====== Apache 2.2 und LDAP ======
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
AuthzLDAPAuthoritative off
AuthBasicProvider ldap
AuthType Basic
AuthName "Wohin des Weges?"
AuthLDAPURL ldap://10.0.0.2/ou=people,dc=villa,dc=local?uid?sub
require valid-user
alternativ Windows 2003 R2
ServerAuthType Basic
AuthzLDAPAuthoritative off
AuthBasicProvider ldap
AuthName "Wohin des Weges?"
AuthLDAPURL ldap://10.0.0.1/ou=Benutzer,dc=example,dc=com?sAMAccountName?sub
AuthLDAPBindDN "cn=Administrator,cn=Users,dc=example,dc=com"
AuthLDAPBindpassword "test1234"
require valid-user
====== Apache2 als Reverse-Proxy mit LDAP Authentifizierung ======
siehe auch: [[apache]], [[apache-ssl]]
===== Pakete =====
==== debian ====
apache2
===== Proxy einschalten =====
a2enmod proxy_http
===== LDAP einschalten =====
a2enmod auth_ldap
=== Debian 6.0 ===
a2enmod authnz_ldap
===== Konfigurieren =====
''/etc/apache2/mods-available/proxy.conf'' : (Debian 5.0)
#turning ProxyRequests on and allowing proxying from all may allow
#spammers to use your proxy to send email.
ProxyRequests Off
ProxyPass / http://www.naturnah.de/
ProxyPassReverse / http://www.naturnah.de/
Order deny,allow
Deny from all
Allow from all
AuthType Basic
AuthBasicProvider ldap
AuthName "Geschuetzter Bereich"
AuthLDAPURL "ldap://notebook02:389/ou=people,dc=example,dc=com?uid?sub?(objectClass=PosixAccount)"
require valid-user
# Enable/disable the handling of HTTP/1.1 "Via:" headers.
# ("Full" adds the server version; "Block" removes all outgoing Via: headers)
# Set to one of: Off | On | Full | Block
ProxyVia On
/etc/init.d/apache2 force-reload
Todo:
ldap-status hinzufügen
http://httpd.apache.org/docs/2.2/mod/mod_ldap.html#exampleconfig