httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tymiński Jan <>
Subject RE: [users@httpd] Auth aliases problem
Date Sat, 29 Jun 2013 22:15:12 GMT
Anyone got any ideas?
Any possible solutions I might try?

As a reminder:
The problem is that my custom alias is not being registered - it is not recognized as authn
No google result is related to my problem.


From: Tymiński Jan []
Sent: Wednesday, June 26, 2013 1:01 PM
Subject: RE: [users@httpd] Auth aliases problem

The problem with unknown auth provider always matches the first provider on the line.
If I reorder them in AuthBasicProvider directive, then another one is reported as unknown.
After longer mess I've put alias literally named "aaa" with empty body, so it is configured
that way:
<AuthnProviderAlias ldap aaa>
Just to check if it is problem with things inside.
I've also checked if for "file" instead of "ldap" and it neither works.

I'm querying LDAP directly.

Both mods you mention are already loaded.
I load them by a2enmod and also via httpd.conf, just in case.


From: Brandon Gould []
Sent: Wednesday, June 26, 2013 12:28 PM
Subject: RE: [users@httpd] Auth aliases problem

Ah, my apologies, I misunderstood your original posting.

Now I understand. The mud is clear now!

How are you querying the LDAP servers, directly, or through an intermediary like SASL?

When you configure with aliases, do you get "Unknown auth provider" on both, or just one?

I also see you're using Debian, try this:

A2enmod ldap
A2enmod authnz_ldap

I also wonder if it's a dependency thing; if the necessary mods are being loaded before or,
after, your alias definitions...

Brandon Gould
Reader Sales Crew Member / IT Specialist
CrewCorp Inc.

From: Tymiński Jan []
Sent: Wednesday, June 26, 2013 3:18 AM
Subject: RE: [users@httpd] Auth aliases problem

I am able to authenticate to LDAP with no problem.
I am not able to set aliases properly.
LDAP without setting aliases works just on the go, but I have to authenticate to second domain
and that is what I wanted to achieve with aliases.
But apache doesn't recognize aliases set by me.
I'm getting error "Unknown auth provider" for any alias I've set.
I've checked for mistyping errors over 10 times already, and tried even with simply alias
"aaa" to avoid mistyping error.

I'm using apache in version 2.2.16-6+squeeze11 from debian repository.

King Regards,

From: Brandon Gould []
Sent: Tuesday, June 25, 2013 9:05 PM
Subject: RE: [users@httpd] Auth aliases problem

You can also try authenticating to PAM, and then in

/etc/pam.d/apache2 (or httpd, I'll have to check)

You specify

Auth                      sufficient   
Account               sufficient   

Pam_ldap is part of  the nss_ldap package.

This tells PAM to authenticate with LDAP.

On your VirtualHost directive, you'll also need to add:

<Directory /var/www/myrestrictedarea>
AuthType Basic
AuthName "Restricted area for My Server"
AuthPAM_Enabled On
Require group mygroup

This should allow you to authenticate to LDAP.

From: Tymiński Jan []
Sent: Tuesday, June 25, 2013 9:46 AM
Subject: [users@httpd] Auth aliases problem

I'd like to ask again about my problem: I want to make aliases for ldap authorization with
mod_authn_alias, I have set everything up correctly, according to the documentation, enabled
required module, set "AuthBasicProvider aaa" in my configuration, and I receive error: "Unknown
Authn provider: aaa" - there is no single line in error.log, there is no information I can
google, as all forward to: "Unknown Authn provider: ldap" and this is not the problem I experience
- there is certainly other basis of the problem.

King Regards,

IT System Administrator

Exorigo-UPOS Group

tel.: +48 32 44 28 172
mobile.: +48 607 410 656

Exorigo-Upos sp. z o.o., ul. Kolejowa 5/7, 01-217 Warszawa, NIP 526-26-02-464, REGON 017389996,
KRS: 0000053959.
Rejestracja w Sądzie Rejonowym dla m. st. Warszawy w Warszawie, XII Wydział Gospodarczy
KRS. Kapitał zakładowy 2.045.000 zł.

View raw message