httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Zac Morris <...@zacwolf.com>
Subject [users@httpd] mod_authnz_ldap.so module
Date Tue, 13 Mar 2007 20:54:45 GMT
Hi,

I need some help.  I've tried Goggle and some forums with no luck on
this one...

I've setup a win32 Apache 2.2.4 server, with the *mod_authnz_ldap*
module.  When I access a protected url I'm getting an Error 500 and the
error.log shows:

[Tue Mar 13 16:26:06 2007] [warn] [client 127.0.0.1] [5496] auth_ldap
authenticate: user devuser authentication failed; URI
/servframe/images/edit.gif [ldap_search_ext_s() for user
failed][Protocol Error]

I'm pointing at an OpenLDAP-2.2.23 repository (running on a different
server on the same subnet).


I've configured Tomcat in a similar way (pointing to the same ldap
repository via the:
    <Realm       className="org.apache.catalina.realm.JNDIRealm" debug="99"
                 connectionURL="ldap://192.168.1.2/"
                 userBase="ou=people,o=/{domain here}/"
                 userSearch="(uid={0})"
      />

...which is working just fine.


>From what few hints I'm finding online, it seems that the "protocol
error" can be seen depending on which LDAP SDKS were used during the
build of mod_authnz_ldap?  I've tried a couple different version of this
library from various sources all with no luck, and I don't have the
setup necessary to compile it on my own.

Is ANYONE familiar with this problem, and is there a simple way to fix it?

THANKS!
-Zac


P.S.  The relevant portion of httpd.conf

<IfModule authnz_ldap_module>
    LDAPSharedCacheSize 200000
    LDAPCacheEntries 1024
    LDAPCacheTTL 600
    LDAPOpCacheEntries 1024
    LDAPOpCacheTTL 600
</IfModule>
Alias /servframe "R:\servframe"
<Directory "R:\servframe">
     AllowOverride All
     order allow,deny
     allow from all
     AuthName "servframe"
     AuthType Basic
     AuthBasicProvider ldap
     AuthLDAPURL ldap://192.168.1.2:389/ou=people,o=/{domain 
here}/?uid?sub?(objectClass=*)
     AuthzLDAPAuthoritative off
     require valid-user
</Directory>

Mime
View raw message