Re: [users@httpd] LDAP authentification from 2.0 to 2.2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Re: [users@httpd] LDAP authentification from 2.0 to 2.2
From: Matt Bockol <mbockol@xxxxxxxxxxxx>
Date: Mon, 24 Apr 2006 13:12:45 -0500
Delivered-to: apmail-httpd-users-archive@xxxxxxxxxxxxxx
Delivered-to: apmail-httpd-users-archive@xxxxxxxxxxxxxxxx
Delivered-to: mailing list users@xxxxxxxxxxxxxxxx
In-reply-to: <1DC2085A-C66E-4BCD-9A87-1D0866888509@xxxxxxxxxx>
Mailing-list: contact users-help@xxxxxxxxxxxxxxxx; run by ezmlm
References: <1DC2085A-C66E-4BCD-9A87-1D0866888509@xxxxxxxxxx>
Reply-to: users@xxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0 (Macintosh/20041206)

Hi Matteo,

I've run into the same error, here's an example config that works for us:

<Location /test>
 AuthType Basic
 AuthName "LDAP Auth"
 AuthBasicProvider ldap
 AuthLDAPBindDN cn=blah,dc=blah2,dc=blah3
 AuthLDAPBindPassword "************"
 AuthLDAPURL "ldaps://similar to yours"
 AuthzLDAPAuthoritative off
 Require valid-user
</Location>

It's something about the AuthType Basic expecting a htpasswd file whenusing it with require valid-user, but I don't completely understand howthese are supposed to mix and match with the new 2.2.0 auth configs.


Matt




Matteo Corti wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I posted the same question on alt.apache.configuration some time agobut got

no answer and decided to try also here.

I am setting up a test server with apache 2.2.0 and having troublewith LDAP

authentification.

This is (or was in 2.0) my configuration:

<Location /test>
  SSLRequireSSL

  Options Indexes FollowSymLinks

  # LDAP
  AuthLDAPURL "ldaps://1.example.com 2.example.com
    3.example.com/ou=users,ou=id,ou=auth,
    o=example,c=com?uid?one?(objectClass=*)"
  AuthLDAPBindDN
    "CN=linuxlo_proxy,OU=admins,OU=id,OU=auth,O=example,C=com"
  AuthLDAPBindPassword "**********"
  AuthzLDAPAuthoritative Off

  # Authenticattion
  Require valid-user
  AuthType Basic
  AuthName "Some text"

</Location>

Authentication fails with the following error:

  [error] Internal error: pcfg_openfile() called with NULL filename
  [error] [client 129.132.57.95] (9)Bad file descriptor: Could not
    open password file: (null)

I could agree on the fact the the passwd file cannot be opened sincethere

is none :-). My problem is: why Apache does not use LDAP but looks for a
password file.

Many thanks in advance,

Matteo

- -- Matteo Corti
ETH Zurich -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)

iD8DBQFETPSTLEG/T0gggJsRAnV3AJ9xjdHENHgqtkjI+AQgV/wj+E21XACgtmWn
o7oXn90wqPibVjFnvA/2sS0=
=Lx0c
-----END PGP SIGNATURE-----

---------------------------------------------------------------------

The official User-To-User support forum of the Apache HTTP ServerProject.

See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

References:
- [users@httpd] LDAP authentification from 2.0 to 2.2
  - From: Matteo Corti

Prev by Date: Re: [users@httpd] Recognize embed request from html page?
Next by Date: Re: [users@httpd] Recognize embed request from html page?
Previous by thread: [users@httpd] LDAP authentification from 2.0 to 2.2
Next by thread: Re: [users@httpd] LDAP authentification from 2.0 to 2.2
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]