You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2009/08/06 02:57:14 UTC
DO NOT REPLY [Bug 47651] New: HTTP does not authenticate with LDAP
https://issues.apache.org/bugzilla/show_bug.cgi?id=47651
Summary: HTTP does not authenticate with LDAP
Product: Apache httpd-2
Version: 2.0.52
Platform: All
OS/Version: Linux
Status: NEW
Severity: major
Priority: P2
Component: mod_auth_ldap
AssignedTo: bugs@httpd.apache.org
ReportedBy: kkhagani@stec-inc.com
--- Comment #0 from Kathy Khaghani <kk...@stec-inc.com> 2009-08-05 17:57:12 PDT ---
Hi,
I need to have http authenticate users with my Active directory. I have tried
several scenarios, with no luck. Here is the jest of the problem:
Location /var/www/html/test/>
#AuthLDAPEnabled on
AuthName "MIS Subversion Repositories"
AuthType Basic
AuthzLDAPAuthoritative on
#require dn
AuthLDAPURL ldap://ldapserver:3268
AuthzLDAPBindDN "CN=ldapuser,OU=-Service accts,DC=STEC-INC,DC=AD"
AuthzLDAPBindPassword "xxxxxx"
require valid-user
AuthzLDAPServer <ip address>:3268
AuthzLDAPMethod ldap
AuthzLDAPUserKey sAMAccountName
AuthzLDAPUserBase "DC=STEC-INC,DC=AD"
AuthzLDAPUserScope subtree
AuthzLDAPAllowPassword on
Require user kkhagani
</Location>
The OS is: Red Hat Enterprise Linux ES release 4 (Nahant Update 8)
Right now when I access the server using the following. it dumps me right to
the index file without asking for passwd.
I also tried the following in my httpd.conf
Alias /test "/var/www/html/test"
<Directory /var/www/html/test>
AuthType basic
AuthName "MIS Subversion Repositories"
AuthzLDAPMethod ldap
AuthzLDAPAuthoritative on
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
AuthLDAPURL "ldap://ldapserver:3268/ou=-Service
accts,dc=STEC-INC,dc=AD?sAMAccountName?sub?(objectClass=*)"
require ldap-group cn=ldapuser,ou=-Service accts,OU=-All
Groups,dc=STEC-INC,dc=AD
</Directory>
now I get the login request but do not get authenticated, instead i get this
error:
Authorization Required
This server could not verify that you are authorized to access the document
requested. Either you supplied the wrong credentials (e.g., bad password), or
your browser doesn't understand how to supply the credentials required.
--------------------------------------------------------------------------------
Apache/2.0.52 (Red Hat) Server at <ip addres> port 80
Also my error_log says:
[Wed Aug 05 15:43:32 2009] [warn] [client xx.xxx.xxx.xx] [3416] auth_ldap
authenticate: user kkhagani authentication failed; URI /test
[ldap_search_ext_s() for user failed][Operations error]
Thank you
Kathy
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 47651] HTTP does not authenticate with LDAP
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=47651
Eric Covener <co...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
--- Comment #1 from Eric Covener <co...@gmail.com> 2009-08-05 18:07:33 PDT ---
Bugzilla is for bugs, not configuration assistance. Try the users mailing list.
You also don't seem to be using the LDAP module distributed with Apache, so
you'll probably get limited help beyond general debugging there.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org