You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Darly Senecal Baptiste <ds...@gmail.com> on 2014/06/06 21:38:55 UTC

[users] Re: Basic Login as domain\username

Hi Community :

Let's forget about NTLM module. It is a way to perform a Rewrite username?
Like using mod_rewrite?

Thanks


On Thu, Jun 5, 2014 at 4:26 PM, Darly Senecal Baptiste <ds...@gmail.com>
wrote:

> Hi Community:
>
> I had implemented a git repository server and its authentication is Basic (*AuthType
> Basic*).This type of authentication allows users to login with their
> username and password through the LDAP server.
>
> However, there are some service accounts (Thank you windows) that needs to
> authenticate as domain\username. Looking on some forums, there are some
> settings that use the* AuthType NTLM. *My fear is that if i implement the
> NTLM for just a group of account, then the rest of the users will be forced
> (... and frustrated ...) to type domain\username.
>
> Is there a way in apache that allows service accounts to access as
> domain\username and other users to authenticate as username?
>
>
> Thanks
>
>
>
>

Re: [users] Re: Basic Login as domain\username

Posted by Darly Senecal Baptiste <ds...@gmail.com>.

Hello,

I was able to implement and to change the incoming username and to update
it for real login. A new perl module has to be written

Here is the  perl code:


sub handler
> {
>   my $r = shift;
>   my $c = $r->connection;
>
>   my $auth_header = $r->headers_in->get('Authorization') || '';
>   my $credentials = (split / /, $auth_header)[-1] || '';
>   my ($username,$password) = split /:/,MIME::Base64::decode($credentials),
> 2;
>
>   if (defined($username) && ( $username =~ /^([A-Za-z]+\\)/))
>   {
>     my @usr_parts = (split /\\/,$username);
>     $username = lc($usr_parts[1]);
>   }
>   return DECLINED unless $username;
>   $credentials = MIME::Base64::encode(join(':',$username,$password));
>   $r->headers_in->set(Authorization =>"Basic $credentials");
>   #Procced to login to the system.
>   return OK;
> }
> 1;


Then at Apache conf file, you need to mention the module name of the code

Regards


On Wed, Jun 11, 2014 at 2:08 PM, Darly Senecal Baptiste <dsenecalb@gmail.com
> wrote:

> (Starting to walk at the waters of mod_perl). Is there is a way that
>  mod_perl gathers the information from the login screen before performing
> the authentication session?
>
>
> On Tue, Jun 10, 2014 at 11:55 AM, Eric Covener <co...@gmail.com> wrote:
>
>> On Tue, Jun 10, 2014 at 11:53 AM, Darly Senecal Baptiste
>> <ds...@gmail.com> wrote:
>> > Hi Eric,
>> >
>> > What do you think about using the mod_perl module in terms of gather the
>> > domain\username and process modify in order to login as username?
>>
>> Probably feasible
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>

Re: [users] Re: Basic Login as domain\username

Posted by Darly Senecal Baptiste <ds...@gmail.com>.

(Starting to walk at the waters of mod_perl). Is there is a way that
 mod_perl gathers the information from the login screen before performing
the authentication session?

On Tue, Jun 10, 2014 at 11:55 AM, Eric Covener <co...@gmail.com> wrote:

> On Tue, Jun 10, 2014 at 11:53 AM, Darly Senecal Baptiste
> <ds...@gmail.com> wrote:
> > Hi Eric,
> >
> > What do you think about using the mod_perl module in terms of gather the
> > domain\username and process modify in order to login as username?
>
> Probably feasible
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

Re: [users] Re: Basic Login as domain\username

Posted by Eric Covener <co...@gmail.com>.

On Tue, Jun 10, 2014 at 11:53 AM, Darly Senecal Baptiste
<ds...@gmail.com> wrote:
> Hi Eric,
>
> What do you think about using the mod_perl module in terms of gather the
> domain\username and process modify in order to login as username?

Probably feasible

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users] Re: Basic Login as domain\username

Posted by Darly Senecal Baptiste <ds...@gmail.com>.

Hi Eric,

What do you think about using the mod_perl module in terms of gather the
domain\username and process modify in order to login as username?

On Fri, Jun 6, 2014 at 4:11 PM, Eric Covener <co...@gmail.com> wrote:

> On Fri, Jun 6, 2014 at 3:50 PM, Darly Senecal Baptiste
> <ds...@gmail.com> wrote:
> > What about in apache 2.2.3?
>
> I don't think so. I think you'd need to write a small module to strip
> (or add?) that prefix
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

Re: [users] Re: Basic Login as domain\username

Posted by Eric Covener <co...@gmail.com>.

On Fri, Jun 6, 2014 at 3:50 PM, Darly Senecal Baptiste
<ds...@gmail.com> wrote:
> What about in apache 2.2.3?

I don't think so. I think you'd need to write a small module to strip
(or add?) that prefix

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users] Re: Basic Login as domain\username

Posted by Darly Senecal Baptiste <ds...@gmail.com>.

What about in apache 2.2.3?


On Fri, Jun 6, 2014 at 3:40 PM, Eric Covener <co...@gmail.com> wrote:

> On Fri, Jun 6, 2014 at 3:38 PM, Darly Senecal Baptiste
> <ds...@gmail.com> wrote:
> > Hi Community :
> >
> > Let's forget about NTLM module. It is a way to perform a Rewrite
> username?
> > Like using mod_rewrite?
> >
>
> 2.4's mod_authnz_ldap has specific stuff to alter the username
> specifically for this scenario.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

Re: [users] Re: Basic Login as domain\username

Posted by Eric Covener <co...@gmail.com>.

On Fri, Jun 6, 2014 at 3:38 PM, Darly Senecal Baptiste
<ds...@gmail.com> wrote:
> Hi Community :
>
> Let's forget about NTLM module. It is a way to perform a Rewrite username?
> Like using mod_rewrite?
>

2.4's mod_authnz_ldap has specific stuff to alter the username
specifically for this scenario.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org