TΩИΨ: CentOS6.x - Apache Proxy Gateway LDAP Authentication

Monday, February 17, 2014

CentOS6.x - Apache Proxy Gateway LDAP Authentication

Yes, it is possible to "LDAP" your Apache Proxy gateway. Actually it is quite easy. Let's say you have the following Apache Forward and Reverse proxy setup:

ProxyRequests Off
ProxyPreserveHost On
SSLProxyEngine On
<Proxy *>
    Order deny,allow
    Allow from all
    AllowOverride all
</Proxy>

RewriteEngine on

ProxyPass /test http://foo.com/test/
ProxyPassReverse /test  http://foo.com/test/

In order to add LDAP authentication, what you need to do is just simply add:

    AuthType Basic
    AuthName "Your LDAP account"
    AuthBasicProvider ldap
    AuthzLDAPAuthoritative off
    AuthLDAPUrl ldap://ldap.server/ou=People,dc=mycompany,dc=com?uid
    Require valid-user

to <Proxy>. It will look like:

ProxyRequests Off
ProxyPreserveHost On
SSLProxyEngine On
<Proxy *>
    Order deny,allow
    Allow from all
    AllowOverride all
    AuthType Basic
    AuthName "Your LDAP account"
    AuthBasicProvider ldap
    AuthzLDAPAuthoritative off
    AuthLDAPUrl ldap://ldap.server/ou=People,dc=mycompany,dc=com?uid
    Require valid-user
</Proxy>

RewriteEngine on

ProxyPass /test http://foo.com/test/
ProxyPassReverse /test  http://foo.com/test/

Restart your apache then you are ready to go.

TΩИΨ

Pages

Monday, February 17, 2014

CentOS6.x - Apache Proxy Gateway LDAP Authentication

No comments: