Hi,
I am looking at LDAP module for Apache httpd for authentication. The 'yum install' gives me 'mod_authz_ldap.i386 0:0.26-9.el5_5.1', whereas on Apache documentation site I find mod_authNz_ldap module. Both modules appear to be different looking at available directives. Any clues or suggestions on which module should be used? Where can I find documentation for mod_authz_ldap?
-- CS.
I am looking at LDAP module for Apache httpd for authentication. The 'yum install' gives me 'mod_authz_ldap.i386 0:0.26-9.el5_5.1', whereas on Apache documentation site I find mod_authNz_ldap module. Both modules appear to be different looking at available directives. Any clues or suggestions on which module should be used? Where can I find documentation for mod_authz_ldap?
Look inside your httpd.conf file, it will answer that one for you. RHEL's httpd supports ldap auth as shipped.
On Tue, Jan 11, 2011 at 8:17 PM, Joseph L. Casale <jcasale@activenetwerx.com
wrote:
I am looking at LDAP module for Apache httpd for authentication. The 'yum install' gives me 'mod_authz_ldap.i386 0:0.26-9.el5_5.1', whereas on Apache documentation site I find mod_authNz_ldap module. Both modules appear to be different looking at available directives. Any clues or suggestions on which module should be used? Where can I find documentation for mod_authz_ldap?
Look inside your httpd.conf file, it will answer that one for you. RHEL's httpd supports ldap auth as shipped.
What I did in my httpd.conf file;
AuthName "Company" AuthType Basic AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthLDAPURL ldap://ldap1.company.com/ou=people,dc=company,dc=com?uid AuthLDAPURL ldap://ldap2.company.com/ou=people,dc=company,dc=com?uid Require valid-user
This brings up the apache dialogue window and does provide a good layer of security as if you don't authenticate, you don't even get the URL to phish for data.
- aurf
I am looking at LDAP module for Apache httpd for authentication. The 'yum install' gives me 'mod_authz_ldap.i386 0:0.26-9.el5_5.1', whereas on Apache documentation site I find mod_authNz_ldap module. Both
^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^
modules appear to be different looking at available directives. Any clues or suggestions on which module should be used? Where can I find documentation for mod_authz_ldap?
Look inside your httpd.conf file, it will answer that one for you. RHEL's httpd supports ldap auth as shipped.
What I did in my httpd.conf file;
/snip
Your question was about modules, in your httpd.conf you find a list of _modules_ it loads... That should remove the ambiguity around which documentation to follow.
See the line: LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
On Wed, Jan 12, 2011 at 11:28 AM, Joseph L. Casale jcasale@activenetwerx.com wrote:
I am looking at LDAP module for Apache httpd for authentication. The 'yum install' gives me 'mod_authz_ldap.i386 0:0.26-9.el5_5.1', whereas on Apache documentation site I find mod_authNz_ldap module. Both
^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^
modules appear to be different looking at available directives. Any clues or suggestions on which module should be used? Where can I find documentation for mod_authz_ldap?
Look inside your httpd.conf file, it will answer that one for you. RHEL's httpd supports ldap auth as shipped.
What I did in my httpd.conf file;
/snip
Your question was about modules, in your httpd.conf you find a list of _modules_ it loads... That should remove the ambiguity around which documentation to follow.
See the line: LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
Except that these are often in /etc/httpd/conf.d/[service].conf. This is certainly the case for mod_dav_svn and mod_perl and numerous other setups.
Don't edit /etc/httpd/conf/httpd.conf directly if you can safely avoid it: work in the module-specific configurations files, which makes the configurations a lot more, well, modular.
Look inside your httpd.conf file, it will answer that one for you. RHEL's httpd supports ldap auth as shipped.
/snip
See the line: LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
Except that these are often in /etc/httpd/conf.d/[service].conf. This is certainly the case for mod_dav_svn and mod_perl and numerous other setups.
As I said, it's in the file I directed him to because that is where the srpm was configured to put it. Anything you refer to you would be a module added after the fact.
On Wed, Jan 12, 2011 at 6:21 PM, Joseph L. Casale jcasale@activenetwerx.com wrote:
Look inside your httpd.conf file, it will answer that one for you. RHEL's httpd supports ldap auth as shipped.
/snip
See the line: LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
Except that these are often in /etc/httpd/conf.d/[service].conf. This is certainly the case for mod_dav_svn and mod_perl and numerous other setups.
As I said, it's in the file I directed him to because that is where the srpm was configured to put it. Anything you refer to you would be a module added after the fact. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Thanks for the responses. Should have looked at httpd.conf, didn't know it comes by default with httpd core.
CS.
On Sat, Jan 15, 2011 at 12:54 AM, Carlos S neubyr@gmail.com wrote:
On Wed, Jan 12, 2011 at 6:21 PM, Joseph L. Casale jcasale@activenetwerx.com wrote:
Look inside your httpd.conf file, it will answer that one for you. RHEL's httpd supports ldap auth as shipped.
/snip
See the line: LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
Except that these are often in /etc/httpd/conf.d/[service].conf. This is certainly the case for mod_dav_svn and mod_perl and numerous other setups.
As I said, it's in the file I directed him to because that is where the srpm was configured to put it. Anything you refer to you would be a module added after the fact.
Good point.
Thanks for the responses. Should have looked at httpd.conf, didn't know it comes by default with httpd core.
I meant to point him and other readers, to the other common location for loading such modules, *as well*. I wasn't clear. about that, and have run into a number of situations where admins ignored the standards and wound up with modules loaded in multiple places, or the wrong module because they didn't see the other one loaded.
-
aurf alien -
Carlos S -
Joseph L. Casale -
Nico Kadel-Garcia