boomnyc Posted February 19, 2009 Share Posted February 19, 2009 Hi! Hopefully smbd have a solution for this as Ive struggled for a few days to find one without any success what so ever. Id be most appreciative for any input provided! Here's the scope: I have 2 location(single virtual host): /location01 /location02 Im using mod_ldap to secure access to both. My goal is to have users who are already authenticated against location01 not to be asked to authenticate against location02. Furthermore Id like users who are authenticated against location01 only be allowed to view location02 only if they are members of a specific group in AD. Here's the conf: <Location /location01> Order deny,allow Deny from All AuthName "ldap" AuthType Basic AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthLDAPUrl "ldap://somedomain.net:3268/dc=somedc,dc=net?sAMAccountName?sub?(objectClass=user)" AuthLDAPBindDN "cn=someaccnt,ou=someou,ou=someou,dc=somedc,dc=somenet" AuthLDAPBindPassword "qwer1234" Require valid-user Satisfy any </Location> <Location /location02> Order deny,allow Deny from All AuthName "ldap" AuthType Basic AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthLDAPUrl "ldap://somedomain.net:3268/dc=somedc,dc=net?sAMAccountName?sub?(objectClass=user)" AuthLDAPBindDN "cn=someaccnt,ou=someou,ou=someou,dc=somedc,dc=somenet" AuthLDAPBindPassword "qwer1234" require ldap-group "cn=somegroup, ou=someGroups, ou=someou,dc=somedc,dc=somenet" Require valid-user Satisfy any </Location> It works fine as you can imagine, however, when switching between location01(www.abc.com/locatio01) and location02(www.abc.com/locatio02) i get prompted for credentials. Server version: Apache/2.2.8 (Ubuntu) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.