You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Joe Seeley <jo...@gmail.com> on 2007/08/13 18:05:07 UTC

[users@httpd] Authentication prompts multiple times for login

I am trying to use Apache LDAP authentication and proxying to make sure
users exist in our LDAP repository.  This is working, but the user is always
prompted to login multiple times.  In Firefox the users are prompted twice
for their login; in IE the users are prompted three times for their login.

My conf file looks something like this.

ProxyRequests Off
ProxyPass / http://localhost:5000/
ProxyPassReverse / http://localhost:5000
ProxyHTMLURLMap http://localhost:5000 http://1.2.3.4
ProxyHTMLURLMap http://localhost:5000 http://1.2.3.5

<Location />
  ProxyPassReverse http://localhost:5000
  SetOutputFilter proxy-html
  ProxyHTMLURLMap /     /
  AuthLDAPEnabled on
  AuthLDAPAuthoritative on
  AuthLDAPURL
"ladp://myserver:3268/DC=FOO,DC=BAR,DC=COM?sAMAccountName?sub?"
  AuthLDAPBindDN 'ldapuser@foo.bar.com"
  AuthLDAPBindPassword "password"
  AuthType Basic
  AuthName "Login in using your domain login."
  require valid-user
</Location>

If you see a mistake in my conf file, or understand why this is prompting
for multiple logins I would appreciate any advice.

Thanks,
         Joe

Re: [users@httpd] Authentication prompts multiple times for login

Posted by Joe Seeley <jo...@gmail.com>.

Anyone have any ideas on this?

On 8/13/07, Joe Seeley <jo...@gmail.com> wrote:
>
> > Why do you have <http://localhost:5000> ?
>
> The localhost proxypass is to make remote requests look like they are
> local requests.  The application needs to believe the requests are local to
> provide the proper response.
>
> > I assume from this that you are trying to bind and authenticate against
> > an AD server?
>
> Yes, I am trying to bind against an Active Directory server.
>
> Thanks,
>          Joe
>

Re: [users@httpd] Authentication prompts multiple times for login

Posted by Joe Seeley <jo...@gmail.com>.

> Why do you have <http://localhost:5000> ?

The localhost proxypass is to make remote requests look like they are local
requests.  The application needs to believe the requests are local to
provide the proper response.

> I assume from this that you are trying to bind and authenticate against
> an AD server?

Yes, I am trying to bind against an Active Directory server.

Thanks,
         Joe

Re: [users@httpd] Authentication prompts multiple times for login

Posted by Tony Stevenson <to...@pc-tony.com>.

Joe Seeley wrote:
> I am trying to use Apache LDAP authentication and proxying to make sure 
> users exist in our LDAP repository.  This is working, but the user is 
> always prompted to login multiple times.  In Firefox the users are 
> prompted twice for their login; in IE the users are prompted three times 
> for their login.
> 
> My conf file looks something like this.
> 
> ProxyRequests Off
> ProxyPass / http://localhost:5000/
> ProxyPassReverse / http://localhost:5000 <http://localhost:5000>

Why do you have <http://localhost:5000> ?

> ProxyHTMLURLMap http://localhost:5000 http://1.2.3.4
> ProxyHTMLURLMap http://localhost:5000 http://1.2.3.5
> 
> <Location />
>   ProxyPassReverse http://localhost:5000
>   SetOutputFilter proxy-html
>   ProxyHTMLURLMap /     /
>   AuthLDAPEnabled on
>   AuthLDAPAuthoritative on
>   AuthLDAPURL 
> "ladp://myserver:3268/DC=FOO,DC=BAR,DC=COM?sAMAccountName?sub?"

I assume from this that you are trying to bind and authenticate against 
an AD server?

>   AuthLDAPBindDN 'ldapuser@foo.bar.com <ma...@foo.bar.com>"

>   AuthLDAPBindPassword "password"
>   AuthType Basic
>   AuthName "Login in using your domain login."
>   require valid-user
> </Location>
> 
> If you see a mistake in my conf file, or understand why this is 
> prompting for multiple logins I would appreciate any advice.
> 
> Thanks,
>          Joe

Re: [users@httpd] Authentication prompts multiple times for login

Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.

On 13.08.07 11:05, Joe Seeley wrote:
> I am trying to use Apache LDAP authentication and proxying to make sure
> users exist in our LDAP repository.  This is working, but the user is always
> prompted to login multiple times.  In Firefox the users are prompted twice
> for their login; in IE the users are prompted three times for their login.

> ProxyRequests Off
> ProxyPass / http://localhost:5000/
> ProxyPassReverse / http://localhost:5000
> ProxyHTMLURLMap http://localhost:5000 http://1.2.3.4
> ProxyHTMLURLMap http://localhost:5000 http://1.2.3.5
> 
> <Location />
>   ProxyPassReverse http://localhost:5000
>   SetOutputFilter proxy-html
>   ProxyHTMLURLMap /     /
>   AuthLDAPEnabled on
>   AuthLDAPAuthoritative on
>   AuthLDAPURL
> "ladp://myserver:3268/DC=FOO,DC=BAR,DC=COM?sAMAccountName?sub?"
>   AuthLDAPBindDN 'ldapuser@foo.bar.com"
>   AuthLDAPBindPassword "password"
>   AuthType Basic
>   AuthName "Login in using your domain login."
>   require valid-user
> </Location>
> 
> If you see a mistake in my conf file, or understand why this is prompting
> for multiple logins I would appreciate any advice.

doesn't or don't the proxied servers require their own authentication?
-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
On the other hand, you have different fingers. 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org