You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Rob Tanner <rt...@linfield.edu> on 2007/03/27 18:26:17 UTC
[users@httpd] Problems with LDAP and Basic Authentication
Hi,
I'm having problems with LDAP authentication. What worked in Apache
v2.0.53 does not work in Apache v2.2.4 and I assume that the difference
is actually between mod_auth_ldap.c and mod_authnz_ldap.c. Below is an
example of an LDAP configuration that works with the older server
(w/mod_auth_ldap.c ):
<Location /soan>
AuthLDAPUrl ldap://biblio.linfield.edu:389/o=linfield.edu?uid
AuthLDAPBindDN "cn=Postfix,ou=Special Users,o=linfield.edu"
AuthLDAPBindPassword secret
AuthName "Sociology and Anthropology"
AuthType Basic
DAV On
ForceType text/plain
<Limit GET PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE
LOCK UNLOCK>
Require group cn=webdav.soan, ou=webdav, o=linfield.edu
</Limit>
AllowOverride None
</Location>
What changes are necessary to use this with Apache 2.2.4 and
mod_authnz_ldap.c?
Thanks,
Rob
--
Rob Tanner
UNIX Services Manager
Linfield College, McMinnville OR
Re: [users@httpd] Problems with LDAP and Basic Authentication
Posted by Rob Tanner <rt...@linfield.edu>.
Ah, the missing piece: "AuthBasicProvider ldap" Thanks.
-- Rob
Ricardo Stella said the following on 03/27/2007 10:19 AM:
> Rob Tanner wrote:
>
>> Hi,
>>
>> I'm having problems with LDAP authentication. What worked in Apache
>> v2.0.53 does not work in Apache v2.2.4 and I assume that the difference
>> is actually between mod_auth_ldap.c and mod_authnz_ldap.c. Below is an
>> example of an LDAP configuration that works with the older server
>> (w/mod_auth_ldap.c ):
>>
>> <Location /soan>
>> AuthLDAPUrl ldap://biblio.linfield.edu:389/o=linfield.edu?uid
>> AuthLDAPBindDN "cn=Postfix,ou=Special Users,o=linfield.edu"
>> AuthLDAPBindPassword secret
>> AuthName "Sociology and Anthropology"
>> AuthType Basic
>> DAV On
>> ForceType text/plain
>> <Limit GET PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE
>> LOCK UNLOCK>
>> Require group cn=webdav.soan, ou=webdav, o=linfield.edu
>> </Limit>
>> AllowOverride None
>> </Location>
>>
>> What changes are necessary to use this with Apache 2.2.4 and
>> mod_authnz_ldap.c?
>>
>> Thanks,
>> Rob
>>
>>
>>
>>
> What works for us is (I have anon bind enabled):
>
> <Directory "/path-to-htdocs/ldap-secured">
> Options FollowSymLinks
> AllowOverride None
> AuthName "LDAP authentication"
> AuthType Basic
> AuthBasicProvider ldap
> AuthzLDAPAuthoritative off
> AuthLDAPURL "ldap://localhost:389/o=your_own_base?uid?sub?"
> require valid-user
> </Directory>
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Problems with LDAP and Basic Authentication
Posted by Ricardo Stella <st...@rider.edu>.
Rob Tanner wrote:
> Hi,
>
> I'm having problems with LDAP authentication. What worked in Apache
> v2.0.53 does not work in Apache v2.2.4 and I assume that the difference
> is actually between mod_auth_ldap.c and mod_authnz_ldap.c. Below is an
> example of an LDAP configuration that works with the older server
> (w/mod_auth_ldap.c ):
>
> <Location /soan>
> AuthLDAPUrl ldap://biblio.linfield.edu:389/o=linfield.edu?uid
> AuthLDAPBindDN "cn=Postfix,ou=Special Users,o=linfield.edu"
> AuthLDAPBindPassword secret
> AuthName "Sociology and Anthropology"
> AuthType Basic
> DAV On
> ForceType text/plain
> <Limit GET PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE
> LOCK UNLOCK>
> Require group cn=webdav.soan, ou=webdav, o=linfield.edu
> </Limit>
> AllowOverride None
> </Location>
>
> What changes are necessary to use this with Apache 2.2.4 and
> mod_authnz_ldap.c?
>
> Thanks,
> Rob
>
>
>
What works for us is (I have anon bind enabled):
<Directory "/path-to-htdocs/ldap-secured">
Options FollowSymLinks
AllowOverride None
AuthName "LDAP authentication"
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPURL "ldap://localhost:389/o=your_own_base?uid?sub?"
require valid-user
</Directory>
--
°(((=((===°°°(((===========================================