Monday, February 17, 2014

CentOS6.x - How to set up Apache LDAP authentication

In CentOS6.x, to configure httpd and a page/directory with LDAP authentication, you need to first load LDAP modules. You need at least two LDAP modules: ldap_module and authnz_ldap_module.

Check /etc/httpd/conf/httpd.conf file:
# vi /etc/httpd/conf/httpd.conf

# in the Dynamic Shared Pbject section, make sure you have:
LoadModule ldap_module modules/
LoadModule authnz_ldap_module modules/

Then create a /etc/httpd/conf.d/auth.conf file with the following contents:
# vi /etc/httpd/conf.d/auth.conf
<IfModule authnz_ldap_module>
   <Directory /var/www/html>
      AuthName "Authentication"
      AuthType Basic
      AuthBasicProvider ldap
      AuthLDAPURL ldap://server/ou=People,dc=company,dc=com?uid
      Require valid-user

Make sure you do a apache service restart:
# /etc/rc.d/init.d/httpd restart

Now if you access servername/html folder, you need your LDAP account.

No comments: