You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Andrew Sanderson <am...@sdsc.edu> on 2003/01/28 00:47:51 UTC

[users@httpd] Re: encrypted LDAP transaction from the webserver to the LDAP server

Saqib,

We have recently gottne this working using the mod_auth_ldap module that
comes with Apache 2.0  You will need the latest version: 2.0.44, as well
as either the OpenLDAP libraries, or the Sun Netscape LDAP libraries,
availiable here:

http://wwws.sun.com/software/download/developer/5176.html

http://www.openldap.org/

I needed to do the following for the Sun libraries, (openldap should be
similar)

Set the following environment variables:
LDFLAGS="-L/*PATHTO*/iplanet-ldap-sdk.5/lib
-R/*PATHTO*/iplanet-ldap-sdk.5/lib:/usr/local/lib"
CPPFLAGS="-I/*PATHTO*/iplanet-ldap-sdk.5/include"

Use the following configure options:
--enable-so \
--enable-mods-shared="ldap auth-ldap" \
--with-ldap \
--with-auth-ldap \
--with-ldap-lib=/*PATHTO*/iplanet-ldap-sdk.5/lib \
--with-ldap-include=/*PATHTO*/iplanet-ldap-sdk.5/include \


Then read the manual on how to connect to your ldap server using SSL.

http://httpd.apache.org/docs-2.0/mod/mod_auth_ldap.html


Good Luck!

-Andy




Date: Mon, 27 Jan 2003 13:59:39 -0800
To: users@httpd.apache.org
From: Saqib.N.Ali@seagate.com
Subject: encrypted LDAP transaction from the webserver to the LDAP server
Message-ID: <OF...@notes.seagate.com>

Hi All,

I have few apache webserver that talk to a LDAP server for authentication
and other data. I would like to encrypt all he traffic from the webserver
to the LDAP. I know there are LDAP auth module that support SSL. But there
are quite a few. Any suggestions what I sould be looking at, and which
module to use?

Thanks

P.S. I am not talking about client to webserver, I am talking about
webserver to LDAP server.

In Peace,
Saqib Ali
http://docbook.sc-icc.org





---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Re: encrypted LDAP transaction from the webserver to the LDAP server

Posted by Jacob Coby <jc...@listingbook.com>.

> Saqib,
>
> We have recently gottne this working using the mod_auth_ldap module that
> comes with Apache 2.0  You will need the latest version: 2.0.44, as well
> as either the OpenLDAP libraries, or the Sun Netscape LDAP libraries,
> availiable here:
>
> http://wwws.sun.com/software/download/developer/5176.html
>
> http://www.openldap.org/

You can also setup a secure tunnel pipes the unsecure TCP data through ssl
to the LDAP server. Check out http://www.stunnel.org/.  It can be made
transparent on Linux systems.

-Jacob


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org