diff options
| author | Eric Covener <covener@apache.org> | 2013-08-28 17:49:07 +0200 |
|---|---|---|
| committer | Eric Covener <covener@apache.org> | 2013-08-28 17:49:07 +0200 |
| commit | 43c2d37105b34437cfec93233e1dead8300e389a (patch) | |
| tree | 435b543429fb5d3e5a76745e976125f7648af1d5 /docs/manual/mod/mod_ldap.xml | |
| parent | Handle the libxml2 prereq of some modules, including its possible (diff) | |
| download | apache2-43c2d37105b34437cfec93233e1dead8300e389a.tar.xz apache2-43c2d37105b34437cfec93233e1dead8300e389a.zip | |
add "default" option to LDAPReferrals, to allow "off" to really mean "off".
Need compatibility tag/note if backported.
Submitted By: Jan Kaluza & Eric Covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1518265 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to '')
| -rw-r--r-- | docs/manual/mod/mod_ldap.xml | 35 |
1 files changed, 28 insertions, 7 deletions
diff --git a/docs/manual/mod/mod_ldap.xml b/docs/manual/mod/mod_ldap.xml index bbc9f2db55..764f853be4 100644 --- a/docs/manual/mod/mod_ldap.xml +++ b/docs/manual/mod/mod_ldap.xml @@ -510,19 +510,40 @@ valid</description> <directivesynopsis> <name>LDAPReferrals</name> <description>Enable referral chasing during queries to the LDAP server.</description> -<syntax>LDAPReferrals <var>On|Off</var></syntax> +<syntax>LDAPReferrals <var>On|Off|default</var></syntax> <default>LDAPReferrals On</default> <contextlist><context>directory</context><context>.htaccess</context></contextlist> <override>AuthConfig</override> <usage> <p>Some LDAP servers divide their directory among multiple domains and use referrals - to direct a client when a domain boundary is crossed. By setting <code>LDAPReferrals On</code> - referrals will be chased (setting it to off causes referrals to be ignored). The directive - <code>LDAPReferralHopLimit</code> works in conjunction with this directive to limit the - number of referral hops to follow before terminating the LDAP query. When referral processing - is enabled client credentials will be provided, via a rebind callback, for any LDAP server - requiring them. </p> + to direct a client when a domain boundary is crossed. This is similar to a HTTP redirect. + LDAP client libraries may or may not chase referrals by default. This directive + explicitly configures the referral chasing in the underlying SDK.</p> + + + <p><directive>LDAPReferrals</directive> takes the takes the following values: + <dl> + <dt>"on"</dt> + <dd> <p> When set to "on", the underlying SDK's referral chasing state + is enabled, <directive>LDAPReferralHopLimit</directive> is used to + override the SDK's hop limit, and an LDAP rebind callback is + registered.</p></dd> + <dt>"off"</dt> + <dd> <p> When set to "off", the underlying SDK's referral chasing state + is disabled completely.</p></dd> + <dt>"default"</dt> + <dd> <p> When set to "default", the underlying SDK's referral chasing state + is not changed, <directive>LDAPReferralHopLimit</directive> is not + used to overide the SDK's hop limit, and no LDAP rebind callback is + registered.</p></dd> + </dl> + </p> + + <p> The directive <code>LDAPReferralHopLimit</code> works in conjunction with + this directive to limit the number of referral hops to follow before terminating the LDAP query. + When referral processing is enabled by a value of "On", client credentials will be provided, + via a rebind callback, for any LDAP server requiring them. </p> </usage> </directivesynopsis> |