Postings by Darren Spruell

Access control to allow local clients or remote with SSL client certificate


Running Apache 2.4.7 and current configuration limiting access to a
directory to only clients that can provide a trusted client certificate.
Server is SSL host. Would like to modify configuration to allow "local"
clients (, etc. as defined by 'Require local' auth provider) to
access the directory without authenticating with a client certificate.

Failure authing against LDAPS, web server tearing down connections

I'm having a perplexing failure authenticating users against LDAP on
one server.

LimitExcept group authorization not taking effect


I have configuration that is not behaving as I'm assuming it should -
suspect I'm missing a critical detail.

I am using the following setup in a VirtualHost to protect access to a
Mercurial web repo:

<Location /hg>
WSGIProcessGroup hg
AuthType Basic
AuthName "Mercurial LDAP Auth"
AuthBasicProvider ldap
# For AD LDAPS support, requires LDAPVerifyServerCert to be
disabled up above.
AuthLDAPURL [redacted]
AuthLDAPBindDN [redacted]
AuthLDAPBindPassword [redacted]
# Must be off to honor valid-user as "fallback" au