作者主題: 如何將Apache的認證網頁設成由Ldap做認證呢? (閱讀 10491 次)

muchenlin · « 於: 2003-05-03 19:06 »

因目前我的apache認證是透過htpasswd的方式產生密碼檔，
如果我要結合其他系統或應用程式的認證，也就是single username 及single password，這種方式就無法達到了，所以我想經由ldap server來加以認證，不知有誰知道應如何設定方可使apache經由Ldap做認證呢?

ifgh · « **回覆 #1 於:** 2003-05-03 19:39 »

使用auth_ldap module

http://www.saas.nsw.edu.au/solutions/ldap-apache-auth.html

muchenlin · « **回覆 #2 於:** 2003-05-03 21:35 »

不好意思，小弟實在看的不是很懂，我大概操作一下還是不行，我的操作步驟如下：
先下載auth_ldap-1.6.0.tar.tar檔並加以解壓縮及編譯設定
muchen# ./configure --prefix=/usr/local/auth_ldap --with-apxs=/usr/local/apache2/bin/apxs --with-ldap-sdk=openldap --with-sdk-headers --with-sdk-libs --with-ssl --with-shared-cache --with-activate --with-frontpage
loading cache ./config.cache
checking for apxs... (cached) /usr/local/apache2/bin/apxs
checking whether apxs works... yes
checking for ber_init in -llber... (cached) no
checking for ldap_init in -lldap... (cached) no
checking how to run the C preprocessor... (cached) cc -E
checking for ANSI C header files... (cached) yes
checking for working const... (cached) yes
checking for vprintf... (cached) yes
checking for strdup... (cached) yes
checking for strerror... (cached) yes
updating cache ./config.cache
creating ./config.status
creating Makefile

接著進行編譯及安裝，卻出現了以下的錯誤訊息，可否請學長協助解答呢？謝謝！
muchen# make;make install
cc `/usr/local/apache2/bin/apxs -q CFLAGS` -DWITH_SSL -DWITH_SHARED_LDAP_CACHE -DWITH_OPENLDAP -c auth_ldap.c
In file included from auth_ldap.c:20:
auth_ldap.h:24: httpd.h: No such file or directory
auth_ldap.h:25: http_config.h: No such file or directory
auth_ldap.h:26: http_core.h: No such file or directory
auth_ldap.h:27: http_log.h: No such file or directory
auth_ldap.h:28: http_main.h: No such file or directory
auth_ldap.h:29: http_protocol.h: No such file or directory
auth_ldap.h:30: http_conf_globals.h: No such file or directory
auth_ldap.h:31: multithread.h: No such file or directory
auth_ldap.h:33: lber.h: No such file or directory
auth_ldap.h:34: ldap.h: No such file or directory
auth_ldap.h:53: ldap_ssl.h: No such file or directory
*** Error code 1

Stop in /usr/local/src/auth_ldap-1.6.0.
cc `/usr/local/apache2/bin/apxs -q CFLAGS` -DWITH_SSL -DWITH_SHARED_LDAP_CACHE -DWITH_OPENLDAP -c auth_ldap.c
In file included from auth_ldap.c:20:
auth_ldap.h:24: httpd.h: No such file or directory
auth_ldap.h:25: http_config.h: No such file or directory
auth_ldap.h:26: http_core.h: No such file or directory
auth_ldap.h:27: http_log.h: No such file or directory
auth_ldap.h:28: http_main.h: No such file or directory
auth_ldap.h:29: http_protocol.h: No such file or directory
auth_ldap.h:30: http_conf_globals.h: No such file or directory
auth_ldap.h:31: multithread.h: No such file or directory
auth_ldap.h:33: lber.h: No such file or directory
auth_ldap.h:34: ldap.h: No such file or directory
auth_ldap.h:53: ldap_ssl.h: No such file or directory
*** Error code 1

Stop in /usr/local/src/auth_ldap-1.6.0.

ifgh · « **回覆 #3 於:** 2003-05-03 22:34 »

引述: "muchenlin"

接著進行編譯及安裝，卻出現了以下的錯誤訊息，可否請學長協助解答呢？謝謝！
muchen# make;make install
cc `/usr/local/apache2/bin/apxs -q CFLAGS` -DWITH_SSL -DWITH_SHARED_LDAP_CACHE -DWITH_OPENLDAP -c auth_ldap.c
In file included from auth_ldap.c:20:
auth_ldap.h:24: httpd.h: No such file or directory
auth_ldap.h:25: http_config.h: No such file or directory
auth_ldap.h:26: http_core.h: No such file or directory
auth_ldap.h:27: http_log.h: No such file or directory
auth_ldap.h:28: http_main.h: No such file or directory
auth_ldap.h:29: http_protocol.h: No such file or directory
auth_ldap.h:30: http_conf_globals.h: No such file or directory
auth_ldap.h:31: multithread.h: No such file or directory
auth_ldap.h:33: lber.h: No such file or directory
auth_ldap.h:34: ldap.h: No such file or directory
auth_ldap.h:53: ldap_ssl.h: No such file or directory
*** Error code 1

問題出在找不到這些include file..

自行make通常找的include都是/usr/local/include/ or /usr/include/

而我想你的apache應該是自行編的..所以http*.h應該是在/usr/local/apache2/include/

所以才會找不到..除非在make時再自行加入path (我忘記是加啥參數了:oops:..好像是-I PATH吧!)

muchenlin · « **回覆 #4 於:** 2003-05-04 11:24 »

我試過在用 make -I /usr/local/apache2/include 還是不行耶,以下是錯誤訊息
muchen# make -I /usr/local/apache2/include
cc `/usr/local/apache2/bin/apxs -q CFLAGS` -DWITH_SHARED_LDAP_CACHE -DWITH_OPENLDAP -c auth_ldap.c
In file included from auth_ldap.c:20:
auth_ldap.h:24: httpd.h: No such file or directory
auth_ldap.h:25: http_config.h: No such file or directory
auth_ldap.h:26: http_core.h: No such file or directory
auth_ldap.h:27: http_log.h: No such file or directory
auth_ldap.h:28: http_main.h: No such file or directory
auth_ldap.h:29: http_protocol.h: No such file or directory
auth_ldap.h:30: http_conf_globals.h: No such file or directory
auth_ldap.h:31: multithread.h: No such file or directory
auth_ldap.h:33: lber.h: No such file or directory
auth_ldap.h:34: ldap.h: No such file or directory
*** Error code 1

Stop in /usr/local/src/auth_ldap-1.6.0.

以上的http開頭的檔案是存放在/usr/local/apache2/include
而其中的http_conf_globals.h及multithread.h在Freebsd中並沒有發現，
另lber.h及ldap.h是放在/usr/local/include中。

muchenlin · « **回覆 #5 於:** 2003-05-07 23:46 »

可否有人能將設定的過程Post上來呢?我是使用tarball的方式安裝的。

who_care · « **回覆 #6 於:** 2003-05-16 08:19 »

引述: "muchenlin"

可否有人能將設定的過程Post上來呢?我是使用tarball的方式安裝的。

Setup LDAP Authencate for apache 1.3.26 over RedHat 7.x
--------------------------------
1. download auth_ldap-1.6.0.tar.gz from http://www.rudedog.org/auth_ldap/

2. tar zxvf auth_ldap-1.6.0.tar.gz

#假設 apache 安裝在 /usr/local/apache
3. ./configure --with-apxs=/usr/local/apache/bin/apxs

#install auth_ldap.so into /usr/lib/apache
4. make && make install

5. edit /home/httpd/conf/httpd/conf and add these lines
LoadModule auth_ldap_module /usr/lib/apache/auth_ldap.so
AddModule auth_ldap.c

5.1 edit httpd.conf,In protect directory add this entry
AllowOverride AuthConfig

Note:
If "LoadModule is not a valid command" shown when apache startup,check your apache DAO enabled or not (by command /home/httpd/bin/httpd -l)
if DAO is enabled there will "mod_so.c" shown otherwise recompile your apache with --enable-module=so

6. edit .htaccess in protect directory as
AuthName "內部網路"
AuthType Basic
AuthLDAPURL ldap://localhost/dc=test,dc=example.com?uid
require valid-user

That all,hope that works for you !

muchenlin · « **回覆 #7 於:** 2003-05-17 00:36 »

引述: "who_care"

引述: "muchenlin"
可否有人能將設定的過程Post上來呢?我是使用tarball的方式安裝的。

Setup LDAP Authencate for apache 1.3.26 over RedHat 7.x
--------------------------------
1. download auth_ldap-1.6.0.tar.gz from http://www.rudedog.org/auth_ldap/

2. tar zxvf auth_ldap-1.6.0.tar.gz

#假設 apache 安裝在 /usr/local/apache
3. ./configure --with-apxs=/usr/local/apache/bin/apxs

#install auth_ldap.so into /usr/lib/apache
4. make && make install

5. edit /home/httpd/conf/httpd/conf and add these lines
LoadModule auth_ldap_module /usr/lib/apache/auth_ldap.so
AddModule auth_ldap.c

5.1 edit httpd.conf,In protect directory add this entry
AllowOverride AuthConfig

Note:
If "LoadModule is not a valid command" shown when apache startup,check your apache DAO enabled or not (by command /home/httpd/bin/httpd -l)
if DAO is enabled there will "mod_so.c" shown otherwise recompile your apache with --enable-module=so

6. edit .htaccess in protect directory as
AuthName "內部網路"
AuthType Basic
AuthLDAPURL ldap://localhost/dc=test,dc=example.com?uid
require valid-user

That all,hope that works for you !

我按照你的方式安裝，結果錯誤訊息還是一樣，我使用的apache server版本為httpd-2.0.44，而你用的版本是apache 1.3.26，不知道有沒有影響呢？

who_care · « **回覆 #8 於:** 2003-05-19 10:25 »

引述: "muchenlin"

引述: "who_care"
引述: "muchenlin"
可否有人能將設定的過程Post上來呢?我是使用tarball的方式安裝的。

Setup LDAP Authencate for apache 1.3.26 over RedHat 7.x
--------------------------------
1. download auth_ldap-1.6.0.tar.gz from http://www.rudedog.org/auth_ldap/

2. tar zxvf auth_ldap-1.6.0.tar.gz

#假設 apache 安裝在 /usr/local/apache
3. ./configure --with-apxs=/usr/local/apache/bin/apxs

#install auth_ldap.so into /usr/lib/apache
4. make && make install

5. edit /home/httpd/conf/httpd/conf and add these lines
LoadModule auth_ldap_module /usr/lib/apache/auth_ldap.so
AddModule auth_ldap.c

5.1 edit httpd.conf,In protect directory add this entry
AllowOverride AuthConfig

Note:
If "LoadModule is not a valid command" shown when apache startup,check your apache DAO enabled or not (by command /home/httpd/bin/httpd -l)
if DAO is enabled there will "mod_so.c" shown otherwise recompile your apache with --enable-module=so

6. edit .htaccess in protect directory as
AuthName "內部網路"
AuthType Basic
AuthLDAPURL ldap://localhost/dc=test,dc=example.com?uid
require valid-user

That all,hope that works for you !

我按照你的方式安裝，結果錯誤訊息還是一樣，我使用的apache server版本為httpd-2.0.44，而你用的版本是apache 1.3.26，不知道有沒有影響呢？

那就試試看 1.3.26 吧.

酷!學園

最新消息: