www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alan D. Cabrera" <...@toolazydogs.com>
Subject Re: Looking for an LDAP mod authz example
Date Mon, 30 Jun 2014 00:30:03 GMT

On Jun 29, 2014, at 1:25 PM, Sam Ruby <rubys@intertwingly.net> wrote:

> On Sun, Jun 29, 2014 at 3:03 PM, Alan D. Cabrera <adc@toolazydogs.com> wrote:
>> Can someone provide an example conf file for an httpd server to restrict access to
directories to only ASF committers and ASF members via LDAP?  Thanks!
> 
> https://svn.apache.org/repos/infra/infrastructure/trunk/machines/vms/whimsy-vm.apache.org/etc/apache2/sites-available/whimsy.apache.org
> 
> Search for "AuthName"

Perfect, thanks!

I tried to get my setup running on my laptop by replacing 

ldaps://minotaur.apache.org:636

with my tunnel:

ldaps://ldap-tunnel.apache.org:6636

and 

LDAPTrustedGlobalCert CA_BASE64 /etc/openldap/asf-ldap-client.pem
<LocationMatch ^/ezmlm/v1/asf>
        Order allow,deny
        Allow from all 
        AuthType Basic
        AuthBasicProvider ldap
        AuthName "ASF Members"
        AuthLDAPurl "ldaps://ldap-tunnel.apache.org:6636/ou=people,dc=apache,dc=org?uid"
        AuthLDAPGroupAttribute memberUid
        AuthLDAPGroupAttributeIsDN off
	AuthLDAPBindAuthoritative off
	LDAPReferrals Off

        Require ldap-group cn=member,ou=groups,dc=apache,dc=org
</LocationMatch>

and I can't seem to log in:

[Sun Jun 29 16:43:29.512348 2014] [auth_basic:error] [pid 23730:tid 4396036096] [client ::1:50036]
AH01618: user adc not found: /ezmlm/v1/asf/lists/dev@mrql.apache.org/moderators

Has anyone else been able to get "local" setups to work?


Regards,
Alan


Mime
View raw message