Reputation: 458
BasicAuth with "ldap file" providers doesn't work for users in file
I have a host where authenticated users need to be in a certain ldap group. This worked perfectly. Afterwards I needed an external user that I put locally in a file and this one doesn't work.
When I comment out all the ldap lines that user works, so the file is created correctly and accessible by Apache 2.2, but when I add ldap, everything work for the ldap users but not for the file user.
When I try to log in with the local in file user with a bad password I get the log in pop-up again, as usual, but when I insert the correct credentials I get "Authorization Required This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required."
Below is my set upon Apache 2.2
<Location "/">
Deny from all
AuthType Basic
AuthName "My Auth"
AuthBasicProvider ldap file
AuthLDAPURL LDAP_URL
AuthUserFile "path/to/pass/file"
Require user file_user
Require ldap-group cn=LDAP Group,cn=Groups,dc=DC,dc=org
Require ldap-user ldap_user_outside_group
Satisfy any
</Location>
Upvotes: 0
Views: 314
Answers (1)
Reputation: 17886
You likely need AuthzLDAPAuthoritative to allow the failure to match the ldap-based Require directives to not be fatal. This kind of directive was made obsolete in later releases by internal improvements in 2.4.
Upvotes: 1
Related Questions
- Apache LDAP auth
- Apache 2.4 and LDAP
- Apache2.4 ldap authentication causes 500 error
- Apache 24 with openldap fail to prompt user login
- Apache web server LDAP - How to allow a non-ldap user access?
- Apache mod auth_ldap won't work if ssl turned on
- Why is my LDAP authentication/url not working?
- Apache Active Directory mod_authnz_ldap not working
- Apache HTTP Server 2.4 LDAP (Active Directory) Authentication
- Can AuthnProviderAlias ldap work with Apache2.4.x?