You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Darly Senecal Baptiste <ds...@gmail.com> on 2014/06/05 22:26:19 UTC
[users] Basic Login as domain\username
Hi Community:
I had implemented a git repository server and its authentication is
Basic (*AuthType
Basic*).This type of authentication allows users to login with their
username and password through the LDAP server.
However, there are some service accounts (Thank you windows) that needs to
authenticate as domain\username. Looking on some forums, there are some
settings that use the* AuthType NTLM. *My fear is that if i implement the
NTLM for just a group of account, then the rest of the users will be forced
(... and frustrated ...) to type domain\username.
Is there a way in apache that allows service accounts to access as
domain\username and other users to authenticate as username?
Thanks
Re: [users] Re: Basic Login as domain\username
Posted by Darly Senecal Baptiste <ds...@gmail.com>.
Hello,
I was able to implement and to change the incoming username and to update
it for real login. A new perl module has to be written
Here is the perl code:
sub handler
> {
> my $r = shift;
> my $c = $r->connection;
>
> my $auth_header = $r->headers_in->get('Authorization') || '';
> my $credentials = (split / /, $auth_header)[-1] || '';
> my ($username,$password) = split /:/,MIME::Base64::decode($credentials),
> 2;
>
> if (defined($username) && ( $username =~ /^([A-Za-z]+\\)/))
> {
> my @usr_parts = (split /\\/,$username);
> $username = lc($usr_parts[1]);
> }
> return DECLINED unless $username;
> $credentials = MIME::Base64::encode(join(':',$username,$password));
> $r->headers_in->set(Authorization =>"Basic $credentials");
> #Procced to login to the system.
> return OK;
> }
> 1;
Then at Apache conf file, you need to mention the module name of the code
Regards
On Wed, Jun 11, 2014 at 2:08 PM, Darly Senecal Baptiste <dsenecalb@gmail.com
> wrote:
> (Starting to walk at the waters of mod_perl). Is there is a way that
> mod_perl gathers the information from the login screen before performing
> the authentication session?
>
>
> On Tue, Jun 10, 2014 at 11:55 AM, Eric Covener <co...@gmail.com> wrote:
>
>> On Tue, Jun 10, 2014 at 11:53 AM, Darly Senecal Baptiste
>> <ds...@gmail.com> wrote:
>> > Hi Eric,
>> >
>> > What do you think about using the mod_perl module in terms of gather the
>> > domain\username and process modify in order to login as username?
>>
>> Probably feasible
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>
Re: [users] Re: Basic Login as domain\username
Posted by Darly Senecal Baptiste <ds...@gmail.com>.
(Starting to walk at the waters of mod_perl). Is there is a way that
mod_perl gathers the information from the login screen before performing
the authentication session?
On Tue, Jun 10, 2014 at 11:55 AM, Eric Covener <co...@gmail.com> wrote:
> On Tue, Jun 10, 2014 at 11:53 AM, Darly Senecal Baptiste
> <ds...@gmail.com> wrote:
> > Hi Eric,
> >
> > What do you think about using the mod_perl module in terms of gather the
> > domain\username and process modify in order to login as username?
>
> Probably feasible
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: [users] Re: Basic Login as domain\username
Posted by Eric Covener <co...@gmail.com>.
On Tue, Jun 10, 2014 at 11:53 AM, Darly Senecal Baptiste
<ds...@gmail.com> wrote:
> Hi Eric,
>
> What do you think about using the mod_perl module in terms of gather the
> domain\username and process modify in order to login as username?
Probably feasible
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users] Re: Basic Login as domain\username
Posted by Darly Senecal Baptiste <ds...@gmail.com>.
Hi Eric,
What do you think about using the mod_perl module in terms of gather the
domain\username and process modify in order to login as username?
On Fri, Jun 6, 2014 at 4:11 PM, Eric Covener <co...@gmail.com> wrote:
> On Fri, Jun 6, 2014 at 3:50 PM, Darly Senecal Baptiste
> <ds...@gmail.com> wrote:
> > What about in apache 2.2.3?
>
> I don't think so. I think you'd need to write a small module to strip
> (or add?) that prefix
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: [users] Re: Basic Login as domain\username
Posted by Eric Covener <co...@gmail.com>.
On Fri, Jun 6, 2014 at 3:50 PM, Darly Senecal Baptiste
<ds...@gmail.com> wrote:
> What about in apache 2.2.3?
I don't think so. I think you'd need to write a small module to strip
(or add?) that prefix
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users] Re: Basic Login as domain\username
Posted by Darly Senecal Baptiste <ds...@gmail.com>.
What about in apache 2.2.3?
On Fri, Jun 6, 2014 at 3:40 PM, Eric Covener <co...@gmail.com> wrote:
> On Fri, Jun 6, 2014 at 3:38 PM, Darly Senecal Baptiste
> <ds...@gmail.com> wrote:
> > Hi Community :
> >
> > Let's forget about NTLM module. It is a way to perform a Rewrite
> username?
> > Like using mod_rewrite?
> >
>
> 2.4's mod_authnz_ldap has specific stuff to alter the username
> specifically for this scenario.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: [users] Re: Basic Login as domain\username
Posted by Eric Covener <co...@gmail.com>.
On Fri, Jun 6, 2014 at 3:38 PM, Darly Senecal Baptiste
<ds...@gmail.com> wrote:
> Hi Community :
>
> Let's forget about NTLM module. It is a way to perform a Rewrite username?
> Like using mod_rewrite?
>
2.4's mod_authnz_ldap has specific stuff to alter the username
specifically for this scenario.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users] Re: Basic Login as domain\username
Posted by Darly Senecal Baptiste <ds...@gmail.com>.
Hi Community :
Let's forget about NTLM module. It is a way to perform a Rewrite username?
Like using mod_rewrite?
Thanks
On Thu, Jun 5, 2014 at 4:26 PM, Darly Senecal Baptiste <ds...@gmail.com>
wrote:
> Hi Community:
>
> I had implemented a git repository server and its authentication is Basic (*AuthType
> Basic*).This type of authentication allows users to login with their
> username and password through the LDAP server.
>
> However, there are some service accounts (Thank you windows) that needs to
> authenticate as domain\username. Looking on some forums, there are some
> settings that use the* AuthType NTLM. *My fear is that if i implement the
> NTLM for just a group of account, then the rest of the users will be forced
> (... and frustrated ...) to type domain\username.
>
> Is there a way in apache that allows service accounts to access as
> domain\username and other users to authenticate as username?
>
>
> Thanks
>
>
>
>