You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Sam Theman <xr...@hotmail.com> on 2011/03/18 14:29:51 UTC
[users@httpd] Where are the step-by-step instructions for building apache 2.2.17
with LDAP authentication?
Hello,
Can anyone point me to some step-by-step directions on how to build apache 2.2.17 with openldap.... I am on Red Hat 4 2.6.9-89.35.1.ELsmp
Do I need to install openldap?
I tried to build apache as below.
./configure --prefix=/usr/local/apache2 --with-ssl=/u01/fipsssl
--enable-ssl -with-ldap --enable-ssl --enable-authnz-ldap --enable-ldap
--with-mpm=prefork
mod_ssl/2.2.17 compiled against Server: Apache/2.2.17, Library: OpenSSL/0.9.8r-fips
Everything
works fine, except when I go to do ldap authentication. The browser
pops up a username/password window, I enter my username/password and
then hit submit.... I get back "Internet
Explorer cannot display the webpage" and in the error log I see the
below segmentation fault.... but if I turn of ldap it works fine...:
Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection to child 2 established (server acctnew.nist.gov:7100)
[Thu Mar 17 14:47:04 2011] [info] Seeding PRNG with 136 bytes of entropy
[Thu Mar 17 14:47:04 2011] [info] Initial (No.1) HTTPS request received for child 2 (server acctnew.nist.gov:7100)
[Thu
Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection closed to
child 2 with unclean shutdown (server acctnew.nist.gov:7100)
[Thu Mar 17 14:47:10 2011] [info] [client 129.6.84.222] Connection to child 3 established (server acctnew.nist.gov:7100)
[Thu Mar 17 14:47:10 2011] [info] Seeding PRNG with 136 bytes of entropy
[Thu Mar 17 14:47:10 2011] [info] Initial (No.1) HTTPS request received for child 3 (server acctnew.nist.gov:7100)
[Thu Mar 17 14:47:11 2011] [notice] child pid 25625 exit signal Segmentation fault (11)
Thank you for any help!
Sam
Re: [users@httpd] Where are the step-by-step instructions for building apache 2.2.17 with LDAP authentication?
Posted by Igor Galić <i....@brainsware.org>.
----- Original Message -----
> On Fri, Mar 18, 2011 at 11:18 AM, Sam Theman <xr...@hotmail.com>
> wrote:
> > ....but after I build openldap with the special openssl, how do I
> > point
> > apache to use it rather than the system openssl?
>
> run srclib/apr-util/configure --help | grep ldap
>
> --with-ldap-include=path path to ldap include files with trailing
> slash
> --with-ldap-lib=path path to ldap lib file
> --with-ldap=library ldap library to use
>
> Possibly "--with-ldap=/path/to/openldap/prefix" is all you need to
> add.
Almost:
http://mail-archives.apache.org/mod_mbox/httpd-users/201103.mbox/browser
> >
> > Thanks, I think you are right, I tried non-ssl ldap bind, and it
> > worked
> > fine....
(How) Did you build OpenLDAP? Did you build it against the same OpenSSL?
i
--
Igor Galić
Tel: +43 (0) 664 886 22 883
Mail: i.galic@brainsware.org
URL: http://brainsware.org/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Where are the step-by-step instructions for
building apache 2.2.17 with LDAP authentication?
Posted by Jeff Trawick <tr...@gmail.com>.
On Fri, Mar 18, 2011 at 11:18 AM, Sam Theman <xr...@hotmail.com> wrote:
> ....but after I build openldap with the special openssl, how do I point
> apache to use it rather than the system openssl?
run srclib/apr-util/configure --help | grep ldap
--with-ldap-include=path path to ldap include files with trailing slash
--with-ldap-lib=path path to ldap lib file
--with-ldap=library ldap library to use
Possibly "--with-ldap=/path/to/openldap/prefix" is all you need to add.
>
> Thanks, I think you are right, I tried non-ssl ldap bind, and it worked
> fine....
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] Where are the step-by-step instructions for
building apache 2.2.17 with LDAP authentication?
Posted by Sam Theman <xr...@hotmail.com>.
actually, I also need to know how do you build openldap with openssl... I don't see any option to use a particluar openssl
From: xray316@hotmail.com
To: users@httpd.apache.org
Date: Fri, 18 Mar 2011 11:18:02 -0400
Subject: RE: [users@httpd] Where are the step-by-step instructions for building apache 2.2.17 with LDAP authentication?
....but after I build openldap with the special openssl, how do I point apache to use it rather than the system openssl?
Thanks, I think you are right, I tried non-ssl ldap bind, and it worked fine....
> Date: Fri, 18 Mar 2011 09:52:10 -0400
> From: trawick@gmail.com
> To: users@httpd.apache.org
> CC: xray316@hotmail.com
> Subject: Re: [users@httpd] Where are the step-by-step instructions for building apache 2.2.17 with LDAP authentication?
>
> On Fri, Mar 18, 2011 at 9:29 AM, Sam Theman <xr...@hotmail.com> wrote:
> > Hello,
> >
> > Can anyone point me to some step-by-step directions on how to build apache
> > 2.2.17 with openldap.... I am on Red Hat 4 2.6.9-89.35.1.ELsmp
> >
> > Do I need to install openldap?
>
> your build apparently found the system OpenLDAP
>
> my guess: you are using ldaps, and you need to build OpenLDAP yourself
> using your special OpenSSL build (the one used by mod_ssl)
>
> >
> >
> > I tried to build apache as below.
> >
> > ./configure --prefix=/usr/local/apache2 --with-ssl=/u01/fipsssl --enable-ssl
> > -with-ldap --enable-ssl --enable-authnz-ldap --enable-ldap
> > --with-mpm=prefork
> >
> > mod_ssl/2.2.17 compiled against Server: Apache/2.2.17, Library:
> > OpenSSL/0.9.8r-fips
> >
> > Everything works fine, except when I go to do ldap authentication. The
> > browser pops up a username/password window, I enter my username/password and
> > then hit submit.... I get back "Internet Explorer cannot display the
> > webpage" and in the error log I see the below segmentation fault.... but if
> > I turn of ldap it works fine...:
> >
> > Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection to child 2
> > established (server acctnew.nist.gov:7100)
> > [Thu Mar 17 14:47:04 2011] [info] Seeding PRNG with 136 bytes of entropy
> > [Thu Mar 17 14:47:04 2011] [info] Initial (No.1) HTTPS request received for
> > child 2 (server acctnew.nist.gov:7100)
> > [Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection closed to
> > child 2 with unclean shutdown (server acctnew.nist.gov:7100)
> > [Thu Mar 17 14:47:10 2011] [info] [client 129.6.84.222] Connection to child
> > 3 established (server acctnew.nist.gov:7100)
> > [Thu Mar 17 14:47:10 2011] [info] Seeding PRNG with 136 bytes of entropy
> > [Thu Mar 17 14:47:10 2011] [info] Initial (No.1) HTTPS request received for
> > child 3 (server acctnew.nist.gov:7100)
> > [Thu Mar 17 14:47:11 2011] [notice] child pid 25625 exit signal Segmentation
> > fault (11)
> >
> > Thank you for any help!
> > Sam
>
>
>
> --
> Born in Roswell... married an alien...
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
RE: [users@httpd] Where are the step-by-step instructions for
building apache 2.2.17 with LDAP authentication?
Posted by Sam Theman <xr...@hotmail.com>.
....but after I build openldap with the special openssl, how do I point apache to use it rather than the system openssl?
Thanks, I think you are right, I tried non-ssl ldap bind, and it worked fine....
> Date: Fri, 18 Mar 2011 09:52:10 -0400
> From: trawick@gmail.com
> To: users@httpd.apache.org
> CC: xray316@hotmail.com
> Subject: Re: [users@httpd] Where are the step-by-step instructions for building apache 2.2.17 with LDAP authentication?
>
> On Fri, Mar 18, 2011 at 9:29 AM, Sam Theman <xr...@hotmail.com> wrote:
> > Hello,
> >
> > Can anyone point me to some step-by-step directions on how to build apache
> > 2.2.17 with openldap.... I am on Red Hat 4 2.6.9-89.35.1.ELsmp
> >
> > Do I need to install openldap?
>
> your build apparently found the system OpenLDAP
>
> my guess: you are using ldaps, and you need to build OpenLDAP yourself
> using your special OpenSSL build (the one used by mod_ssl)
>
> >
> >
> > I tried to build apache as below.
> >
> > ./configure --prefix=/usr/local/apache2 --with-ssl=/u01/fipsssl --enable-ssl
> > -with-ldap --enable-ssl --enable-authnz-ldap --enable-ldap
> > --with-mpm=prefork
> >
> > mod_ssl/2.2.17 compiled against Server: Apache/2.2.17, Library:
> > OpenSSL/0.9.8r-fips
> >
> > Everything works fine, except when I go to do ldap authentication. The
> > browser pops up a username/password window, I enter my username/password and
> > then hit submit.... I get back "Internet Explorer cannot display the
> > webpage" and in the error log I see the below segmentation fault.... but if
> > I turn of ldap it works fine...:
> >
> > Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection to child 2
> > established (server acctnew.nist.gov:7100)
> > [Thu Mar 17 14:47:04 2011] [info] Seeding PRNG with 136 bytes of entropy
> > [Thu Mar 17 14:47:04 2011] [info] Initial (No.1) HTTPS request received for
> > child 2 (server acctnew.nist.gov:7100)
> > [Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection closed to
> > child 2 with unclean shutdown (server acctnew.nist.gov:7100)
> > [Thu Mar 17 14:47:10 2011] [info] [client 129.6.84.222] Connection to child
> > 3 established (server acctnew.nist.gov:7100)
> > [Thu Mar 17 14:47:10 2011] [info] Seeding PRNG with 136 bytes of entropy
> > [Thu Mar 17 14:47:10 2011] [info] Initial (No.1) HTTPS request received for
> > child 3 (server acctnew.nist.gov:7100)
> > [Thu Mar 17 14:47:11 2011] [notice] child pid 25625 exit signal Segmentation
> > fault (11)
> >
> > Thank you for any help!
> > Sam
>
>
>
> --
> Born in Roswell... married an alien...
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
Re: [users@httpd] Where are the step-by-step instructions for
building apache 2.2.17 with LDAP authentication?
Posted by Jeff Trawick <tr...@gmail.com>.
On Fri, Mar 18, 2011 at 9:29 AM, Sam Theman <xr...@hotmail.com> wrote:
> Hello,
>
> Can anyone point me to some step-by-step directions on how to build apache
> 2.2.17 with openldap.... I am on Red Hat 4 2.6.9-89.35.1.ELsmp
>
> Do I need to install openldap?
your build apparently found the system OpenLDAP
my guess: you are using ldaps, and you need to build OpenLDAP yourself
using your special OpenSSL build (the one used by mod_ssl)
>
>
> I tried to build apache as below.
>
> ./configure --prefix=/usr/local/apache2 --with-ssl=/u01/fipsssl --enable-ssl
> -with-ldap --enable-ssl --enable-authnz-ldap --enable-ldap
> --with-mpm=prefork
>
> mod_ssl/2.2.17 compiled against Server: Apache/2.2.17, Library:
> OpenSSL/0.9.8r-fips
>
> Everything works fine, except when I go to do ldap authentication. The
> browser pops up a username/password window, I enter my username/password and
> then hit submit.... I get back "Internet Explorer cannot display the
> webpage" and in the error log I see the below segmentation fault.... but if
> I turn of ldap it works fine...:
>
> Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection to child 2
> established (server acctnew.nist.gov:7100)
> [Thu Mar 17 14:47:04 2011] [info] Seeding PRNG with 136 bytes of entropy
> [Thu Mar 17 14:47:04 2011] [info] Initial (No.1) HTTPS request received for
> child 2 (server acctnew.nist.gov:7100)
> [Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection closed to
> child 2 with unclean shutdown (server acctnew.nist.gov:7100)
> [Thu Mar 17 14:47:10 2011] [info] [client 129.6.84.222] Connection to child
> 3 established (server acctnew.nist.gov:7100)
> [Thu Mar 17 14:47:10 2011] [info] Seeding PRNG with 136 bytes of entropy
> [Thu Mar 17 14:47:10 2011] [info] Initial (No.1) HTTPS request received for
> child 3 (server acctnew.nist.gov:7100)
> [Thu Mar 17 14:47:11 2011] [notice] child pid 25625 exit signal Segmentation
> fault (11)
>
> Thank you for any help!
> Sam
--
Born in Roswell... married an alien...
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Where are the step-by-step instructions for
building apache 2.2.17 with LDAP authentication?
Posted by Ezra Taylor <ez...@gmail.com>.
Sam:
I suggest you learn openldap first, then proceed to configuring
Openldap and Apache. Also, you are using a very old version of Redhat. You
can download Centos, which is a RHEL(Redhat Enterprise Linux) clone. The
site is www.centos.org. The openldap site is openldap.org. A
good tutorial for openldap http://www.zytrax.com/books/ldap/. These guys,
I think have done a great job explaining Openldap. Good luck.
On Fri, Mar 18, 2011 at 9:29 AM, Sam Theman <xr...@hotmail.com> wrote:
> Hello,
>
> Can anyone point me to some step-by-step directions on how to build apache
> 2.2.17 with openldap.... I am on Red Hat 4 2.6.9-89.35.1.ELsmp
>
> Do I need to install openldap?
>
>
> I tried to build apache as below.
>
> ./configure --prefix=/usr/local/apache2 --with-ssl=/u01/fipsssl
> --enable-ssl -with-ldap --enable-ssl --enable-authnz-ldap --enable-ldap
> --with-mpm=prefork
>
> mod_ssl/2.2.17 compiled against Server: Apache/2.2.17, Library:
> OpenSSL/0.9.8r-fips
>
> Everything works fine, except when I go to do ldap authentication. The
> browser pops up a username/password window, I enter my username/password and
> then hit submit.... I get back "Internet Explorer cannot display the
> webpage" and in the error log I see the below segmentation fault.... but if
> I turn of ldap it works fine...:
>
> Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection to child
> 2 established (server acctnew.nist.gov:7100)
> [Thu Mar 17 14:47:04 2011] [info] Seeding PRNG with 136 bytes of entropy
> [Thu Mar 17 14:47:04 2011] [info] Initial (No.1) HTTPS request received for
> child 2 (server acctnew.nist.gov:7100)
> [Thu Mar 17 14:47:04 2011] [info] [client 129.6.84.222] Connection closed
> to child 2 with unclean shutdown (server acctnew.nist.gov:7100)
> [Thu Mar 17 14:47:10 2011] [info] [client 129.6.84.222] Connection to child
> 3 established (server acctnew.nist.gov:7100)
> [Thu Mar 17 14:47:10 2011] [info] Seeding PRNG with 136 bytes of entropy
> [Thu Mar 17 14:47:10 2011] [info] Initial (No.1) HTTPS request received for
> child 3 (server acctnew.nist.gov:7100)
> [Thu Mar 17 14:47:11 2011] [notice] child pid 25625 exit signal
> Segmentation fault (11)
>
> Thank you for any help!
> Sam
>
--
Ezra Taylor