1 ### mod_vhost_ldap depends on mod_ldap ###
2 ### you have to enable mod_ldap as well ###
3 ### and probably set various cache options for it ###
5 ###scope values: base, one, sub
6 ###deref values: never, finding, searching, always
7 ###remember, user specified filter is checked as RFC-defined ldap filter before substitution
8 ###user filter specified here results with following internal filters and variables:
9 ### _A_ is the server name from the request (vhost server name to find)
10 ### _B_ is the uri for which access control is to be determined
11 ### _C_ is the name of the require valid-user directive (auth prompt message)
12 ### _D_ is the the user-defined filter
13 ### _E_ is the protected physical directory (doesn't need to be existing file or dir)
14 ### _F_ is the alias location uri
15 ### _G_ is the protected uri for which access control is to be determined (see _E_)
16 ### _H_ is the alias uri which is to be aliased to specified directory
17 ### Each use of search filter is logged with debug level
19 #####################################################################
21 ### (&(_D_)(|(apacheServerName=_A_)(apacheServerAlias=_A_)))
22 #####################################################################
23 ### Protected Location Search
24 ### (&(_D_)(apacheExtConfigServerName=_A_)(apacheExtConfigUri=_B_))
25 #####################################################################
26 ### Protected Directory Search
27 ### (&(_D_)(apacheExtConfigPath=_E_))
28 #####################################################################
29 ### Alias Object Search
30 ### (&(_D_)(apacheAliasConfigServerName=_A_)(apacheAliasConfigSourceUri=_H_))
31 #####################################################################
32 ### Web user Location Search
33 ### (&(_D_)(objectClass=apacheExtendedConfigUserObject)(apacheExtConfigUserServerName=_A_)(apacheExtConfigUserLocationUri=_G_))
34 #####################################################################
35 ### Web user Directory Search
36 ### (&(_D_)(objectClass=apacheExtendedConfigUserObject)(apacheExtConfigUserDirectoryName=_E_))
37 ##################################
39 ### ldap[si]://host[:port]/basedn[?attrib[?scope[?filter]]]
42 VhostLdapUrl ldap[si]://host[:port]/basedn[?attrib[?scope[?filter]]]
43 #VhostLdapUrl ldap://hostname:389/dc=foo,dc=bar?*?sub?objectClass=activeObject
44 VhostLdapBindDn "cn=read only apache admin,dc=foo,dc=bar"
45 VhostLdapBindPw "secretpassword"
46 VhostLdapWlcBaseDn "ou=webAccess,dc=foo,dc=bar"
47 VhostLdapWucBaseDn "ou=webAccounts,dc=foo,dc=bar"
48 VhostLdapAliasesBaseDn "ou=webAliases,dc=foo,dc=bar"
49 VhostLdapDeref "never"
50 VhostLdapFallback default
51 VhostAliasesEnabled On
52 VhostLocAuthEnabled On
53 VhostDirAuthEnabled On