[dokuwiki] Re: Using apache authentication (mod_ldap)
- From: Herve Leroux <rv.rtfb@xxxxxxxxx>
- To: dokuwiki@xxxxxxxxxxxxx
- Date: Tue, 3 Jan 2006 22:02:42 +0100
2006/1/3, Matthias Grimm <matthiasgrimm@xxxxxxxxxxxxxxxxxxxxx>:
> I hacked something like this for the old auth system but is was a ugly
> hack and never was published.
>
> I'm really interested how you configured apache to use active directory
> and what else have to be done to get it work. A small howto would be
> nice. :-)
>
> I would test it at work and find a way to bypass DokuWiki's login form
> in a compatible manner in return.
hey,
Unfortunatly, I won't have time to write such a how-to for the next 3
week (last projects and exams). But here are the guidelines :
* Use of following module :
http://www.muquit.com/muquit/software/mod_auth_ldap/mod_auth_ldap_apache2.html
* Downloading Sun ONE Directory SDK for C 5.08
* copying Sun libs to /modules (into apache2 path : C:\program
files\apache group\apache2 in my case)
* copying Muquit's dll : modauthldap_apache2_dll.zip to /modules
* Into httpd.conf :
AuthType Basic
AuthName "Please login"
LDAP_Debug Off
LDAP_Server <IP of AD Server>
LDAP_Port <AD TCP Port>
LDAP_Protocol_Version 3
# our base domain
Base_DN "DC=dimension,DC=fr"
# I've created a user which has only the ability (rights) to browse the AD
Bind_DN "DIMENSION\ADBrowser"
Bind_Pass "the_password"
UID_Attr "samaccountname"
Require valid-user
That's it.
There is an example for subversion/trac :
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
LoadModule python_module modules/mod_python.so
LoadModule auth_ldap_module modules/mod_auth_ldap.dll
####################################################################
# S u b v e r s i o n
#
# - Authentification par AD
####################################################################
<Location /svn>
Dav svn
SVNParentPath c:/subversion/repos/
AuthType Basic
AuthName "SVN repositories"
LDAP_Debug Off
LDAP_Server <IP of AD Server>
LDAP_Port <AD TCP Port>
LDAP_Protocol_Version 3
Base_DN "DC=dimension,DC=fr"
Bind_DN "DIMENSION\ADBrowser"
Bind_Pass "the_password"
UID_Attr "samaccountname"
AuthzSVNAccessFile c:/subversion/repos/rights.conf
Satisfy Any
Require valid-user
SVNIndexXSLT "/svnindex.xsl"
</Location>
####################################################################
####################################################################
# T R A C
####################################################################
Alias /trac "C:/Program Files/Python23/share/trac/htdocs"
<Location /trac>
SetHandler mod_python
PythonHandler trac.web.modpython_frontend
PythonOption TracEnvParentDir "c:/subversion/trac/"
PythonOption TracUriRoot /trac
</Location>
# Authentification par AD
<LocationMatch "/trac/[^/]+/login">
AuthType Basic
AuthName "Environement Trac"
LDAP_Debug Off
LDAP_Server <IP of AD Server>
LDAP_Port <AD TCP Port>
LDAP_Protocol_Version 3
Base_DN "DC=dimension,DC=fr"
Bind_DN "DIMENSION\ADBrowser"
Bind_Pass "the_password"
UID_Attr "samaccountname"
Require valid-user
</LocationMatch>
<Directory "C:/Python23/share/trac/htdocs">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
####################################################################
enjoy :P
Hervé
--
Hervé Leroux - rv at anything-else.net
http://www.anything-else.net
IM : Skype : lerouxrv; msn : lerouxrv@xxxxxxxxxxx
GnuPG Fingerprint: 68F3 DF3E C2AA C191 E7A5 9DA4 178A 819C FBB8 5B15
--
DokuWiki mailing list - more info at
http://wiki.splitbrain.org/wiki:mailinglist
Other related posts:
