You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Joe Seeley <jo...@gmail.com> on 2007/08/16 16:50:04 UTC
[users@httpd] Apache LDAP authentication prompts multiple times for login/password.
I am reposting this since I have not found a solution and never got a reply
on the original post. I've seen through Google others with the same
problem, but never a solution. I'm hopeful that someone knows what's going
on...
I am trying to use Apache LDAP authentication and proxying to make sure
users exist in our LDAP repository. This is working, but the user is always
prompted to login multiple times. In Firefox the users are prompted twice
for their login; in IE the users are prompted three times for their login.
My conf file looks something like this.
ProxyRequests Off
ProxyPass / http://localhost:5000/
ProxyPassReverse / http://localhost:5000
ProxyHTMLURLMap http://localhost:5000 http://1.2.3.4
ProxyHTMLURLMap http://localhost:5000 http://1.2.3.5
<Location />
ProxyPassReverse http://localhost:5000
SetOutputFilter proxy-html
ProxyHTMLURLMap / /
AuthLDAPEnabled on
AuthLDAPAuthoritative on
AuthLDAPURL "ladp://myserver:3268/DC=FOO
,DC=BAR,DC=COM?sAMAccountName?sub?"
AuthLDAPBindDN 'ldapuser@foo.bar.com"
AuthLDAPBindPassword "password"
AuthType Basic
AuthName "Login in using your domain login."
require valid-user
</Location>
If you see a mistake in my conf file, or understand why this is prompting
for multiple logins I would appreciate any advice.
Thanks,
Joe
Re: [users@httpd] Apache LDAP authentication prompts multiple times for login/password.
Posted by Eric Covener <co...@gmail.com>.
Are you redirecting to different parts of the URL space and/or between
different virtualhosts/protcools? The access log can probably tell
you if this is the case.
--
Eric Covener
covener@gmail.com
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache LDAP authentication prompts multiple times for login/password.
Posted by Joe Seeley <jo...@gmail.com>.
>
> > Strange, it almost seems like the creds aren't being cached, but if it
> > is only 2 or 3 times, that can't be the case. Are you loading both
> > mod_ldap and mod_authnz_ldap? Can you test without the proxy parts?
I'm using mod_ldap and mod_auth_ldap. Due to the way the app is setup it
will not allow access without the proxy. This is a COTS product I'm working
with so that complicates it a bit.
Not much help I'm afraid...
>
> nick
>
> --
> Nick Owen
> WiKID Systems, Inc.
> 404.962.8983
> http://www.wikidsystems.com
> Commercial/Open Source Two-Factor Authentication
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
--
Joiey Seeley
Software Engineer
Home: (319)265-7876
Cell: (319)329-8552
Email: joiey.seeley@gmail.com
Re: [users@httpd] Apache LDAP authentication prompts multiple times for login/password.
Posted by Nick Owen <no...@wikidsystems.com>.
On 8/16/07, Joe Seeley <jo...@gmail.com> wrote:
> I am reposting this since I have not found a solution and never got a reply
> on the original post. I've seen through Google others with the same
> problem, but never a solution. I'm hopeful that someone knows what's going
> on...
>
> I am trying to use Apache LDAP authentication and proxying to make sure
> users exist in our LDAP repository. This is working, but the user is always
> prompted to login multiple times. In Firefox the users are prompted twice
> for their login; in IE the users are prompted three times for their login.
>
> My conf file looks something like this.
>
> ProxyRequests Off
> ProxyPass / http://localhost:5000/
> ProxyPassReverse / http://localhost:5000
> ProxyHTMLURLMap http://localhost:5000 http://1.2.3.4
> ProxyHTMLURLMap http://localhost:5000 http://1.2.3.5
>
> <Location />
> ProxyPassReverse http://localhost:5000
> SetOutputFilter proxy-html
> ProxyHTMLURLMap / /
> AuthLDAPEnabled on
> AuthLDAPAuthoritative on
> AuthLDAPURL "ladp://myserver:3268/DC=FOO
> ,DC=BAR,DC=COM?sAMAccountName?sub?"
> AuthLDAPBindDN 'ldapuser@foo.bar.com"
> AuthLDAPBindPassword "password"
> AuthType Basic
> AuthName "Login in using your domain login."
> require valid-user
> </Location>
>
> If you see a mistake in my conf file, or understand why this is prompting
> for multiple logins I would appreciate any advice.
>
> Thanks,
> Joe
Strange, it almost seems like the creds aren't being cached, but if it
is only 2 or 3 times, that can't be the case. Are you loading both
mod_ldap and mod_authnz_ldap? Can you test without the proxy parts?
Not much help I'm afraid...
nick
--
Nick Owen
WiKID Systems, Inc.
404.962.8983
http://www.wikidsystems.com
Commercial/Open Source Two-Factor Authentication
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org