Apache Auth: Using Require User and Require Group
Hi
I've been all over the apache documentation and Google and I keep ending up at the same pages. I'm wondering if anyone here would have some insight into this pesky little problem. I have Apache plugged into Winbind with mod_auth_pam. It works great if I use either the "Require user <some guy>" or "require group <group of guys>". However, it would be ideal if I could use both of these options at once ... allow a few specific users, plus this huge group as well. This isn't working though. It's saying "access to /test1 failed, reason: user 'someguy' does not meet 'require'ments for user/valid-user to be allowed access" Obviously it's saying this because while "someguy" is in the allowed group, he's not in the allowed user list. Is there some way to incorporate a SatisfyAny into this? Any way at all to use both of these options at once? I need some sort of logical OR here ... doesn't seem like it would be this hard. |
Ah! Answered my own question, though it wasn't easy. I pretty much just guessed right. Added the line AuthzUserAuthoritative off to my config. This then says that any users listed in "Require user someguy anotherguy" are allowed, but are not required to be members of the "Require group groupofguys"
Here's my Directory directive (what?!) for example: <Directory "/var/www/html/test1"> AuthPAM_Enabled on AuthType Basic AuthzUserAuthoritative off AuthName "Login" Require group agroupofguys Require user someguy Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> |
All times are GMT -5. The time now is 11:49 AM. |