[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ispman-users
Subject:    Re: [Ispman-users] Apache 2 + auth_ldap (ispman stats + ACL)
From:       "Oliver Blaha / developing.de Internet-Service" <oliver.blaha () developing ! de>
Date:       2004-06-19 18:55:34
Message-ID: 40D48C26.1070100 () developing ! de
[Download RAW message or body]

The current version of auth_ldap is from the year 2001, so I guess there 
is no support for the new syntax. I could not verify this since I'm not 
willing to install apache1 at the moment.

A config switch might be the best solution as some people upgrading 
ISPman might want to leave their apache and auth_ldap untouched.

Oliver



Joerg Delker schrieb:
> This looks somewhat related to bug [942718] "mod_auth_ldap.c in httpd
> 2.0.41".
> 
> Is this issue *always* linked to apache2, or is there a "new" auth_ldap
> for apache1, too, that uses the changed syntax?
> 
> We might think about a config variable for apache 1/2 then, to solve
> this programatically.
> 
> Joerg
> 
> 
> On Thu, 2004-06-17 at 05:26, Oliver Blaha / developing.de
> Internet-Service wrote:
> 
> > Hi list,
> > 
> > I tried to use auth_ldap and failed compiling it with Apache 2.0.
> > That's why I decided to use mod_auth_ldap, which is shipping with apache 
> > as experimental module.
> > 
> > It's working fine, but ispman doesn't (yet) like it - there are two issues:
> > 
> > 1) It doesn't work with <IfModule auth_ldap.c> - you have to use 
> > <IfModule mod_auth_ldap.c> instead.
> > 
> > 2) It doesn't like the space in the AuthLDAPURL clause added by ispman 
> > when generating the ACL clauses.
> > 
> > In fact it's no big deal.
> > I'm not sure if i've seen such a patch here before, anyway, I attached mine.
> > 
> > BUT: it only works if you apply the base domain vhost patch i submitted 
> > some minutes ago. If you don't want to apply the vhost patch then you'll 
> > have to modify this one - but that should be quite easy.
> > 
> > Best regards,
> > Oliver
> > 
> > 
> > 
> > ______________________________________________________________________
> > diff -ur ispman-1.1/install-data/templates/vhosts.conf.template \
> >                 ispman-1.1.new/install-data/templates/vhosts.conf.template
> > --- ispman-1.1/install-data/templates/vhosts.conf.template	2003-08-04 \
> >                 05:39:06.000000000 +0200
> > +++ ispman-1.1.new/install-data/templates/vhosts.conf.template	2004-06-17 \
> > 04:45:24.017326248 +0200 @@ -33,7 +50,7 @@
> > 
> > 	<Directory $statdir>
> > $ispmanVhostDocumentRootOption
> > -        <IfModule auth_ldap.c>
> > +        <IfModule mod_auth_ldap.c>
> > 		AuthName "WebStats for $servername"
> > AuthType Basic
> > AuthLDAPURL ldap://$ldapHost/$ldapBaseDN?uid
> > diff -ur ispman-1.1/lib/http.lib ispman-1.1.new/lib/http.lib
> > --- ispman-1.1/lib/http.lib	2004-01-08 23:45:02.000000000 +0100
> > +++ ispman-1.1.new/lib/http.lib	2004-06-17 04:45:24.019325944 +0200
> > @@ -274,12 +274,12 @@
> > if ($vhostHash->{$domain}{$vh}{'acls'}) {
> > my $aclText = "";
> > for (keys %{$vhostHash->{$domain}{$vh}{'acls'}}){
> > -          $aclText .= "<IfModule auth_ldap.c>\n";
> > -          $aclText .= "<Location \
> >                 $vhostHash->{$domain}{$vh}{'acls'}{$_}{'ispmanVhostAclLocation'}>\n";
> >                 
> > -          $aclText .= "\tAuthType Basic\n\tAuthName $vh.$domain\n";
> > -          $aclText .= "\tAuthLDAPURL ldap://";
> > +          $aclText .= "<IfModule mod_auth_ldap.c>\n";
> > +          $aclText .= "\t\t<Location \
> > $vhostHash->{$domain}{$vh}{'acls'}{$_}{'ispmanVhostAclLocation'}>\n"; +          \
> > $aclText .= "\t\t\tAuthType Basic\n\t\t\tAuthName $vh.$domain\n"; +          \
> > $aclText .= "\t\t\tAuthLDAPURL ldap://"; $aclText .= \
> >                 $ispman->getConf("ldapHost");
> > -          $aclText .= "/ispmanDomain=$domain, \
> > @{[$ispman->getConf('ldapBaseDN')]}"; +          $aclText .= \
> > "/ispmanDomain=$domain,@{[$ispman->getConf('ldapBaseDN')]}"; $aclText .= \
> > "?ispmanUserId?sub?"; if (ref \
> > $vhostHash->{$domain}{$vh}{'acls'}{$_}{'ispmanVhostAclAllowUser'} eq "ARRAY") { \
> > $aclText .= "(|"; @@ -290,9 +290,9 @@
> > } else {
> > $aclText .= "(ispmanUserId=$vhostHash->{$domain}{$vh}{'acls'}{$_}{'ispmanVhostAclAllowUser'})";
> >  }
> > -          $aclText .= "\n\trequire valid-user\n";
> > -          $aclText .= "\t</Location>\n";
> > -          $aclText .= "</IfModule>\n";
> > +          $aclText .= "\n\t\t\trequire valid-user\n";
> > +          $aclText .= "\t\t</Location>\n";
> > +          $aclText .= "\t</IfModule>\n";
> > }
> > $vhostHash->{$domain}{$vh}{'acltext'}=$aclText;
> > print $vhostHash->{$domain}{$vh}{'acltext'};
> 
> 
> 
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference
> Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer
> Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA
> REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND
> _______________________________________________
> Ispman-users mailing list
> Ispman-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/ispman-users


-------------------------------------------------------
This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference
Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer
Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA
REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND
_______________________________________________
Ispman-users mailing list
Ispman-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ispman-users


[prev in list] [next in list] [prev in thread] [next in thread]