httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aleks Feltin <aleks.fel...@sunsetwireless.fi>
Subject [users@httpd] [***** SPAM 5.3 *****] handling failed authentication attempts
Date Tue, 05 May 2009 17:31:29 GMT
Hello List,

We are using 2.2.9 on Debian with mod_ldap and mod_auth_kerb_5.4. Latter supports failback
to basic authentication. 
So far it is working well. Problem arises with functional requrements for authorization. It
is required that members of certain ldap group are tied to gssapi authentication whereas members
of another group are forced to use basic auth, both must reach same location as a result.
Now I would like to know how it is possible to implement failback either with processing failed
attempts or with stacking multiple instance of authorization providers because of unique ldap
group instances. 

Say we have single location /svn, now by ldap group membership we want that groupA members
get through using kerberos (gssapi) and groupB members utilize http basic auth. Please share
your thoughts (and examples, if there are any).

Regards,

Aleks F.

Mime
View raw message