httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Asimananda Mohanty <asimananda.moha...@gmail.com>
Subject Re: [users@httpd] Regarding OpenLDAP Access From Apache
Date Mon, 21 Sep 2009 04:21:04 GMT
Hi Eric,
Thanks for the reply.
In my case, the apache is built with openldap lib. I hope, in this case, it
shouldn't have shown any issues, please correct me if I am wrong.

Regards
Asimananda

On Fri, Sep 18, 2009 at 4:43 PM, Eric Covener <covener@gmail.com> wrote:

> On Fri, Sep 18, 2009 at 1:55 AM, Asimananda Mohanty
> <asimananda.mohanty@gmail.com> wrote:
> > Hi All,
> > I am a new member in this group. I am facing an issue regarding openLDAP
> > access from apache http server and here are the details.
> > 1. I have configured a openLDAP server configured with gnutls as can be
> seen
> > below :
> > ========================================
> > ldd slapd
> >         linux-gate.so.1 =>  (0xb7f6d000)
> >         libldap_r-2.4.so.2 => /usr/lib/libldap_r-2.4.so.2 (0xb7f19000)
> >         liblber-2.4.so.2 => /usr/lib/liblber-2.4.so.2 (0xb7f0b000)
> >         libdb-4.7.so => /usr/lib/libdb-4.7.so (0xb7db6000)
> >         libodbc.so.1 => /usr/lib/libodbc.so.1 (0xb7d4f000)
> >         libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0
> (0xb7d36000)
> >         libslp.so.1 => /usr/lib/libslp.so.1 (0xb7d26000)
> >         libnsl.so.1 => /lib/tls/i686/cmov/libnsl.so.1 (0xb7d0d000)
> >         libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7cf5000)
> >         libgnutls.so.26 => /usr/lib/libgnutls.so.26 (0xb7c57000)
> >         libtasn1.so.3 => /usr/lib/libtasn1.so.3 (0xb7c45000)
> >         libz.so.1 => /lib/libz.so.1 (0xb7c2f000)
> >         libgcrypt.so.11 => /lib/libgcrypt.so.11 (0xb7bc6000)
> >         libcrypt.so.1 => /lib/tls/i686/cmov/libcrypt.so.1 (0xb7b94000)
> >         libresolv.so.2 => /lib/tls/i686/cmov/libresolv.so.2 (0xb7b7d000)
> >         libltdl.so.7 => /usr/lib/libltdl.so.7 (0xb7b74000)
> >         libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0xb7b70000)
> >         libwrap.so.0 => /lib/libwrap.so.0 (0xb7b67000)
> >         libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0xb7a04000)
> >         /lib/ld-linux.so.2 (0xb7f6e000)
> >         libgpg-error.so.0 => /lib/libgpg-error.so.0 (0xb7a00000)
> > ========================================
> > 2. I have my apache http server sitting on a solaris 10 x86 machine. The
> > httpd.conf details are below (related to LDAP).
> > ========================================
> >                 <Location />
> >                     SSLRequireSSL
> >                     AuthType Basic
> >                     AuthLDAPEnabled on
> >                     AuthLDAPUrl
> >
> ldap://xxx.xxx.xxx.xxx:389/dc=ldapcompany,dc=com?uid,AppAttr?sub?(AppAttr=*)
> >                     AuthLDAPBindDN cn=admin,dc=ldapcompany,dc=com
> >                     AuthLDAPBindPassword 12345678
> >                     AuthName realm1
> >                     Require valid-user
> >                 </Location>
> > ========================================
> > 3. I need to access the application GUI through apache and the user
> > authentication happens through LDAP. AppAttr is an user defined attribute
> > that controls the kind of controls the user can see on the GUI, e.g.
> admin
> > user can see all the controls and so on.
> > 4. With the above settings in httpd.conf, the GUI access happens without
> any
> > issues.
> > 5. The time I change the "ldap" to "ldaps" in AuthLDAPUrl, GUI access
> > doesn't happen.
>
> Apache needs to be configured to trust the certificate presented by
> the LDAP server.  See the cert-related directives in the manual.
>
>
> --
> Eric Covener
> covener@gmail.com
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

Mime
View raw message