Hello, How does LDAP know where to search for the user password provided by Apache?
Thanks!
On Tuesday, February 16, 2016 10:01 AM, Marc Patermann hans.moser@ofd-z.niedersachsen.de wrote:
Mary,
Am 16.02.2016 um 14:56 Uhr schrieb Mary Kao:
I have very simple requirements for "users" e.g. representative of user accounts with userid and password.
a "user" for "authentication" in LDAP ist mostly an object you can bind to. The easiest way to bind to an LDAP server is "simple" bind, by which you send the DN of the object and the password. In this case the object has a password field - userpassword.
So choose an objectclass with userpassword - i.e. inetorgperson - and create an object with this.
If you need a GUI try Apache Directory Studio.
Start from there.
I have a web application which we are currently using Apache's htpasswd flat file database for userid's and password. We'd like to be able to have Apache point to LDAP for user authentication from the web app.
Go for it! :)
Any pointers how to get going in this direction would be greatly appreciated.
Apache HTTPd is very flexible in the use of LDAP. https://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html
To understand what AuthLDAPURL does, read about LDAP filters.
What apache does, is - do a search in your DIT to find the user object in AuthLDAPURL and get the DN - bind with the DN and given password
For information about how to set up openldap in general, read the openLDAP Admin Guide. For hot to set up on you favorite linux distrubition, check the documentation there.
Marc