httpd-wiki-changes mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <>
Subject [Httpd Wiki] Update of "UseLDAPToPasswordProtectAFolder" by EricCovener
Date Fri, 12 Sep 2008 13:38:37 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.

The following page has been changed by EricCovener:

The comment on the change is:
this was actually a bug fixed in 2.2.6 nad later

  AuthType Basic
  AuthName LDAP_Auth_Test
  AuthBasicProvider ldap
- AuthzLDAPAuthoritative OFF
  AuthLDAPBindDN          cn=apacheldap,dc=mydomain,dc=com
  AuthLDAPBindPassword    letmein
  AuthLDAPURL ldap://localhost/dc=mydomain,dc=com?cn?sub
@@ -62, +61 @@

  ||!AuthType Basic|| ||This line tells apache to use Basic authentication.  This sends the
user's password in plain text and should normally only be used with SSL.||
  ||!AuthName LDAP_Auth_Test|| ||This is the realm name that will be displayed in the login
box presented by your browser.||
  ||!AuthBasicProvider ldap|| ||This line instructs apache to use only LDAP for authentication.
 You can have multiple entries on one line, if you want to use multiple methods, but that
is beyond the scope of this document.||
- ||AuthzLDAPAuthoritative OFF|| ||Having this switched 'ON' would prevent other authorization
modules from authenticating users.  This is necessary to allow the ''require valid-users''
below to work, since it is implemented by ''mod_authz_user''. In this example, we are only
using LDAP to authenticate users.||
  ||AuthLDAPBindDN|| ||Bind to the LDAP server for all operations using a specific user ID.
 In this case we will use ''cn=apacheldap,dc=mydomain,dc=com'' (this is the account we mentioned
earlier in the document).||
  ||AuthLDAP!BindPassword|| ||Bind to the LDAP server for all operations using a specific
password.  In this case '' 'letmein' ''||
  ||AuthLDAPURL ldap://localhost/dc=mydomain,dc=com?cn?sub|| ||This line tells Apache which
server and path to use to authenticate against.  In this example, Apache will check all entries
in the local LDAP server in the tree ''dc=mydomain,dc=com'' for an entry whose ''cn'' (common
name) field matches. This means when prompted by your browser for a username, you should enter
your full name. You could set this to ''sn'', ''uid'', or any other attribute which is present
in the LDAP entries. Note that the attribute does not have to be the one which is used for
the entry's distinguished name.||

View raw message