+ Post New Thread
Results 1 to 11 of 11
Web Development Thread, Apache single sign on in Coding and Web Development; I'm trying to get get single on for an application i've built. so far I have enabled authnz-user and mod-ldap ...
  1. #1
    danbuntu's Avatar
    Join Date
    Dec 2009
    Location
    Maidstone, Kent
    Posts
    289
    Thank Post
    0
    Thanked 52 Times in 49 Posts
    Rep Power
    19

    Apache single sign on

    I'm trying to get get single on for an application i've built. so far I have enabled authnz-user and mod-ldap and have the following in my vhost;

    Code:
    <VirtualHost *:80>
        ServerAdmin dan.attwood@midkent.ac.uk
        DocumentRoot "C:/xampplite/htdocs/test"
        ServerName test.midkent.ac.uk
        ServerAlias test.midkent.ac.uk
        ErrorLog "logs/moodledev.log"
        CustomLog "logs/moodledev-access.log" combined
    	<Location /test2/>
    Order deny,allow
    Allow from all
    AuthBasicProvider ldap
    AuthzLDAPAuthoritative Off
    AuthLDAPURL "ldap://serverip:3268/ou=Staff,ou=Users OU,dc=domain,dc=ac,DC=uk?sAMAccountName?sub?(objectClass=*)"
    AuthLDAPBindDN "CN=dattwood,OU=ICT,OU=Support,OU=Staff,OU=Users OU,DC=domain,DC=ac,DC=uk"
    AuthLDAPBindPassword "mypassword"
    AuthType Basic
    AuthName "Protected"
    require valid-user
    </Location>
    </VirtualHost>
    when I go to my test2 url I get a pop up box as expected but it refuses to take my user anme and password and let me in. I can find anything in the error or access logs that points me in the right direction. Ultimately I want this to be able to do single sign on and a quick and dirty access control method
    Last edited by danbuntu; 29th September 2010 at 12:39 PM.

  2. #2
    Cools's Avatar
    Join Date
    Jan 2009
    Location
    Bedfordshire
    Posts
    498
    Thank Post
    24
    Thanked 62 Times in 57 Posts
    Rep Power
    25
    have you got samba with ntlm and kerberos all setup??? and when you wbinfo -u you see all the users ???

  3. #3
    danbuntu's Avatar
    Join Date
    Dec 2009
    Location
    Maidstone, Kent
    Posts
    289
    Thank Post
    0
    Thanked 52 Times in 49 Posts
    Rep Power
    19
    It's all sat on windows I'm afraid so no samba.

    I've actually got part way there with sspi. I can can protect a folder and allow access to it only if the user is a member of a specific group.

    Unfortunately they get a pop up box and I can't get the single sign on bit running.

  4. #4
    Cools's Avatar
    Join Date
    Jan 2009
    Location
    Bedfordshire
    Posts
    498
    Thank Post
    24
    Thanked 62 Times in 57 Posts
    Rep Power
    25
    what ya using wamp or just apachi..

  5. #5
    danbuntu's Avatar
    Join Date
    Dec 2009
    Location
    Maidstone, Kent
    Posts
    289
    Thank Post
    0
    Thanked 52 Times in 49 Posts
    Rep Power
    19
    It's Apache installed from the exe with php and mysql. No xamppl or wamp installer this time

  6. #6
    Cools's Avatar
    Join Date
    Jan 2009
    Location
    Bedfordshire
    Posts
    498
    Thank Post
    24
    Thanked 62 Times in 57 Posts
    Rep Power
    25
    Last edited by Cools; 1st October 2010 at 06:43 PM.

  7. #7
    danbuntu's Avatar
    Join Date
    Dec 2009
    Location
    Maidstone, Kent
    Posts
    289
    Thank Post
    0
    Thanked 52 Times in 49 Posts
    Rep Power
    19
    ok cool i'll give that ago when i'm back in the office on monday

  8. #8
    danbuntu's Avatar
    Join Date
    Dec 2009
    Location
    Maidstone, Kent
    Posts
    289
    Thank Post
    0
    Thanked 52 Times in 49 Posts
    Rep Power
    19
    looks like I sussed it. Was was adding the site to the 'trusted site' - turns out it needs to be added to 'local intranet' then sign in is seamless.

    I just to read up on grabbing the user name from the header now so that I can display it on the page and use it as a string for latter.

  9. #9
    Cools's Avatar
    Join Date
    Jan 2009
    Location
    Bedfordshire
    Posts
    498
    Thank Post
    24
    Thanked 62 Times in 57 Posts
    Rep Power
    25
    Well done that man... might need the how to guide off you just in case... i need to set it up..

  10. #10
    danbuntu's Avatar
    Join Date
    Dec 2009
    Location
    Maidstone, Kent
    Posts
    289
    Thank Post
    0
    Thanked 52 Times in 49 Posts
    Rep Power
    19
    it's one of those things which is actually really easy once you know what your doing! Below are my notes;


    Apache Single sign on with Mod_sspi
    Brief
    To password protect one or more apache directories. This is to disallow student access to the admin functions within the MTG calculator and Risk Tracker

    Step 1
    Download the sspi mod from: mod_auth_sspi | Download mod_auth_sspi software for free at SourceForge.net
    Unzip the folder and find the mod_atuh_sspi.so file
    Copy this in the apache modules directory

    Step 2
    Add the following to httpd.conf to load the module;
    <IfModule !mod_auth_sspi.c>
    LoadModule sspi_auth_module modules/mod_auth_sspi.so
    </IfModule>

    Step 3

    Add the flowing to the vhost file within the virtualhost tags;
    <Location /test2/ >
    AuthType SSPI
    AuthName "Test Login"
    SSPIAuth On
    SSPIAuthoritative On
    SSPIDomain domain.ac.uk
    SSPIOfferBasic On
    SSPIOmitDomain Off
    SSPIBasicPreferred On
    Require group "domain\GroupName"
    </Location>

    Change the domain as needed and the location to the folder you want to protect
    !important – the groups name can’t contain spaces!

  11. Thanks to danbuntu from:

    Cools (6th October 2010)

  12. #11
    Cools's Avatar
    Join Date
    Jan 2009
    Location
    Bedfordshire
    Posts
    498
    Thank Post
    24
    Thanked 62 Times in 57 Posts
    Rep Power
    25
    Simple.. when you know how.. lol.. thanks..

SHARE:
+ Post New Thread

Similar Threads

  1. Moodle - Single Sign on
    By ceebster in forum Virtual Learning Platforms
    Replies: 2
    Last Post: 18th June 2014, 11:28 AM
  2. Single Sign on software
    By localzuk in forum General Chat
    Replies: 36
    Last Post: 17th July 2008, 10:25 AM
  3. Moodle Single Sign On with CMS
    By monkeyx in forum Virtual Learning Platforms
    Replies: 0
    Last Post: 26th November 2007, 08:39 AM
  4. ePortal and CC3 Single Sign On
    By budgester in forum MIS Systems
    Replies: 3
    Last Post: 21st June 2007, 10:26 AM
  5. CMIS ePortal Single Sign-on
    By markberry in forum MIS Systems
    Replies: 12
    Last Post: 26th March 2007, 11:27 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •