I want to enable directory browsing in Apache and ask users to authenticate using openLDAP backend, and I want to set different groups for the folders inside Apache's web server.
My goal is not to let all users have access to all the folders and files from browser. Say group G1 only have access to folder F1 and group G2 have access only to folder F2.
By access I mean read/write (well write is not that important in directory browsing).
Things I've done so far:
1- Installed an openLDAP server
2- Installed an Apache server
2.1 - add authnz_ldap
2.2 - add Apache directives for a folder to get user authentication from ldap
<Location /protected>
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthName "Password protected. Enter your AD username and password."
AuthLDAPURL "ldap://{host_or_ip}/CN=Users,DC=example,DC=org?sAMAccountName?sub?(objectClass=*)"
AuthLDAPBindDN "{username}@example.org"
AuthLDAPBindPassword {password}
Require valid-user
</Location>
I can authenticate with ldap but I want to have authorization similar to IIS and NTFS permisions.
