RE: Help with apache and ldap authentication
- From: Karl Latiss <karl.latiss@xxxxxxxxxxxxx>
- Date: Wed, 21 Jun 2006 11:15:20 +1000
I found I always had to turn AuthzLDAPAuthoritative Off for it to work
for me but our setup was slightly different. I use:
# turn on LDAP authentication and authorization module
AuthzLDAPEngine on
# define ldap server
AuthzLDAPServer server.com.au
# set the search base
AuthzLDAPUserBase dc=server,dc=com,dc=au
# define the search filter (ie what attribute to search in)
AuthzLDAPUserKey uid
# how to search through the name space
AuthzLDAPUserScope subtree
# ensure the authorization header is not re-written
AuthzLDAPSetAuthorization off
# we use ldap authentication and mod_access authorization
# to determine access so we need to ensure the process
# doesn't finish with mod_authz_ldap
AuthzLDAPAuthoritative off
AuthType basic
AuthName "Something"
require user someuser
Karl.
On Tue, 2006-06-20 at 15:03 -0400, Bliss, Aaron wrote:
Yep, sorry I didn't mention that; the host running apache authenticates
users fine to the ldap server both using ldap and ldaps; just can't get
apache to talk to the ldap server.
Aaron
-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx
[mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Allen Chen
Sent: Tuesday, June 20, 2006 2:29 PM
To: General Red Hat Linux discussion list
Subject: Re: Help with apache and ldap authentication
Bliss, Aaron wrote:
I'm running redhat 3 es, apache and all modules including
mod_authz_ldap are from system rpm's; I'm attempting to restrict
access to a directory and would like to use ldap authentication; below
is the relevant section of my httpd.conf file; I'm getting the box tothe exclusive use of the individual or entity named above and may
enter my credentials when going to the web page, but it seems to be
failing; any ideas? Thanks very much.
<directory /webroot/www/nessus_summary> AuthType Basic AuthName
"Private Area"
# AuthUserFile /usr/local/sbin/htusers AuthzLDAPEngine on
AuthzLDAPServer "al-lnx-s11.preferredcare.org"
AuthzLDAPBindDN "ou=users,dc=preferredcare,dc=org"
#AuthzLDAPMapBase "ou=users,dc=preferredcare,dc=org"
AuthzLDAPAuthoritative on
AuthzLDAPSetAuthorization on
Require valid-user
</directory>
Confidentiality Notice:
The information contained in this electronic message is intended for
contain privileged or confidential information. If the reader of this
message is not the intended recipient or the employee or agent
responsible to deliver it to the intended recipient, you are hereby
notified that dissemination, distribution or copying of this information
is prohibited. If you have received this communication in error, please
notify the sender immediately by telephone and destroy the copies you
received.
Can you ping ldap server al-lnx-s11.preferredcare.org from apache
machine?
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
- Follow-Ups:
- I cant dig informatics.lk rest I can with my DNS
- From: Asanka Gunasekera
- Re: Help with apache and ldap authentication
- From: Asanka Gunasekera
- I cant dig informatics.lk rest I can with my DNS
- References:
- RE: Help with apache and ldap authentication
- From: Bliss, Aaron
- RE: Help with apache and ldap authentication
- Prev by Date: RE: Help with apache and ldap authentication
- Next by Date: Re: Help with apache and ldap authentication
- Previous by thread: RE: Help with apache and ldap authentication
- Next by thread: Re: Help with apache and ldap authentication
- Index(es):
Relevant Pages
|
