Cool Solution - Connect Apache to the LDAP

From Univention Wiki

Revision as of 13:31, 27 June 2012 by Korte (talk | contribs) (Bug 27756)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

It sometimes desired to protect your websites with a personal authentication. Therefor the apache can be connected to the LDAP directory.

Requirements

The requirements are installed by default. To enable them switch to the apache directory

CD /etc/apache2/mods-enabled/

and link the LDAP modules

ln -s ../ldap.load
ln -s ../ldap.conf
ln -s ../authnz_ldap.load

Afterwards a restart of Apache has to be executed.

/etc/init.d/apache2 restart

Configuration

Using the UDM create a user with only the 'simple authentication account' option chosen. You will need this users DN as well as its password. Ensure that the password is reasonable complex.

Within your web folder create the following

.htaccess

file within your web page.

It needs to contain the following content

AuthBasicProvider ldap
AuthType Basic
AuthName "<my name>"
AuthzLDAPAuthoritative off
AuthLDAPURL ldap://<ucs dc>:7389/<LDAP base>?uid
AuthLDAPBindDN <dn of the user>
AuthLDAPBindPassword <users password>
require valid-user

After restarting Apache again

/etc/inti.d/apache2 restart

you are required to enter a login to access the webpage.

Personal tools