On Fri, Sep 18, 2009 at 1:55 AM, Asimananda Mohanty <asimananda.mohanty@xxxxxxxxx> wrote: > Hi All, > I am a new member in this group. I am facing an issue regarding openLDAP > access from apache http server and here are the details. > 1. I have configured a openLDAP server configured with gnutls as can be seen > below : > ======================================== > ldd slapd > linux-gate.so.1 => (0xb7f6d000) > libldap_r-2.4.so.2 => /usr/lib/libldap_r-2.4.so.2 (0xb7f19000) > liblber-2.4.so.2 => /usr/lib/liblber-2.4.so.2 (0xb7f0b000) > libdb-4.7.so => /usr/lib/libdb-4.7.so (0xb7db6000) > libodbc.so.1 => /usr/lib/libodbc.so.1 (0xb7d4f000) > libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0xb7d36000) > libslp.so.1 => /usr/lib/libslp.so.1 (0xb7d26000) > libnsl.so.1 => /lib/tls/i686/cmov/libnsl.so.1 (0xb7d0d000) > libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7cf5000) > libgnutls.so.26 => /usr/lib/libgnutls.so.26 (0xb7c57000) > libtasn1.so.3 => /usr/lib/libtasn1.so.3 (0xb7c45000) > libz.so.1 => /lib/libz.so.1 (0xb7c2f000) > libgcrypt.so.11 => /lib/libgcrypt.so.11 (0xb7bc6000) > libcrypt.so.1 => /lib/tls/i686/cmov/libcrypt.so.1 (0xb7b94000) > libresolv.so.2 => /lib/tls/i686/cmov/libresolv.so.2 (0xb7b7d000) > libltdl.so.7 => /usr/lib/libltdl.so.7 (0xb7b74000) > libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0xb7b70000) > libwrap.so.0 => /lib/libwrap.so.0 (0xb7b67000) > libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7a04000) > /lib/ld-linux.so.2 (0xb7f6e000) > libgpg-error.so.0 => /lib/libgpg-error.so.0 (0xb7a00000) > ======================================== > 2. I have my apache http server sitting on a solaris 10 x86 machine. The > httpd.conf details are below (related to LDAP). > ======================================== > <Location /> > SSLRequireSSL > AuthType Basic > AuthLDAPEnabled on > AuthLDAPUrl > ldap://xxx.xxx.xxx.xxx:389/dc=ldapcompany,dc=com?uid,AppAttr?sub?(AppAttr=*) > AuthLDAPBindDN cn=admin,dc=ldapcompany,dc=com > AuthLDAPBindPassword 12345678 > AuthName realm1 > Require valid-user > </Location> > ======================================== > 3. I need to access the application GUI through apache and the user > authentication happens through LDAP. AppAttr is an user defined attribute > that controls the kind of controls the user can see on the GUI, e.g. admin > user can see all the controls and so on. > 4. With the above settings in httpd.conf, the GUI access happens without any > issues. > 5. The time I change the "ldap" to "ldaps" in AuthLDAPUrl, GUI access > doesn't happen. Apache needs to be configured to trust the certificate presented by the LDAP server. See the cert-related directives in the manual. -- Eric Covener covener@xxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|