Bug 45584 - No AUTHENTICATE_* environment variables from mod_authz_ldap
Summary: No AUTHENTICATE_* environment variables from mod_authz_ldap
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_authz_ldap (show other bugs)
Version: 2.2.9
Hardware: PC Linux
: P2 enhancement (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
Keywords: FixedInTrunk
Depends on:
Reported: 2008-08-06 23:37 UTC by Alexandra Kossovsky
Modified: 2012-02-26 16:48 UTC (History)
0 users

Fix for the problem (obviously wrong) (2.72 KB, patch)
2008-08-06 23:37 UTC, Alexandra Kossovsky
Details | Diff
Set environment variables when only using LDAP authorization. (1.15 KB, patch)
2009-08-24 02:56 UTC, magne.andreassen
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandra Kossovsky 2008-08-06 23:37:38 UTC
Created attachment 22398 [details]
Fix for the problem (obviously wrong)

I use non-ldap authn module (Kerberos, really) with ldap authz module (i.e. "AuthLDAPURL" and "Require ldap-filter" directives) with apache 2.2.9. The documentation to mod_authnz_ldap module tells me that "LDAP attributes specified in the AuthLDAPUrl directive are placed in environment variables with the prefix "AUTHENTICATE_"".  However, I get no AUTHENTICATE_ variables -- they are set only when checking LDAP password, and it is not my case.

I think it is very useful to get AUTHENTICATE_* variables available for CGI scripts even then ldap is used as authorization module and does not authenticate user.

The attached patch works for me, but it is obviously wrong (for example, it sets AUTHENTICATE_* variable twice if ldap is used for both authorization and authentication).
Comment 1 magne.andreassen 2009-08-24 02:56:35 UTC
Created attachment 24156 [details]
Set environment variables when only using LDAP authorization.

Alternative patch for setting the AUTHENTICATE_ variables when only doing LDAP authorization. Default off. To enable set 'AuthLDAPAuthzSetEnvironment' to 'on' in the Apache config.
Comment 2 Eric Covener 2010-05-29 15:49:33 UTC
I've added this capability in r949336
Comment 3 Stefan Fritsch 2012-02-26 16:48:40 UTC
fixed in 2.4.1