[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Apache LDAP authentication?

To: openldap-general@OpenLDAP.org
Subject: Re: Apache LDAP authentication?
From: "Dave Edick" <dedick@stmarys-ca.edu>
Date: Mon, 12 Apr 1999 10:22:52 -0700 (PDT)
In-reply-to: <Pine.LNX.4.10.9904091033150.1306-100000@galileo.stmarys-ca.edu>

Just wanted to let everyone know that this problem is now resolved.  
Gerrit Thomson found the solution for me.  The problem was the default
search mode.  It was corrected by putting in a "LDAPSearchMode subtree"
entry into the httpd.conf.

For the benefit of any future archive searchers, the original message with
the problem is shown below...

Thanks again, Gerrit.

--
/Dave Edick/  dedick@stmarys-ca.edu
Unix Systems Administrator, St. Mary's College of California

On Fri, 9 Apr 1999, Dave Edick wrote:

> Has anyone out there used Jeff Morrow's mod_ldap 1.5b.c Apache
> verification module?  I'm trying to get it to work and have run into a
> wall.
> 
> It installed fine using the latest Openldap libs and Apache 1.3.4 under
> RedHat Linux 5.2.  I put the following into my httpd.conf to restrict
> access to a particular directory...
> 
> <Location /imp>
> AuthType Basic
> AuthName IMP-Email
> LDAPServer ldap://ldap.stmarys-ca.edu/
> LDAPuseridAttr uid
> LDAPAuth on
> LDAPBase o=stmarys
> require valid-user
> </Location>        
> 
> I'm prompted for the user name and password as expected and the name
> IMP-Email is displayed.  When I try to access something in the protected
> directory, I get in the following in the error log...
> 
> httpd: [Fri Apr  9 09:06:42 1999] [error] access to /imp/index.php3 failed
> for 149.137.15.35, reason: LDAP access denied for cn=Dave Edick, o=stmarys
> 
> It's clearly doing a successful lookup since I entered my userid and it's
> showing my DN in the error.  If I misspell the password, I get a different
> error shown below...
> 
> httpd: [Fri Apr 9 08:50:02 1999] [error] (2)No such file or directory:
> access to /imp/index.php3 failed for 149.137.15.35, reason: authentication
> failed
> 
> If it's doing lookups and successfully identifying a correct password from
> an incorrect one, I don't understand why it isn't letting me through.  I'm
> definitely a valid user.
> 
> The directory server is running Netscape Directory Server version 3.11
> with Unix crypt password encryption as default.  Authentication works for
> our Netscape mail and web servers, of course.  Queries using ldapsearch on
> the Apache machine also work fine.
> 
> Any idea what am I missing?
> 
> --
> /Dave Edick/  dedick@stmarys-ca.edu
> Unix Systems Administrator, St. Mary's College of California
> 
>

References:
- Apache LDAP authentication?
  - From: "Dave Edick" <dedick@stmarys-ca.edu>

Prev by Date: Apache LDAP authentication?
Next by Date: newbie question (thank you)
Index(es):
- Chronological
- Thread