httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matt Bockol <mboc...@carleton.edu>
Subject Re: [users@httpd] LDAP authentification from 2.0 to 2.2
Date Mon, 24 Apr 2006 18:12:45 GMT
Hi Matteo,

I've run into the same error, here's an example config that works for us:

<Location /test>
  AuthType Basic
  AuthName "LDAP Auth"
  AuthBasicProvider ldap
  AuthLDAPBindDN cn=blah,dc=blah2,dc=blah3
  AuthLDAPBindPassword "************"
  AuthLDAPURL "ldaps://similar to yours"
  AuthzLDAPAuthoritative off
  Require valid-user
</Location>

It's something about the AuthType Basic expecting a htpasswd file when 
using it with require valid-user, but I don't completely understand how 
these are supposed to mix and match with the new 2.2.0 auth configs.

Matt




Matteo Corti wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
> I posted the same question on alt.apache.configuration some time ago  
> but got
> no answer and decided to try also here.
>
> I am setting up a test server with apache 2.2.0 and having trouble  
> with LDAP
> authentification.
>
> This is (or was in 2.0) my configuration:
>
> <Location /test>
>   SSLRequireSSL
>
>   Options Indexes FollowSymLinks
>
>   # LDAP
>   AuthLDAPURL "ldaps://1.example.com 2.example.com
>     3.example.com/ou=users,ou=id,ou=auth,
>     o=example,c=com?uid?one?(objectClass=*)"
>   AuthLDAPBindDN
>     "CN=linuxlo_proxy,OU=admins,OU=id,OU=auth,O=example,C=com"
>   AuthLDAPBindPassword "**********"
>   AuthzLDAPAuthoritative Off
>
>   # Authenticattion
>   Require valid-user
>   AuthType Basic
>   AuthName "Some text"
>
> </Location>
>
> Authentication fails with the following error:
>
>   [error] Internal error: pcfg_openfile() called with NULL filename
>   [error] [client 129.132.57.95] (9)Bad file descriptor: Could not
>     open password file: (null)
>
> I could agree on the fact the the passwd file cannot be opened since  
> there
> is none :-). My problem is: why Apache does not use LDAP but looks for a
> password file.
>
> Many thanks in advance,
>
> Matteo
>
> - -- Matteo Corti
> ETH Zurich -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (Darwin)
>
> iD8DBQFETPSTLEG/T0gggJsRAnV3AJ9xjdHENHgqtkjI+AQgV/wj+E21XACgtmWn
> o7oXn90wqPibVjFnvA/2sS0=
> =Lx0c
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server 
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>


Mime
View raw message