]>
Commit | Line | Data |
---|---|---|
6f705808 OS |
1 | ### mod_vhost_ldap depends on mod_ldap ### |
2 | ### you have to enable mod_ldap as well ### | |
866f0833 PW |
3 | ### and probably set various cache options for it ### |
4 | ||
5 | ###scope values: base, one, sub | |
6 | ###deref values: never, finding, searching, always | |
7 | ###remember, user specified filter is checked as RFC-defined ldap filter before substitution | |
8 | ###user filter specified here results with following internal filters and variables: | |
9 | ### _A_ is the server name from the request (vhost server name to find) | |
10 | ### _B_ is the uri for which access control is to be determined | |
11 | ### _C_ is the name of the require valid-user directive (auth prompt message) | |
12 | ### _D_ is the the user-defined filter | |
13 | ### _E_ is the protected physical directory (doesn't need to be existing file or dir) | |
14 | ### _F_ is the alias location uri | |
15 | ### _G_ is the protected uri for which access control is to be determined (see _E_) | |
16 | ### _H_ is the alias uri which is to be aliased to specified directory | |
17 | ### Each use of search filter is logged with debug level | |
18 | ||
19 | ##################################################################### | |
20 | ### Vhost search | |
21 | ### (&(_D_)(|(apacheServerName=_A_)(apacheServerAlias=_A_))) | |
22 | ##################################################################### | |
23 | ### Protected Location Search | |
24 | ### (&(_D_)(apacheExtConfigServerName=_A_)(apacheExtConfigUri=_B_)) | |
25 | ##################################################################### | |
26 | ### Protected Directory Search | |
27 | ### (&(_D_)(apacheExtConfigPath=_E_)) | |
28 | ##################################################################### | |
29 | ### Alias Object Search | |
30 | ### (&(_D_)(apacheAliasConfigServerName=_A_)(apacheAliasConfigSourceUri=_H_)) | |
31 | ##################################################################### | |
32 | ### Web user Location Search | |
33 | ### (&(_D_)(objectClass=apacheExtendedConfigUserObject)(apacheExtConfigUserServerName=_A_)(apacheExtConfigUserLocationUri=_G_)) | |
34 | ##################################################################### | |
35 | ### Web user Directory Search | |
36 | ### (&(_D_)(objectClass=apacheExtendedConfigUserObject)(apacheExtConfigUserDirectoryName=_E_)) | |
37 | ################################## | |
38 | ||
39 | ### ldap[si]://host[:port]/basedn[?attrib[?scope[?filter]]] | |
40 | ||
41 | VhostLdapEnabled On | |
42 | VhostLdapUrl ldap[si]://host[:port]/basedn[?attrib[?scope[?filter]]] | |
43 | #VhostLdapUrl ldap://hostname:389/dc=foo,dc=bar?*?sub?objectClass=activeObject | |
44 | VhostLdapBindDn "cn=read only apache admin,dc=foo,dc=bar" | |
45 | VhostLdapBindPw "secretpassword" | |
46 | VhostLdapWlcBaseDn "ou=webAccess,dc=foo,dc=bar" | |
47 | VhostLdapWucBaseDn "ou=webAccounts,dc=foo,dc=bar" | |
48 | VhostLdapAliasesBaseDn "ou=webAliases,dc=foo,dc=bar" | |
49 | VhostLdapDeref "never" | |
50 | VhostLdapFallback default | |
51 | VhostAliasesEnabled On | |
52 | VhostLocAuthEnabled On | |
53 | VhostDirAuthEnabled On | |
7f9875bb | 54 | |
7f9875bb | 55 |