LDAP authentication for users
LDAP authentication in Apache HTTPD is very much important from a security perspective, By default, LDAP authentication is not enabled, Once Apache installation is successfully completed, need to install separate packages called mod_ldap. In this Article we cover Limit accesses on specific web pages and uses LDAP users for authentication with SSL connection, Apache httpd server is used an open source web server. By default, the web applications deployed in this server will be open to the network and can be accessed without any authentication. Apache httpd server provides many ways to add authentication, but I am explaining a basic configuration by using httpd.conf
Step 1: – Install mod_ldap via YUM
yum -y install mod_ldap
Step 2:- Create a file and past the below code
vim /etc/httpd/conf.d/auth_ldap.conf
<Directory /var/www/html/> # AuthName "LDAP Authentication" AuthName "OnClick360" AuthType Basic AuthBasicProvider ldap AuthLDAPURL "ldap://19.16.1.7:389/DC=domain,dc=com?sAMAccountName?sub?(objectClass=*)" NONE AuthLDAPBindDN "CN=myuser,CN=Users,DC=my-domain,DC=domain,dc=com" AuthLDAPBindPassword "password123" Require ldap-user user1 user </Directory>
Step 3 :- Create a Directory as below under html folder
mkdir /var/www/html/auth-ldap
Step 4 :- Add below line in httpd.conf to include the auth_ldap.conf
vim /etc/httpd/conf/httpd.conf
IncludeOptional conf.d/*.conf
Step 5 :- Create a test html page to test LDAP Authentication
vim /var/www/html/index.html
<html>
<body>
Test Page for LDAP Auth
</body>
</html>
Step 6 :- Check the http syntax error and restart the service
httpd -t
systemctl restart httpd
Test your URL which is configured under /var/www/html/ it will ask LDAP username and password
Hope You Enjoy this Article.
Post Views:
3,931
