FAQ
Hi,

I have used Apache httpd directives to configure the authenticating the
users against LDAP database using httpd modules, mod_authz_ldap and
mod_ldap. The authentication looks ok, but not able to find any specific
directives or way to stop users bypassing web server login and try hitting
application URL (application server) directly.

Any help on redirecting to login on web server if any one tries to access
the application directly in application server?

--
Regards,
Muthu
Mobile: 0044+(0)782 122 7480

Search Discussions

  • Thomas Smith at Oct 17, 2011 at 3:49 pm
    I did this using a <Directory> directive--you can put your LDAP auth stuff there and apply it to the top-level file system directory of your application. Users won't be able to bypass that. (I'm assuming that you're currently using a <Location> directive and that your entire application lives in a single directory structure.)

    This will generally work for what you want to do--you didn't provide enough information in your post to provide a response specific to your situation.

    ~ Tom
    (Sent from my mobile.)
    On Oct 17, 2011, at 8:14, Kalimuthu Samayan wrote:

    Hi,

    I have used Apache httpd directives to configure the authenticating the users against LDAP database using httpd modules, mod_authz_ldap and mod_ldap. The authentication looks ok, but not able to find any specific directives or way to stop users bypassing web server login and try hitting application URL (application server) directly.

    Any help on redirecting to login on web server if any one tries to access the application directly in application server?

    --
    Regards,
    Muthu
    Mobile: 0044+(0)782 122 7480
  • Kalimuthu Samayan at Oct 21, 2011 at 7:16 pm
    Hi Tom,

    Thanks for mailing. Please find the code I do have for LDAP authentication
    in apache2.0.64,

    <Directory */var/www/html*>
    AuthType Basic
    AuthName "Stooges Web Site: Login with email address"
    AuthLDAPEnabled on
    AuthLDAPURL ldaps://ldap.*your-domain*.com:636/o=stooges?mail
    AuthLDAPBindDN "cn=StoogeAdmin,o=stooges"
    AuthLDAPBindPassword *secret1*
    require valid-user
    </Directory>


    but I am failing to have additional features listed below to
    authentication like,

    -Search and Bind a user in LDAP by passing Group ID who can authorise
    any specific user belongs to the group

    -Redirecting the request if any user directly access url in
    application (if we can stop in this level)

    -Have a proper html login page to accept user name and password rather
    having simple windows dialog box.


    I thought to have the latest version to over come these problems, so I
    am trying to install apache 2.2.21 (stable version). May be I am not
    trying to install properly as failing to configure ldap module using
    configure script.

    Please give me the right steps or order I should be following to
    install Apache 2.2.21 successfully with ldap modules.


    This is the order I am trying to install apache 2.2.21:

    $ httpd2.2.21>apr> buildconf

    $ httpd2.2.21>apr> configure with apr lib

    $ httpd2.2.21>apr>make

    $ httpd2.2.21>apr>make install


    $ httpd2.2.21>apr-util> buildconf

    $ httpd2.2.21>apr-util> configure with apr-util lib

    $ httpd2.2.21>apr-util>make

    $ httpd2.2.21>aprutil>make install


    $ httpd2.2.21> buildconf

    $ httpd2.2.21> configure --prefix =Apache install folder --with-ldap

    $ httpd2.2.21> make

    $ httpd2.2.21> make install


    Regards,

    Muthu






    On 17 October 2011 16:48, Thomas Smith wrote:

    I did this using a <Directory> directive--you can put your LDAP auth stuff
    there and apply it to the top-level file system directory of your
    application. Users won't be able to bypass that. (I'm assuming that you're
    currently using a <Location> directive and that your entire application
    lives in a single directory structure.)

    This will generally work for what you want to do--you didn't provide enough
    information in your post to provide a response specific to your situation.

    ~ Tom
    (Sent from my mobile.)

    On Oct 17, 2011, at 8:14, Kalimuthu Samayan wrote:

    Hi,

    I have used Apache httpd directives to configure the authenticating the
    users against LDAP database using httpd modules, mod_authz_ldap and
    mod_ldap. The authentication looks ok, but not able to find any specific
    directives or way to stop users bypassing web server login and try hitting
    application URL (application server) directly.

    Any help on redirecting to login on web server if any one tries to access
    the application directly in application server?

    --
    Regards,
    Muthu
    Mobile: 0044+(0)782 122 7480

    --
    Regards,
    Muthu
    Mobile: 0044+(0)782 122 7480
  • Thomas Smith at Oct 26, 2011 at 6:01 am

    On Fri, Oct 21, 2011 at 12:16 PM, Kalimuthu Samayan wrote:
    but I am failing to have additional features listed below to authentication
    like,

    -Search and Bind a user in LDAP by passing Group ID who can authorise any
    specific user belongs to the group
    Look here for group-based authorization via LDAP.
    http://httpd.apache.org/docs/2.0/mod/mod_auth_ldap.html#reqgroup
    -Redirecting the request if any user directly access url in application (if
    we can stop in this level)
    I'm not exactly sure what you're trying to accomplish here, or what
    the concern is about accessing your application in the way you
    described (after all, we are talking about a web application), but you
    might have a look at mod_rewrite.

    http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html
    -Have a proper html login page to accept user name and password rather
    having simple windows dialog box.
    This is an application programming concern, not an Apache one--if you
    want to auth users via a web page, you'll need to create a web page to
    provide that functionality.
    I thought to have the latest version to over come these problems, so I am
    trying to install apache 2.2.21 (stable version). May be I am not trying to
    install properly as failing to configure ldap module using configure script.

    Please give me the right steps or order I should be following to install
    Apache 2.2.21 successfully with ldap modules.
    I'm not at all familiar with building Apache, I use what my distro
    provides. Perhaps someone else can chime in on this one...

    ~ Tom

    ---------------------------------------------------------------------
    The official User-To-User support forum of the Apache HTTP Server Project.
    See <URL:http://httpd.apache.org/userslist.html> for more info.
    To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
    " from the digest: users-digest-unsubscribe@httpd.apache.org
    For additional commands, e-mail: users-help@httpd.apache.org

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupusers @
categoriesapache
postedOct 17, '11 at 3:14p
activeOct 26, '11 at 6:01a
posts4
users2
websitehttpd.apache.org
irc#httpd

2 users in discussion

Kalimuthu Samayan: 2 posts Thomas Smith: 2 posts

People

Translate

site design / logo © 2022 Grokbase