LDAP Apache: Difference between revisions
(Adding Article Footer & Category) |
No edit summary |
||
Line 23: | Line 23: | ||
require valid-user | require valid-user | ||
</Location> | </Location> | ||
If you have Apache 2.2 or later, AuthLDAPEnabled doesn't work - use "AuthBasicProvider ldap" instead. Example: | |||
<Location "/service"> | |||
AuthBasicProvider ldap | |||
AuthType Basic | |||
AuthName "Service" | |||
AuthLDAPURL ldap://127.0.0.1/?mail | |||
require valid-user | |||
</Location> | |||
You can limit the access to certain users by adding | You can limit the access to certain users by adding |
Revision as of 12:59, 16 January 2009
LDAP Apache
Very simple, install mod_auth_ldap, and then install a .htaccess file that looks like this:
AuthType Basic AuthName DDInternal AuthLDAPURL ldap://yourzimbraserver/dc=zimbra,dc=yourdomain,dc=com,dc=au require valid-user
The first part "yourzimbraserver" is the address of your Zimbra server running LDAP.
The second part "dc=zimbra,dc=yourdomain,dc=com,dc=au" is the domain you would like to authenticate against.
Other Domains
If you want that your customers authenticate with their email address, you just have to use the mail attribute.
Example:
<Location "/service"> AuthLDAPEnabled on AuthType Basic AuthName "Service" AuthLDAPURL ldap://127.0.0.1/?mail require valid-user </Location>
If you have Apache 2.2 or later, AuthLDAPEnabled doesn't work - use "AuthBasicProvider ldap" instead. Example:
<Location "/service"> AuthBasicProvider ldap AuthType Basic AuthName "Service" AuthLDAPURL ldap://127.0.0.1/?mail require valid-user </Location>
You can limit the access to certain users by adding
require user user@example.com
Performance
You may consider installing mod_ldap to cache your LDAP connections.
Single Login
You can then use [[1]Preauth] to do single sign on (sort of).
References
[[2]Apache mod_auth_ldap]