[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug 61990] New: Can't use variable with Require ldap-filter


            Bug ID: 61990
           Summary: Can't use variable with Require ldap-filter
           Product: Apache httpd-2
           Version: 2.4.6
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_authnz_ldap
          Assignee: bugs@xxxxxxxxxxxxxxxx
          Reporter: arthur.garnier@xxxxxxxxxxxxxxx
  Target Milestone: ---


I'm trying to allow user depending of a URI match with LDAP. 

My conf is like this : 

<If "%{REQUEST_URI} =~ /logs_[a-z0-9]*.[A-Z0-9]{4}/">
SetEnvIf Request_URI "/logs_[a-z0-9]*.([A-Z0-9]*)" VAR=$1
AuthLDAPBindPassword *********
    Require valid-user
    Require ldap-filter

But in logs I get : 

Jan 11 14:18:31 XXXXXXX httpd: XXXX|XXXXXXXXX|t="Thu Jan 11 14:18:31 2018" 
rip="XXXXXXXXXXXX" ip="-" uid="XXXXXXXXXXXX" severity="authnz_ldap:debug"
v="XXXXXXXXXX" msg="AH01743: auth_ldap authorize: checking filter

I also tried to add  :
Require env ROB

And this Require returns "Granted"

Juste in case, in the ldap-filter condition I tried several syntaxes (even some
with no sense):
%{VAR}, ${VAR}, $VAR, %VAR, %{VAR}e, %{ENV:VAR}

The module documentation provides a similar exemple with ldap-groupe :

AuthLDAPURL ldap://ldap.example.com/o=Example?uid
Require ldap-group cn=%{SERVER_NAME}, o=Example

Is there a trick ? It's a bug ?

Thanks in advance !

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail: bugs-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: bugs-help@xxxxxxxxxxxxxxxx