NAME

Apache::AuthzLDAP - mod_perl LDAP Authorization Module

SYNOPSIS

<Directory /foo/bar>
# Authorization Realm and Type (only Basic supported)
AuthName "Foo Bar Authentication"
AuthType Basic

# Any of the following variables can be set.
# Defaults are listed to the right.
PerlSetVar AuthenBaseDN    o=Foo,c=Bar        # Default: Empty String ("")
PerlSetVar AuthzBaseDN     o=Tivoli Systems   # Default: none
PerlSetVar GroupAttrType   gid                # Default: cn
PerlSetVar LDAPServer      ldap.foo.com       # Default: localhost
PerlSetVar LDAPPort        389                # Default: 389
PerlSetVar MemberAttrType  uid                # Default: member
PerlSetVar MemberAttrValue dn                 # Default: cn
PerlSetVar NestedGroups    On                 # Default: off
PerlSetVar UidattrType     userid             # Default: uid

PerlAuthzHandler Apache::AuthzLDAP

require group "My Group" GroupA "Group B"     # Authorize user against
                                              # multiple groups
</Directory>

DESCRIPTION

Apache::AuthzLDAP is designed to work with mod_perl and Net::LDAP. This module authorizes a user against an LDAP backend. It can be combined with Apache::AuthenLDAP to provide LDAP authentication as well.

CONFIGURATION OPTIONS

The following variables can be defined within the configuration of Directory, Location, or Files blocks or within .htaccess files.

AuthenBaseDN: The base distinguished name with which to query LDAP for purposes of authentication. By default, the AuthenBaseDN is blank.

AuthzBaseDN: The base distinguished name with which to query LDAP for purposes of authorization. By default, the AuthzBaseDN is blank.

GroupAttrType: The attribute type name that contains the group's identification. By default, GroupAttrType is set to cn.

MemberAttrType: The attribute type name that contains the group member's identification. By default, MemberAttrType is set to member.

MemberAttrValue: The attribute value contained within the MemberAttrType above. By default, MemberAttrValue is set to cn.

NestedGroups: When the NestedGroups value is on, a recursive group search occurs until the user is found in a group or the deepest group's member list does not contain any groups. By default, NestedGroups is set to off.

UidAttrType: The attribute type name that contains the user's identification. By default, UidAttrType is set to uid.

NOTES

This module has hooks built into it to handle Apache::AuthzCache version 0.02 and higher passing notes to avoid bugs in the set_handlers() method in mod_perl versions prior to 1.26.

AUTHORS

Jason Bodnar, Christian Gilmore <cgilmore@tivoli.com>

COPYRIGHT

This module is free software; you can redistribute it and/or modify it under the terms of the IBM Public License.

To install Apache::AuthzLDAP, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Apache::AuthzLDAP

CPAN shell

perl -MCPAN -e shell
install Apache::AuthzLDAP

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)