RE: Help with apache and ldap authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks very much Karl, I was able to get it working after looking at
your conifig.

Aaron 

-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx
[mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Karl Latiss
Sent: Tuesday, June 20, 2006 9:15 PM
To: General Red Hat Linux discussion list
Subject: RE: Help with apache and ldap authentication

I found I always had to turn AuthzLDAPAuthoritative Off for it to work
for me but our setup was slightly different. I use:

# turn on LDAP authentication and authorization module AuthzLDAPEngine
on

# define ldap server
AuthzLDAPServer server.com.au

# set the search base
AuthzLDAPUserBase dc=server,dc=com,dc=au

# define the search filter (ie what attribute to search in)
AuthzLDAPUserKey uid

# how to search through the name space
AuthzLDAPUserScope subtree

# ensure the authorization header is not re-written
AuthzLDAPSetAuthorization off

# we use ldap authentication and mod_access authorization # to determine
access so we need to ensure the process # doesn't finish with
mod_authz_ldap AuthzLDAPAuthoritative off

AuthType basic
AuthName "Something"
require user someuser

Karl.


On Tue, 2006-06-20 at 15:03 -0400, Bliss, Aaron wrote:
> Yep, sorry I didn't mention that; the host running apache 
> authenticates users fine to the ldap server both using ldap and ldaps;

> just can't get apache to talk to the ldap server.
> 
> Aaron
> 
> -----Original Message-----
> From: redhat-list-bounces@xxxxxxxxxx
> [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Allen Chen
> Sent: Tuesday, June 20, 2006 2:29 PM
> To: General Red Hat Linux discussion list
> Subject: Re: Help with apache and ldap authentication
> 
> Bliss, Aaron wrote:
> > I'm running redhat 3 es, apache and all modules including 
> > mod_authz_ldap are from system rpm's; I'm attempting to restrict 
> > access to a directory and would like to use ldap authentication; 
> > below
> 
> > is the relevant section of my httpd.conf file; I'm getting the box 
> > to enter my credentials when going to the web page, but it seems to 
> > be failing; any ideas?  Thanks very much.
> >
> > <directory /webroot/www/nessus_summary>  AuthType Basic  AuthName 
> > "Private Area"
> > # AuthUserFile /usr/local/sbin/htusers  AuthzLDAPEngine on 
> > AuthzLDAPServer "al-lnx-s11.preferredcare.org"
> >  AuthzLDAPBindDN "ou=users,dc=preferredcare,dc=org"
> >  #AuthzLDAPMapBase "ou=users,dc=preferredcare,dc=org"
> >  AuthzLDAPAuthoritative on
> >  AuthzLDAPSetAuthorization on
> >  Require valid-user
> > </directory>
> >
> > Confidentiality Notice:
> > The information contained in this electronic message is intended for
> the exclusive use of the individual or entity named above and may 
> contain privileged or confidential information.  If the reader of this

> message is not the intended recipient or the employee or agent 
> responsible to deliver it to the intended recipient, you are hereby 
> notified that dissemination, distribution or copying of this 
> information is prohibited.  If you have received this communication in

> error, please notify the sender immediately by telephone and destroy 
> the copies you received.
> >
> >
> >   
> 
> Can you ping ldap server  al-lnx-s11.preferredcare.org from apache 
> machine?
> 
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 
> 


--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux