httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: [users@httpd] Regarding OpenLDAP Access From Apache
Date Fri, 18 Sep 2009 11:13:32 GMT
On Fri, Sep 18, 2009 at 1:55 AM, Asimananda Mohanty
<asimananda.mohanty@gmail.com> wrote:
> Hi All,
> I am a new member in this group. I am facing an issue regarding openLDAP
> access from apache http server and here are the details.
> 1. I have configured a openLDAP server configured with gnutls as can be seen
> below :
> ========================================
> ldd slapd
>         linux-gate.so.1 =>  (0xb7f6d000)
>         libldap_r-2.4.so.2 => /usr/lib/libldap_r-2.4.so.2 (0xb7f19000)
>         liblber-2.4.so.2 => /usr/lib/liblber-2.4.so.2 (0xb7f0b000)
>         libdb-4.7.so => /usr/lib/libdb-4.7.so (0xb7db6000)
>         libodbc.so.1 => /usr/lib/libodbc.so.1 (0xb7d4f000)
>         libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0xb7d36000)
>         libslp.so.1 => /usr/lib/libslp.so.1 (0xb7d26000)
>         libnsl.so.1 => /lib/tls/i686/cmov/libnsl.so.1 (0xb7d0d000)
>         libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7cf5000)
>         libgnutls.so.26 => /usr/lib/libgnutls.so.26 (0xb7c57000)
>         libtasn1.so.3 => /usr/lib/libtasn1.so.3 (0xb7c45000)
>         libz.so.1 => /lib/libz.so.1 (0xb7c2f000)
>         libgcrypt.so.11 => /lib/libgcrypt.so.11 (0xb7bc6000)
>         libcrypt.so.1 => /lib/tls/i686/cmov/libcrypt.so.1 (0xb7b94000)
>         libresolv.so.2 => /lib/tls/i686/cmov/libresolv.so.2 (0xb7b7d000)
>         libltdl.so.7 => /usr/lib/libltdl.so.7 (0xb7b74000)
>         libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0xb7b70000)
>         libwrap.so.0 => /lib/libwrap.so.0 (0xb7b67000)
>         libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7a04000)
>         /lib/ld-linux.so.2 (0xb7f6e000)
>         libgpg-error.so.0 => /lib/libgpg-error.so.0 (0xb7a00000)
> ========================================
> 2. I have my apache http server sitting on a solaris 10 x86 machine. The
> httpd.conf details are below (related to LDAP).
> ========================================
>                 <Location />
>                     SSLRequireSSL
>                     AuthType Basic
>                     AuthLDAPEnabled on
>                     AuthLDAPUrl
> ldap://xxx.xxx.xxx.xxx:389/dc=ldapcompany,dc=com?uid,AppAttr?sub?(AppAttr=*)
>                     AuthLDAPBindDN cn=admin,dc=ldapcompany,dc=com
>                     AuthLDAPBindPassword 12345678
>                     AuthName realm1
>                     Require valid-user
>                 </Location>
> ========================================
> 3. I need to access the application GUI through apache and the user
> authentication happens through LDAP. AppAttr is an user defined attribute
> that controls the kind of controls the user can see on the GUI, e.g. admin
> user can see all the controls and so on.
> 4. With the above settings in httpd.conf, the GUI access happens without any
> issues.
> 5. The time I change the "ldap" to "ldaps" in AuthLDAPUrl, GUI access
> doesn't happen.

Apache needs to be configured to trust the certificate presented by
the LDAP server.  See the cert-related directives in the manual.


-- 
Eric Covener
covener@gmail.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message