httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <ldescotte....@orange-ftgroup.com>
Subject RE: [users@httpd] LDAP authnz with SSL
Date Wed, 02 Jun 2010 09:06:00 GMT
Here is the error i'm getting when i try to contact LDAP server with SSL
: 
 
 [warn] [client ****] [12740] auth_ldap authenticate: user ***
authentication failed; URI server2 [LDAP: ldap_simple_bind_s()
failed][Can't contact LDAP server]
 
Thanks
 
Loic

________________________________

From: ldescotte.ext@orange-ftgroup.com
[mailto:ldescotte.ext@orange-ftgroup.com] 
Sent: mercredi 2 juin 2010 10:59
To: users@httpd.apache.org
Subject: [users@httpd] LDAP authnz with SSL


Hello,
 
I use authnz_ldap_module in my apache server configuration to verify
authorizations in LDAP before forwarding the http request to another
server (i use apache as a reverse proxy).
I have no problem to access to LDAP in http mode, but it doesn't work
with SSL. 
 
My conf looks like this : 
 
<Location server2>
ProxyPass http://server2/
ProxyPassReverse  http://server2
AuthType basic
AuthName server2
AuthBasicProvider ldap
AuthLDAPUrl "ldaps://ldap:636/ou=**,dc=**" NONE
AuthLDAPBindDN "cn=**,dc=**"
AuthLDAPBindPassword **
Require valid-user
Require ldap-filter &(**)(**)
Allow from all
</Location>

So before forwarding to server2, i verify that the user is allowed to go
to server 2 in LDAP.
This works very well if use "ldap"  instead of ldaps in the URL, and
port 389 instead of 636. I don't know why it doesn't work with a secure
connection.
If i use the same parameters (ldaps, port 636) with JXplorer LDAP
client, i can connect to the LDAP server successfully, so the server is
configured correctly to accept secure connections. 
 
NB : i have activated the mod_ssl module in my httpd conf.
 
Do you have an idea for this?
 
Thanks 
 
Loic
 

Mime
View raw message