[users@httpd] After authentication, How to authorize users according to IP (or host)?

Mark jensen Tue, 22 Jul 2014 07:39:39 -0700

According to this page: 
http://httpd.apache.org/docs/current/mod/mod_authz_host.html , we can authorize 
the users  after Authentication, Is this true?


My problem is I'm trying to authenticate all my users (using LDAP) except some 
IPs, it have worked will:

<Directory /var/www/html/ldap>
      Order allow,deny
      Allow from 192.168.1.2 192.168.1.7
      Satisfy any
      AuthName "LDAP Authentication"
      AuthType Basic

      AuthBasicProvider ldap
      AuthzLDAPauthoritative off
      AuthLDAPURL ldap://192.168.1.3/dc=hiast,dc=com?uid?sub?(objectClass=*)
      Require host
</Directory>

but when I add this line "Require ip 192.168.1.2"

<Directory /var/www/html/ldap>
      Order allow,deny
      Allow from 192.168.1.2 192.168.1.7
      Satisfy any
      AuthName "LDAP Authentication"
      AuthType Basic
      Require ip 192.168.1.2
      AuthBasicProvider ldap
      AuthzLDAPauthoritative off
      AuthLDAPURL ldap://192.168.1.3/dc=hiast,dc=com?uid?sub?(objectClass=*)
      Require valid-user
</Directory>


apache let 192.168.1.2 && 192.168.1.7 to enter the directory, so where is the 
authorization? How can I make this directory available only for 192.168.1.2 and 
not to 192.168.1.7?

[users@httpd] After authentication, How to authorize users according to IP (or host)?

Reply via email to