Apache :: What LDAP Authentication Mechanism Is Used

Apr 23, 2015

Is this simple authentication or SASL Digest MD5, ..)?

we are able to specify only the 'authbasicprovider ldap' ldap url, bind username and password in the apache httpd configuration file.

Can LDAP SASL (Digest MD5, GSSAPI,…) mechanism be specified in the Apache configuration during authentication?

If so, how to specify the LDAP SASL mechanism?

View 4 Replies


ADVERTISEMENT

Apache :: LDAP Authentication Module

Mar 22, 2015

I have some questions about the LDAP authentication module.I have a LDAP authentication with this config:

<AuthnProviderAlias ldap ldap-account>
AuthLDAPBindDN "CN=directory search,OU=Service-User,DC=company,DC=ch"
AuthLDAPBindPassword "xxxxx"
AuthLDAPURL "ldap://ldap.company.ch/ou=Users,dc=company,dc=ch?sAMAccountName?sub?(objectClass=*)"
</AuthnProviderAlias>

If a User logs in with username only, all works correct. If a user use the DomainUsername format, the login is rejected with "user not found".Should it not work with both login styles ? Or is there a option to reformat or rewrite the username before authentication without the "Domain part ?

View 1 Replies View Related

Apache :: LDAP Authentication - Not Linking To Server

Jan 16, 2014

I am running apache currently on my QNAP server, and have enabled webserver and LDAP. We have set up users on LDAP. I have created a landing page for access from the internet. I want to configure Apache to authenticate the users using LDAP before granting access to the landing directory.

I have started this with the apache configuration below: My apache config file -

Code:
LogLevel debug
CustomLog "logs/access_log" combined
ErrorLog "logs/error_log"
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
ServerName MyServer
LDAPTrustedMode NONE
LDAPVerifyServerCert Off

[Code] ....

When I access my page, I get the authentication prompt. But when I enter my LDAP login and password, I get thrown out of the system with the error:

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, admin@NAS and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

Looks like my apache configuration is a problem as I am able access my LDAP and everything with LDAP seems to be working fine except Apache configuration to authenticate against LDAP.

View 1 Replies View Related

Apache :: Directories On Website Need Authentication Against LDAP

Nov 5, 2012

We have a website running on Apache ver 2.2.3.

A couple of directories on the website need authentication against LDAP. The setup has been working for many years and all of a sudden is giving some issues.

The page asks for authentication and once login details are entered, either it throws an error "Page has moved" or "Please refresh your browser or reload the page".

As far as I am aware no configuration has been changed for LDAP or for Apache. The website runs on Windows Server 2003.

I am very much new to Apache and cannot seem to find any errors logged.

View 2 Replies View Related

Apache :: Local Authentication Is Not Working When LDAP Is Offline

Jan 10, 2014

Im having a problem where local authentication will not work when when the configured LDAP server is unavailble. When the ldap server is online I can authenticate fine against ldap and local file. However, when the ldap server is offline, I cannot authenticate with the user1 account. The browser just sits at a blank screen.

Ive searched a lot on this and found many examples, all very similar to my config below, but I still cannot failback authentication to local file when ldap is unavailable. Im running Apache/2.2.10. I have also tested this on 2.2.16 with the same results.

=======.htaccess==========================
AuthName "Server Access"
AuthType Basic
AuthBasicProvider file ldap
AuthUserFile /etc/apache2/htpasswd
AuthzLDAPAuthoritative off
AuthLDAPURL ldap://ldap.domain.com:389/OU=Users,DC=domain,DC=com?sAMAccountName

[Code]...

View 3 Replies View Related

Apache :: Configure And Implement Server With Ssl Using Ldap For Authentication

Apr 28, 2015

I have a class project that we are working on where we have to configure and implement an Apache server with ssl using ldap for authentication. I have documentation of literally everything I have done in the configuration. Everything seems to be fine with the config that I can tell. The client gets a prompt for username and password when they access the server ip address. However, once the correct username and password are entered, then the client receives a 500 internal server error message instead of the webpage: "Internal Server Error...The server encountered an internal error or misconfiguration and was unable to complete your request.

View 1 Replies View Related

Apache :: Windows LDAP And SSL

Oct 19, 2012

I have Apache 2.2.17 running on Windows 7. I'm using PHP to query a Windows 2008 LDAP server. Everything works ok until I try to use LDAPS. Many of the resources I can find refer to a ldap.conf file and the certificates being the main problem. I don't have an ldap.conf file anywhere, so I put all of the relevant lines in the httpd.conf.

I'm getting from the 2008 AD server. I haven't found any tutorial that covers it with an implementation in Apache on Windows. Many tutorials cover using LDAP to authenticate to the site, but I need to use it for queries. I used the procedure at URL... to get the certificate installed and exported. But I don't know a way to confirm that it's using the cert I think it is for LDAPS. All LDAPS tests work (LDP.EXE from Windows).

View 19 Replies View Related

Apache Authentication

Apr 23, 2009

I have a machine at home running the UniformServer wamp package on Win2K3 Standard server and I'm hosting a simple family picture gallery using Gallery 2.3. I put the gallery in a subdirectory of root so I could have a public homepage and a gallery that is password protected. I did this using .htaccess and .htpasswd.

My issue is when I browse to mydomain.com and click the link to the gallery [url], the password box pops up, and when I enter the appropriate credentials, the domain name reverts to the IP and another password box pops up. If I log in a second time, I'm fine. If I cancel that second login, it still lets me in, but prompts me to login that second time for every click going forward until I authenticate.

View 1 Replies View Related

Apache :: SSL Client Authentication

Apr 14, 2014

I have been trying to set ssl client authentication with Apache.I basically have a server certificate issued by a recognized CA. For the normal ssl authentication I use the following configuration (and it works fine):

View 1 Replies View Related

Apache :: Configuration With SSL And Authentication

Dec 3, 2014

I have a couple of directories on my server that require authentication (MySQL DBD and AuthUserFile). Both work fine with SSL off. When I use SSL on directories without authentication that also works fine. However, when I put the 2 together, authentication is by-passed. I cannot seem to get the configuration right to do both. Here is my VH conf file (sanitized):

Code:

LoadModule dbd_module modules/mod_dbd.so
LoadModule authn_dbd_module modules/mod_authn_dbd.so
<VirtualHost *:80>
DocumentRoot "/var/www/html"
ServerName myhost.mydomain.com
ServerAdmin mailman-owner@mydomain.com
ErrorLog "/var/log/httpd/myhost_error_log"
CustomLog "/var/log/httpd/myhost_access_log" combined

[Code] .....

View 2 Replies View Related

Apache :: Authentication For Different Sub-domain

Oct 6, 2013

I am implementing OpenERP service + Apache on Ubuntu server. The connection to the server need to be HTTPS.
Here is what I does:

a. For HTTP side, forward connection to HTTPS side.

View 2 Replies View Related

Apache User Authentication Logic ...

May 11, 2009

I'd appreciate if you can point out some links, or if anyone is willing to help me for a fee, we can talk about it.

I have a web application called MyApp

- Each MyApp user has 5gb hosting, and a web interface to manage their files.

- Therefore MyApp user gets a user account on linux machine and has access to only one directory /repo/usr/<user_id> and nowhere else. (suexec?)

- If that MyApp user creates a subdomain from any folder inside his home folder (he can do that using web interface), that folder is readable by www-data user not writable.

- That myapp user is able to mount/unmount his own ftp drives using curlftpfs.

- In short, users can only mess with their own files and they have no access nor rights to any other file that is outside of their home dir.

In short, this is a kind of hosting company server setup. Right now, we will have to manage all this from -only- one powerful server.

View 2 Replies View Related

PAM Authentication Failure With FTP And Apache Suexec

Jun 18, 2007

i am trying to setup a VPS with:

Apache Suexec, so that each VHosts runs under there own username
FTP for each of the vhosts.

I have made a username aplushost and FTP works fine when i login, however when i try and get Suexec to work it shows a 403 permision dined, even know the whole directroy path is with correct permsions.

"/home/aplushost/www"

However if i chown the directroy "aplushost" to apaches username , currently "nobody" i have tried with "apache" and many others the page is displayed correctly.

The weird thing is that the www directroy can still be set to the aplushost username and files work inside.

However due to changing the privalages of the folder aplushost ftp now fails to login due to the folder not being owned by the ftp user "aplushost".

So im stuck between only having one item working at a time.

i have put some content of my config files.

----------httpd.conf vhosts------------------
<VirtualHost 87.117.196.247>
DocumentRoot "/home/aplushost/www"
ServerName aplushost.co.uk
SuexecUserGroup aplushost aplushost
<Directory "/home/aplushost/www">
allow from all
Options +Indexes
</Directory>
</VirtualHost>

---------------passwd file----------------
aplushost:x:500:99::/home/aplushost/www:/sbin/nologin

(Have tried with many different shells, no difference, also tried with home directroy as just /home/aplushost)

View 6 Replies View Related

Apache :: Bruteforce Protection For Authentication?

Dec 2, 2013

I was wondering if there's a simple way to implement some kind of authencation bruteforce protection in apache for windows? Right now my authentication never stops asking if user inputs the wrong credentials, this makes me think i'm vounrable for bruteforce attacks which could eventually get through if given the time.

View 4 Replies View Related

Apache :: HTTP Over SSL System - Authentication Authority

Oct 6, 2013

I have to create a structure in which there is a client, a server and an authentication authority.

The authentication authority verifies the identity of both the client and server before they can communicate, so that the client can access the content offered by the server. Everything must be made using HTTP with SSL (HTTPS).

For now I have installed xampp on my pc with ubuntu, I performed the initial configuration and was able to view a test page locally hosted by entering the URL of the virtual server "www.server.it" (added to the configuration of apache2).

View 1 Replies View Related

Apache :: Access Files Without Login / Authentication

Nov 18, 2014

In web application we are facing high vulnerability issue based on the session validation.

We can download the files from the server whenever we are passing the link even without login. The links are directly hit into the server and download the files any type of files extension such as .txt, .xml, .zip and so on.

Need the solution for this issue: How will we resolve the issue using validate the session in apache side?

Scenario as below:

When user manually passing the request if user logged they should access the files
When user manually passing the request if user is not login they shouldn't access the files

Here both the scenarios they can access the files but we want to restrict when the request is coming to apache without login.

EX: [URL] ....

When i tried above link I can able to view the file in browser. Even able to download all different fies extension which are having in the under tomcat webapps dir.

How we can restrict this in apache code or any other files in apache side or is there any way to validate the request is logged one or not?.

View 3 Replies View Related

Apache :: Set Up SSL Listening On Port 443 - Client Authentication

Oct 29, 2014

I am setting up apache 2.4 as a service locally through localhost on a windows 2008 R2 standard server. I have set up SSL listening on port 443 and works correctly, however I am having trouble figuring out how to get apache to authenticate my CAC card.

I have downloaded the DOD certs and put them into various types of files including pem, base 64, der etc and I have yet to figure out a way to get the client certificates validated.

I have left out the information about the SSLCertificateChainFile, SSLCACertificateFile and SSLCARevocationPath as I am sure this must be where my problem is.

Is it possible to get this done through localhost. Here is the error I am getting in the error log.

[Wed Oct 29 11:37:05.675491 2014] [ssl:error] [pid xxxx:tid xxx] [client 127.0.0.1:59282] AH02039: Certificate Verification: Error (20): unable to get local issuer certificate

I am using a self created self signed server ceritficate. Here are some details from my httpd-ssl.conf file:

Code:

<VirtualHost _default_:443>
DocumentRoot "${SRVROOT}/htdocs"
ServerName localhost:443

ServerAdmin admin@example.com
ErrorLog "${SRVROOT}/logs/jtdi.log"
TransferLog "${SRVROOT}/logs/jtdi-Transfer.log"

[Code] ....

View 1 Replies View Related

Apache :: Client Certificate Authentication To Verify User Name?

Oct 1, 2014

Is it possible to verify client certificate based on username?If possible, How can we implement it in our httpd-ssl.conf file.

View 1 Replies View Related

Apache :: Remote User Reverse Proxy And Authentication

Dec 17, 2013

I have several applications that use authentication and expect REMOTE_USER to be set by Apache for authentication/authorization.

I am putting a reverse proxy, with shibboleth in front of these applications, on a separate server.

Currently, REMOTE_USER is not sent. I have tried a few things, and I am currently sending it inside another header, but I have some applications that are closed sources and this will not work.

Is this possible to do? I am running this with Apache 2.4.7, I believe, on the Windows platform.

View 2 Replies View Related

LDAP Related

Jun 28, 2009

Can a domain have two set of users.... let me explain the situation.

mydomain.com has a set of users which have admins etc etc.

can i have sub.mydomain.com with the same set of users, with different admin and restricted access to certain level.

View 5 Replies View Related

SAMBA+LDAP Connection

Jun 29, 2009

I'm trying to setup a PDC Login server with SAMBA+LDAP (in separate servers).

How can I test if SAMBA is trying to login properly into the LDAP server?

View 1 Replies View Related

SAMBA/LDAP Integration

Nov 17, 2008

I'm struggling hard to integrate a group of windows boxes to authenticate with a Linux samba/ldap server (with personal mapped drives as well).
I get stuck in this error:

root@LittleCode:/usr/share/smbldap-configure# smbldap-useradd -a -m moquist
Error looking for next uid in cn=NextFreeUnixId,dc=activespace,dc=local:value does not conform to assertion syntax at /usr/share/perl5/smbldap_tools.pm line 1071.
root@LittleCode:/usr/share/smbldap-configure#

View 1 Replies View Related

LDAP - Custom Attributes

Jan 23, 2007

I've been searching for a way to add custom attributes into an LDAP schema. At first I didn't know if it was possible, but I guess it is. What I can't seem to find out now, is how to add them? Do I have to make a custom schema & upload it? How do I go about adding these fields? This all stems from me using other attributes for different functions, ie ( I'm using the employeeNumber field to determine if someone is allowed internet access. What I would like to do is make an attribute called inetAccess and use that instead.)

I'm using OpenLDAP on a Linux OS (SuSE). Anyone have any experience in adding custom attributes, or custom schemas? Or can anyone direct me to where I would find the answers?

View 0 Replies View Related

Libnss-ldap And Host Resolution

Aug 30, 2007

I end up working on about 5-6 different desktops regularly. I shorthand most of my servers in /etc/hosts so rather than typing www13.domain.com I shorthand it to www13. So rather than try to maintain each of these 5-6 hosts db's (and rather than setting up something more elaborate), I decided to take one of my personal ldap servers, added ou=Hosts,dc=domain,dc=com, and set it up as an ipHost objectclass (with the machine name being the cn, and the IP being ipHostNumber). I then installed libnss-ldap and the ldap client on my machine, editing /etc/ldap.conf by adding the base and uri, /etc/libnss-ldap.conf adding the base, ldap_version, uri, and setting nss_base_hosts to ou=Hosts,dc=domain,dc=com. I then edited /etc/nsswitch.conf and set my hosts: record to include ldap at the end.

When I do getent hosts, the hosts are listed as they should be (ip machinename). However, when I try to ping or resolve any of the machine names, it fails.

getent hosts|grep testldap
24.62.234.23 testldap
ping testldap
ping: unknown host testldap

View 3 Replies View Related

SSH Key Authentication

Jan 8, 2008

I'm running a server where I have my SSH key set up with the root user so I can log in without the password.

I also have an account called "jmaskell" that I use for everything, and I'm trying to add my SSH key to this. I've done exactly what I did for the root user and have my key in the .ssh/authorized_keys2 file. Unfortunately I'm still prompted for my password everytime I log in.

Is it possible to have the same SSH key stored for two different users?

The server is running CentOS 4 with OpenSSH 3.9.

View 3 Replies View Related

IIS Authentication

Oct 2, 2007

We've been having some trouble logging into our Intranet here at work. Essentially it is set up to use Integrated Windows authentication but for some reason that was disabled last week and so no-one could log in. That was easy enough to fix and everything seemed to be back to normal.

However, I installed ModX CMS into a subfolder but when it comes to logging in to the admin backend I am repeatedly asked for my Windows ID and ultimately told I am not authorised to view the page. I can see the login page and I can enter the ModX admin details but it won't let me further than that.

The strange thing is a colleague with the same (admin) rights can log in no problem!

View 9 Replies View Related

IIS Authentication

Jun 25, 2007

I am using WinXP Pro and IIS 5.1. When I try to access an asp file using IE 7 using a URL like [url], it always brings up the login dialog, and nothing I enter in it works. So, automatic authentication is failing. I verified that the Directory Security settings are correct.

View 9 Replies View Related

FTP Authentication Proxy

May 12, 2009

way to centrally login our FTP clients. We currently run ftp1/2/3/4.[url]and would like to have simply [url]which would authenticate the user and push the user to the relevant server.

This would hopefully work in the same way as a Radius Proxy.

Is this possible on either windows or linux?

View 0 Replies View Related

PureFTPD Authentication

Nov 10, 2008

i got some weird authentication problem

i followed this guide on setting it up

[url]

however when i try to connect i get

[1] Connecting to xxxxxx:21

[1] 421 Unknown authentication method: pam

[1] Retrying after 30 seconds for ftp://xxxx:***@xxxxxx

View 2 Replies View Related

Email Authentication

Nov 11, 2008

I have problem to set Email authentication in Cpanel. when I send Email via Microsoft outlook, it is possible to send mail without SMTP authentication.

how can I active SMTP authentication in CPanel?

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved