Apache single sign on
I'm trying to get get single on for an application i've built. so far I have enabled authnz-user and mod-ldap and have the following in my vhost;
when I go to my test2 url I get a pop up box as expected but it refuses to take my user anme and password and let me in. I can find anything in the error or access logs that points me in the right direction. Ultimately I want this to be able to do single sign on and a quick and dirty access control method
CustomLog "logs/moodledev-access.log" combined
Allow from all
AuthLDAPURL "ldap://serverip:3268/ou=Staff,ou=Users OU,dc=domain,dc=ac,DC=uk?sAMAccountName?sub?(objectClass=*)"
AuthLDAPBindDN "CN=dattwood,OU=ICT,OU=Support,OU=Staff,OU=Users OU,DC=domain,DC=ac,DC=uk"
have you got samba with ntlm and kerberos all setup??? and when you wbinfo -u you see all the users ???
It's all sat on windows I'm afraid so no samba.
I've actually got part way there with sspi. I can can protect a folder and allow access to it only if the user is a member of a specific group.
Unfortunately they get a pop up box and I can't get the single sign on bit running.
what ya using wamp or just apachi..
It's Apache installed from the exe with php and mysql. No xamppl or wamp installer this time
ok cool i'll give that ago when i'm back in the office on monday
looks like I sussed it. Was was adding the site to the 'trusted site' - turns out it needs to be added to 'local intranet' then sign in is seamless.
I just to read up on grabbing the user name from the header now so that I can display it on the page and use it as a string for latter.
Well done that man... might need the how to guide off you just in case... i need to set it up..
it's one of those things which is actually really easy once you know what your doing! Below are my notes;
Apache Single sign on with Mod_sspi
To password protect one or more apache directories. This is to disallow student access to the admin functions within the MTG calculator and Risk Tracker
Download the sspi mod from: mod_auth_sspi | Download mod_auth_sspi software for free at SourceForge.net
Unzip the folder and find the mod_atuh_sspi.so file
Copy this in the apache modules directory
Add the following to httpd.conf to load the module;
LoadModule sspi_auth_module modules/mod_auth_sspi.so
Add the flowing to the vhost file within the virtualhost tags;
<Location /test2/ >
AuthName "Test Login"
Require group "domain\GroupName"
Change the domain as needed and the location to the folder you want to protect
!important – the groups name can’t contain spaces!
Simple.. when you know how.. lol.. thanks..