httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Long <DL...@Lynden.com>
Subject RE: FW: [users@httpd] help on compile 2.2.17 with ldap support
Date Thu, 30 Dec 2010 17:10:31 GMT
Hi Rainer,
I followed those two document and corrected my configuration.
Now http started fine. But when I hit the restricted folder. I still got error.
Here is my error_log, parser fine but ldap initialization failed. How do I test my apache
ldap function? Or do I need to recompile my apr-util?

[Wed Dec 29 15:37:12 2010] [debug] mod_authnz_ldap.c(1010): [293] auth_ldap url parse: `ldap://128.1.10.243:389/ou=people,dc=lynden,dc=com?uid?sub?(objectClass=organizationalPerson)',
Host: 128.1.10.243:389, Port: 389, DN: ou=people,dc=lynden,dc=com, attrib: uid, scope: subtree,
filter: (objectClass=organizationalPerson), connection mode: not using SSL
[Wed Dec 29 15:37:12 2010] [debug] mod_authnz_ldap.c(403): [client 12.171.37.10] [293] auth_ldap
authenticate: using URL ldap://128.1.10.243:389/ou=people,dc=lynden,dc=com?uid?sub?(objectClass=organizationalPerson)
[Wed Dec 29 15:37:12 2010] [info] [client 12.171.37.10] [293] auth_ldap authenticate: user
dlong authentication failed; URI /EMU [LDAP: ldap initialization failed][Unknown error]

Thanks
David Long

-----Original Message-----
From: Rainer Jung [mailto:rainer.jung@kippdata.de] 
Sent: Tuesday, December 28, 2010 1:19 PM
To: users@httpd.apache.org
Subject: Re: FW: [users@httpd] help on compile 2.2.17 with ldap support

On 28.12.2010 20:15, David Long wrote:
> Hi Rainer,
> I downloaded apr 1.4.2 and apr-util 1.3.10
> For apr 1.4.2, I did "configure --prefix=/www/apache2/apr-httpd/"
> For apr util 1.3.10, I did "configure --prefix=/www/apache2/apr-util-httpd/ --with-apr=/www/apache2/apr-httpd/
--with-ldap"
>
> For httpd-2.2.17
> configure \
> "--prefix=/www/apache2" \
> "--with-apr=/www/apache2/apr-httpd/" \
> "--with-apr-util=/www/apache2/apr-util-httpd/" \
> "--enable-so" \
> "--enable-proxy" \
> "--enable-ssl" \
> "--enable-deflate" \
> "--enable-rewrite" \
> "--enable-headers" \
> "--enable-cgid" \
> "--enable-ldap" \
> "--enable-authnz-ldap" \
> "$@"
>
> All compiled and installed fine.
>
> But I got error when I started http,
> # bin/apachectl start
> Syntax error on line 115 of /www/apache2/conf/sites-enabled/www.lynden.com.conf:
> Invalid command 'LDAP_Server', perhaps misspelled or defined by a module not included
in the server configuration

That's true, there is no configuration directive named "LDAP_Server".

> I had line like "LDAP_Server 128.1.10.243" in config file.

So that is a configuration error.

See

http://httpd.apache.org/docs/2.2/en/mod/mod_ldap.html

and

http://httpd.apache.org/docs/2.2/en/mod/mod_authnz_ldap.html

> I checked "util_ldap.c" is in the httpd -l listing
> # /www/apache2/bin/httpd -l
> Compiled in modules:
>    core.c
>    mod_authn_file.c
>    mod_authn_default.c
>    mod_authz_host.c
>    mod_authz_groupfile.c
>    mod_authz_user.c
>    mod_authnz_ldap.c
>    mod_authz_default.c
>    mod_auth_basic.c
>    mod_include.c
>    mod_filter.c
>    mod_deflate.c
>    util_ldap.c

Correct. This is (unfortunately) the name of mod_ldap when compiled in 
statically.

>    mod_log_config.c
>    mod_env.c
>    mod_headers.c
>    mod_setenvif.c
>    mod_version.c
>    mod_proxy.c
>    mod_proxy_connect.c
>    mod_proxy_ftp.c
>    mod_proxy_http.c
>    mod_proxy_scgi.c
>    mod_proxy_ajp.c
>    mod_proxy_balancer.c
>    mod_ssl.c
>    prefork.c
>    http_core.c
>    mod_mime.c
>    mod_status.c
>    mod_autoindex.c
>    mod_asis.c
>    mod_cgi.c
>    mod_cgid.c
>    mod_negotiation.c
>    mod_dir.c
>    mod_actions.c
>    mod_userdir.c
>    mod_alias.c
>    mod_rewrite.c
>    mod_so.c
>
> But there is no mod_ldap.so module in apache libexec or modules directories

Check the timestamps of the files in the libexec directoy. I expect all 
of them are older than the installation and they do not belong to your 
new installation. You compiled the modules staticaly, so they are built 
into the httpd binary, not as separate loadable module files. By default 
Apache installs all modules into a directory named modules. The name 
"libexec" was used long ago only for Apache 1.3 (and older). The modules 
below are not for Apache 1.3 but might be left overs from some other 
Apche 2.0 installation (e.g. mod_perl and mod_auth_gs do not come 
bundled with Apache).

> # ls /www/apache2/libexec
> httpd.exp             mod_dir.so            mod_proxy.so
> mod_access.so         mod_disk_cache.so     mod_proxy_connect.so
> mod_actions.so        mod_env.so            mod_proxy_ftp.so
> mod_alias.so          mod_expires.so        mod_proxy_http.so
> mod_asis.so           mod_ext_filter.so     mod_rewrite.so
> mod_auth.so           mod_file_cache.so     mod_setenvif.so
> mod_auth_anon.so      mod_headers.so        mod_speling.so
> mod_auth_dbm.so       mod_imap.so           mod_ssl.so
> mod_auth_digest.so    mod_include.so        mod_status.so
> mod_auth_gss.so       mod_info.so           mod_suexec.so
> mod_autoindex.so      mod_log_config.so     mod_unique_id.so
> mod_cache.so          mod_log_forensic.so   mod_userdir.so
> mod_cern_meta.so      mod_mem_cache.so      mod_usertrack.so
> mod_cgi.so            mod_mime.so           mod_version.so
> mod_dav.so            mod_mime_magic.so     mod_vhost_alias.so
> mod_dav_fs.so         mod_negotiation.so
> mod_deflate.so        mod_perl.so
>
> Can you or someone tell me what is missing?

I'd say nothing is missing, but your configuration is wrong.

Regards,

Rainer

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message