httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <>
Subject RE: [users@httpd] LDAP authnz with SSL
Date Wed, 02 Jun 2010 09:06:00 GMT
Here is the error i'm getting when i try to contact LDAP server with SSL
 [warn] [client ****] [12740] auth_ldap authenticate: user ***
authentication failed; URI server2 [LDAP: ldap_simple_bind_s()
failed][Can't contact LDAP server]


Sent: mercredi 2 juin 2010 10:59
Subject: [users@httpd] LDAP authnz with SSL

I use authnz_ldap_module in my apache server configuration to verify
authorizations in LDAP before forwarding the http request to another
server (i use apache as a reverse proxy).
I have no problem to access to LDAP in http mode, but it doesn't work
with SSL. 
My conf looks like this : 
<Location server2>
ProxyPass http://server2/
ProxyPassReverse  http://server2
AuthType basic
AuthName server2
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap:636/ou=**,dc=**" NONE
AuthLDAPBindDN "cn=**,dc=**"
AuthLDAPBindPassword **
Require valid-user
Require ldap-filter &(**)(**)
Allow from all

So before forwarding to server2, i verify that the user is allowed to go
to server 2 in LDAP.
This works very well if use "ldap"  instead of ldaps in the URL, and
port 389 instead of 636. I don't know why it doesn't work with a secure
If i use the same parameters (ldaps, port 636) with JXplorer LDAP
client, i can connect to the LDAP server successfully, so the server is
configured correctly to accept secure connections. 
NB : i have activated the mod_ssl module in my httpd conf.
Do you have an idea for this?

View raw message