<li><img alt="" src="./images/down.gif" /> <a href="#functions">Functions</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#other">Other</a></li>
<li><img alt="" src="./images/down.gif" /> <a href="#sslrequire">Comparison with SSLRequire</a></li>
-</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="./mod/core.html#if"><If></a></code></li><li><code class="directive"><a href="./mod/core.html#elseif"><ElseIf></a></code></li><li><code class="directive"><a href="./mod/core.html#else"><Else></a></code></li><li><code class="directive"><a href="./mod/mod_rewrite.html#rewritecond">RewriteCond</a></code></li><li><code class="directive"><a href="./mod/mod_setenvif.html#setenvifexpr">SetEnvIfExpr</a></code></li><li><code class="directive"><a href="./mod/mod_filter.html#filterprovider">FilterProvider</a></code></li><li><a href="mod/mod_authz_core.html#reqexpr">Require expr</a></li><li><code class="directive"><a href="./mod/mod_ssl.html#sslrequire">SSLRequire</a></code></li><li><code class="directive"><a href="./mod/mod_log_debug.html#logmessage">LogMessage</a></code></li><li><code class="module"><a href="./mod/mod_include.html">mod_include</a></code></li></ul></div>
+</ul><h3>See also</h3><ul class="seealso"><li><code class="directive"><a href="./mod/core.html#if"><If></a></code></li><li><code class="directive"><a href="./mod/core.html#elseif"><ElseIf></a></code></li><li><code class="directive"><a href="./mod/core.html#else"><Else></a></code></li><li><code class="directive"><a href="./mod/mod_rewrite.html#rewritecond">RewriteCond</a></code></li><li><code class="directive"><a href="./mod/mod_setenvif.html#setenvifexpr">SetEnvIfExpr</a></code></li><li><code class="directive"><a href="./mod/mod_
headers.html#header">Header</a></code></li><li><code class="directive"><a href="./mod/mod_headers.html#requestheader">RequestHeader</a></code></li><li><code class="directive"><a href="./mod/mod_filter.html#filterprovider">FilterProvider</a></code></li><li><a href="mod/mod_authz_core.html#reqexpr">Require expr</a></li><li><code class="directive"><a href="./mod/mod_ssl.html#sslrequire">SSLRequire</a></code></li><li><code class="directive"><a href="./mod/mod_log_debug.html#logmessage">LogMessage</a></code></li><li><code class="module"><a href="./mod/mod_include.html">mod_include</a></code></li></ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<h2><a name="grammar" id="grammar">Grammar in Backus–Naur Form notation</a></h2>
<seealso><directive module="core" type="section">Else</directive></seealso>
<seealso><directive module="mod_rewrite">RewriteCond</directive></seealso>
<seealso><directive module="mod_setenvif">SetEnvIfExpr</directive></seealso>
+<seealso><directive module="mod_headers">Header</directive></seealso>
+<seealso><directive module="mod_headers">RequestHeader</directive></seealso>
<seealso><directive module="mod_filter">FilterProvider</directive></seealso>
<seealso><a href="mod/mod_authz_core.html#reqexpr">Require expr</a></seealso>
<seealso><directive module="mod_ssl">SSLRequire</directive></seealso>
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.0 and later</td></tr>
</table>
<p>When this directive is set to a non-zero value <code>X</code>
combined with use of the <code>Require ldap-group someGroupDN</code>
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.0 and later</td></tr>
</table>
<p>An LDAP group object may contain members that are users and
members that are groups (called nested or sub groups). The
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.0 and later</td></tr>
</table>
<p>An LDAP group object may contain members that are users and
members that are groups (called nested or sub groups). The
<contextlist><context>directory</context><context>.htaccess</context>
</contextlist>
<override>AuthConfig</override>
+<compatibility>Available in version 2.3.0 and later</compatibility>
<usage>
<p>When this directive is set to a non-zero value <code>X</code>
<contextlist><context>directory</context><context>.htaccess</context>
</contextlist>
<override>AuthConfig</override>
+<compatibility>Available in version 2.3.0 and later</compatibility>
<usage>
<p>An LDAP group object may contain members that are users and
<contextlist><context>directory</context><context>.htaccess</context>
</contextlist>
<override>AuthConfig</override>
+<compatibility>Available in version 2.3.0 and later</compatibility>
<usage>
<p>An LDAP group object may contain members that are users and
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Apache HTTP Server 2.3.5 and later</td></tr>
</table>
<p>This directive configures the timeout for bind and search operations, as well as
the LDAP_OPT_TIMEOUT option in the underlying LDAP client library, when available.</p>
<syntax>LDAPTimeout <var>seconds</var></syntax>
<default>LDAPTimeout 60</default>
<contextlist><context>server config</context></contextlist>
+<compatibility>Apache HTTP Server 2.3.5 and later</compatibility>
<usage>
<p>This directive configures the timeout for bind and search operations, as well as
(Query String Discard) and <code>[END]</code> flags for
<code class="directive"><a href="./mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> to
simplify common rewriting scenarios.</dd>
+
+ <dt><code class="module"><a href="./mod/mod_ldap.html">mod_ldap</a></code>, <code class="module"><a href="./mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code></dt>
+ <dd><code class="module"><a href="./mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> adds support for nested groups.</dd>
+ <dd><code class="module"><a href="./mod/mod_ldap.html">mod_ldap</a></code> adds
+ <code class="directive"><a href="./mod/mod_ldap.html#ldapconnectionpoolttl">LDAPConnectionPoolTTL</a></code>,
+ <code class="directive"><a href="./mod/mod_ldap.html#ldaptimeout">LDAPTimeout</a></code>, and
+ other improvements in the handling of timeouts.
+ This is especially useful for setups where a
+ stateful firewall drops idle connections to the LDAP server.</dd>
+ <dd><code class="module"><a href="./mod/mod_ldap.html">mod_ldap</a></code> adds
+ <code class="directive"><a href="./mod/mod_ldap.html#ldaplibrarydebug">LDAPLibraryDebug</a></code> to log
+ debug information provided by the used LDAP toolkit.</dd>
+
</dl>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
expression parser previously implemented in
<code class="module"><a href="./mod/mod_ssl.html">mod_ssl</a></code>.</dd>
+ <dd>The expression parser allows to specify
+ <a href="expr.html">complex conditions</a> in directives like
+ <code class="directive"><a href="./mod/mod_setenvif.html#setenvifexpr">SetEnvIfExpr</a></code>,
+ <code class="directive"><a href="./mod/mod_rewrite.html#rewritecond">RewriteCond</a></code>, and
+ <code class="directive"><a href="./mod/mod_headers.html#header">Header</a></code>.
+ </dd>
+
<dt>Authorization Logic Containers</dt>
<dd>Authorization modules now register as a provider, via
(Query String Discard) and <code>[END]</code> flags for
<directive module="mod_rewrite">RewriteRule</directive> to
simplify common rewriting scenarios.</dd>
+
+ <dt><module>mod_ldap</module>, <module>mod_authnz_ldap</module></dt>
+ <dd><module>mod_authnz_ldap</module> adds support for nested groups.</dd>
+ <dd><module>mod_ldap</module> adds
+ <directive module="mod_ldap">LDAPConnectionPoolTTL</directive>,
+ <directive module="mod_ldap">LDAPTimeout</directive>, and
+ other improvements in the handling of timeouts.
+ This is especially useful for setups where a
+ stateful firewall drops idle connections to the LDAP server.</dd>
+ <dd><module>mod_ldap</module> adds
+ <directive module="mod_ldap">LDAPLibraryDebug</directive> to log
+ debug information provided by the used LDAP toolkit.</dd>
+
</dl>
</section>
expression parser previously implemented in
<module>mod_ssl</module>.</dd>
+ <dd>The expression parser allows to specify
+ <a href="expr.html">complex conditions</a> in directives like
+ <directive module="mod_setenvif">SetEnvIfExpr</directive>,
+ <directive module="mod_rewrite">RewriteCond</directive>, and
+ <directive module="mod_headers">Header</directive>.
+ </dd>
+
<dt>Authorization Logic Containers</dt>
<dd>Authorization modules now register as a provider, via
projects / apache / commitdiff