Apache + LDAP Auth: access to / failed, reason: require directives present and no Authoritative hand
- by Karolis T.
Can't solve this one, here's my .htaccess:
AuthPAM_Enabled Off
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthName "MESSAGE"
Require ldap-group cn=CHANGED, cn=CHANGED
AuthLDAPURL "ldap://localhost/dc=CHANGED,dc=CHANGED?uid?sub?(objectClass=posixAccount)"
AuthLDAPBindDN CHANGED
AuthLDAPBindPassword CHANGED
AuthLDAPGroupAttribute memberUid
AuthLDAPURL is correct, BindDN and BindPassword are correct also (verified with ldapvi -D ..).
Apache version: Apache/2.2.9 (Debian)
The error message seems cryptic to me, I have AuthzLDAPAuthoritative on so where's the problem.
EDIT:
LDAP modules are loaded, the problem is not with them being missing.
# ls /etc/apache2/mods-enabled/*ldap*
/etc/apache2/mods-enabled/authnz_ldap.load /etc/apache2/mods-enabled/ldap.load
EDIT2:
Solved it by changing funky
Require ldap-group cn=CHANGED, cn=CHANGED
line with
Require valid-user
Since AuthzLDAPAuthoritative is on, no other auth methods will be used and valid-user requirement will auth via LDAP. (right? :/)