top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Integrated Apache with internal LDAP server?

+3 votes
706 views

We have integrated apache web server with our internal LDAP and we have requirement to provision role based access to the folders in the docroot. We have earlier used SVN and we were using AuthzSVNAccessFile to meet this requirement. Contents of the file will look like this.

[groups]
users = usera
admins = usera, userb
[/]
users = r

[/folderA]
admins= r

Now we are looking for something similar with the apache directives, is it possible? if not, can you please give us an alternate?

I have tried "Require ", it doesn’t solve our requirement.

posted Dec 15, 2013 by Naveena Garg

Looking for an answer?  Promote on:
Facebook Share Button Twitter Share Button LinkedIn Share Button
What did you try, on what release, and what didn't work as needed?
Thanks for your response. I have tried below options,

Require valid-user (when I pass valid-user, it authenticates and allows everyone in the LDAP filter to access the webserver)
Require user usera userb userc (It allows only these users)

Since our requirement is to control access based on a path, I am not sure what else can be used to read an access file.
Enclose the directives in  or ?

Similar Questions
0 votes

If LDAPVerifyServerCert is enabled in SSL , authentication fails with Message simple bind failed. If LDAPVerifyServerCert is disabled in SSL there is no issue.

LDAP server is OpenLdap.

What configuration w.r.t LDAP/SSL I need to check so that authentication succeeds with LDAPVerifyServerCertflag ON.

+1 vote

I want information regarding adding index on an ldap attribute.

My directory structure is like:

ObjectClass Hierarchy: Company=>Department (In dc=example,dc=com)

Inside ObjectClass"Company", One of the attributes "UserID" to be indexed. I have added index on the same as per following in slapd.conf:

index UserID eq

Kindly let me know whether it is the correct syntax of defining an index.

+2 votes

I have installed Bugzilla 4.4 on Apache. I have configured it for LDAP authentication. I have some users on LDAP and I wish to allow all of them to be able to file a bug on Bugzilla.

However, it appears that I still need to create all these users in bugzilla. Instead of creating 100 users one by one - is there a way I could insert records in some table OR any configuration by which the user is automatically created?

What is the best way to configure in this case?

+1 vote

There is a simple setup for svn users authentication on the server using LDAP.

 DAV svn
 SVNListParentPath on
 SVNParentPath /path_to_data
 SVNListParentPath on
 AuthzSVNAccessFile /path_to_accessfile/accfile

 AuthzLDAPAuthoritative off
 AuthType Basic
 AuthBasicProvider ldap
 AuthName "your login pls"
 AuthLDAPBindDN "blah-blah"
 AuthLDAPBindPassword "somepass"
 AuthLDAPURL "ldap://URL+DC?sub?(objectClass=*)"
 AuthzForceUsernameCase Lower
 Require valid-user

 CheckSpelling On

What I noticed is that svn server making a request for each svn URI or operation, which neither LDAP server likes nor users that could be waiting for their turn to be authenticated and see delays in svn server
response.

Could somebody point me where the problem is? I'd expect only one authentication request from the server when user presents himself first time (or after cache expires).

0 votes

I know that in version 3.3.9 Mongodb supports LDAP on windows. So I wanted to know whether it will be available for Community Edition or it remains for the Enterprise Edition only?

...