Web Dev> Password protect apache directory with LDAP & .htaccess

Apr06
2011 Written by Scott Rowley

First thing you’ll need to do is to enable the needed mods, ldap.load & authnz_ldap.load These come preloaded with most linux, you’ll just need to enable them.
On Ubuntu:

Enable LDAP Authentication

cd /etc/apache2/mods-enabled
ln -s ../mods-available/ldap.load ldap.load
ln -s ../mods-available/authnz_ldap.load authnz_ldap.load
apache2ctl graceful

.htaccess

You should now be able to implement the following wherever desired:
Example .htaccess file

Order deny,allow
Deny from All
AuthName "Restricted Page - login with LDAP credentials"
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPUrl ldap://ldap.example.com/ou=admins,o=LDAPROOT?adminUser
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require valid-user
Satisfy any
<Files .htaccess>
order allow,deny
deny from all
</Files>

Note that ‘?adminUser’ on the end of the AuthLDAPUrl line is whatever object you use in your configuration.

Apache Config

/etc/apache2/sites-available/default
Make sure the following is set (the default is AllowOverride AuthConfig)

AllowOverride All
Posted in Ubuntu, Web Development - Tagged htaccess, ldap, password, protect, security, ubuntu
«
»

Corrections? Questions? Comments?

Find an error?
Everything work out great for you?
Have some feedback?
Like to see something added to the article?

PLEASE leave us a comment after the article and let us know how we are doing, or if something needs corrected, improved or clarified.

Thank you!
- The Management

Advertisement

Back to Top