009 at 9:34 AM, Ross Boylan r...@biostat.ucsf.edu wrote:
Suppose I have apache running in front of a web application and
subversion.
I am thinking of a scenario in which the web application provides a
login page. However, the user may also browse to web pages served by
21 matches
Mail list logo
