Difference between revisions of "Cool Solution - Connect Apache to the LDAP"

From Univention Wiki

Jump to: navigation, search
(Bug 27756)
 
Line 1: Line 1:
 +
{{Version|UCS=3.0}}
 
It sometimes desired to protect your websites with a personal authentication. Therefor the apache can be connected to the LDAP directory.
 
It sometimes desired to protect your websites with a personal authentication. Therefor the apache can be connected to the LDAP directory.
  
Line 4: Line 5:
 
The requirements are installed by default. To enable them switch to the apache directory
 
The requirements are installed by default. To enable them switch to the apache directory
 
<pre>
 
<pre>
CD /etc/apache2/mods-enabled/
+
cd /etc/apache2/mods-enabled/
 
</pre>
 
</pre>
 
and link the LDAP modules
 
and link the LDAP modules
Line 44: Line 45:
 
</pre>
 
</pre>
 
you are required to enter a login to access the webpage.
 
you are required to enter a login to access the webpage.
 +
 +
[[Category:EN]]
 +
[[Category:Howtos]]

Revision as of 13:39, 27 June 2012

Produktlogo UCS Version 3.0

It sometimes desired to protect your websites with a personal authentication. Therefor the apache can be connected to the LDAP directory.

Requirements

The requirements are installed by default. To enable them switch to the apache directory

cd /etc/apache2/mods-enabled/

and link the LDAP modules

ln -s ../ldap.load
ln -s ../ldap.conf
ln -s ../authnz_ldap.load

Afterwards a restart of Apache has to be executed.

/etc/init.d/apache2 restart

Configuration

Using the UDM create a user with only the 'simple authentication account' option chosen. You will need this users DN as well as its password. Ensure that the password is reasonable complex.

Within your web folder create the following

.htaccess

file within your web page.

It needs to contain the following content

AuthBasicProvider ldap
AuthType Basic
AuthName "<my name>"
AuthzLDAPAuthoritative off
AuthLDAPURL ldap://<ucs dc>:7389/<LDAP base>?uid
AuthLDAPBindDN <dn of the user>
AuthLDAPBindPassword <users password>
require valid-user

After restarting Apache again

/etc/inti.d/apache2 restart

you are required to enter a login to access the webpage.

Personal tools