Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Apache: Users

mod_authnz_ldap problems with Apache 2.2.9

  

 
Apache users RSS feed   Index | Next | Previous | View Threaded


lambic at gmail

Oct 9, 2008, 9:37 PM

Post #1 of 2 (123 views)
Permalink
mod_authnz_ldap problems with Apache 2.2.9
Hello Apache gurus,

I am having trouble getting mod_authnz_ldap to work in Apache.

httpd-2.2.9 running on Solaris 10 (in a non-global zone)

Here is my configure line:
./configure --prefix=/svn/builds/apache-2.2.9_20081009 --enable-logio
--enable-proxy --enable-proxy-http --enable-rewrite --enable-ssl
--enable-vhost-alias --enable-headers --enable-dav --enable-dav-fs
--enable-modules=ssl --with-ssl=/cust/share/opt/.openssl-0.9.8i/
--enable-authnz-ldap --enable-ldap --with-ldap --with-included-apr
--enable-dav-lock --enable-deflate

It configures, builds, and installs OK as far as I can tell. I am able to
start httpd and can see the served pages. However, when I try to enable
LDAP authentication in the config, it fails to start with the following
error:

-bash-3.00$ testweb/bin/apachectl start
Syntax error on line 424 of /svn/testweb/etc/httpd.conf:
Unknown Authn provider: ldap


Here is the config section it is complaining about:

<Location /svn>
Options Indexes FollowSymLinks
order allow,deny
allow from all

AuthType basic
AuthName "svn repository"
AuthBasicProvider ldap
AuthLDAPURL ldap://
ldap.mycompany.com/DC=ad,DC=mycompany,DC=com?sAMAccountName?sub?(objectclass=*)
AuthzLDAPAuthoritative off
require valid user
</Location>


httpd -l shows the modules I think I need
-bash-3.00$ apache_test/bin/httpd -l
Compiled in modules:
core.c
mod_authn_file.c
mod_authn_default.c
mod_authz_host.c
mod_authz_groupfile.c
mod_authz_user.c
mod_authnz_ldap.c
mod_authz_default.c
mod_auth_basic.c
mod_include.c
mod_filter.c
mod_deflate.c
util_ldap.c
.......


ldd of httpd shows a reference to ldap
-bash-3.00$ ldd apache_test/bin/httpd
libldap-2.2.so.7 => /cust/soe/usr/lib/libldap-2.2.so.7
......


Any ideas as to what I am missing? Is there some more tracing/debugging I
can enable to gather better data?

Thanks so much!
Dave


lambic at gmail

Oct 14, 2008, 11:34 AM

Post #2 of 2 (91 views)
Permalink
Re: mod_authnz_ldap problems with Apache 2.2.9 [In reply to]
On Thu, Oct 9, 2008 at 9:37 PM, <lambic[at]gmail.com> wrote:

> Hello Apache gurus,
>
> I am having trouble getting mod_authnz_ldap to work in Apache.
>
> httpd-2.2.9 running on Solaris 10 (in a non-global zone)
>
> Here is my configure line:
> ./configure --prefix=/svn/builds/apache-2.2.9_20081009 --enable-logio
> --enable-proxy --enable-proxy-http --enable-rewrite --enable-ssl
> --enable-vhost-alias --enable-headers --enable-dav --enable-dav-fs
> --enable-modules=ssl --with-ssl=/cust/share/opt/.openssl-0.9.8i/
> --enable-authnz-ldap --enable-ldap --with-ldap --with-included-apr
> --enable-dav-lock --enable-deflate
>
> It configures, builds, and installs OK as far as I can tell. I am able to
> start httpd and can see the served pages. However, when I try to enable
> LDAP authentication in the config, it fails to start with the following
> error:
>
> -bash-3.00$ testweb/bin/apachectl start
> Syntax error on line 424 of /svn/testweb/etc/httpd.conf:
> Unknown Authn provider: ldap
>
>
> Here is the config section it is complaining about:
>
> <Location /svn>
> Options Indexes FollowSymLinks
> order allow,deny
> allow from all
>
> AuthType basic
> AuthName "svn repository"
> AuthBasicProvider ldap
> AuthLDAPURL ldap://
> ldap.mycompany.com/DC=ad,DC=mycompany,DC=com?sAMAccountName?sub?(objectclass=*)<http://ldap.mycompany.com/DC=ad,DC=mycompany,DC=com?sAMAccountName?sub?%28objectclass=*%29>
> AuthzLDAPAuthoritative off
> require valid user
> </Location>
>
>
> httpd -l shows the modules I think I need
> -bash-3.00$ apache_test/bin/httpd -l
> Compiled in modules:
> core.c
> mod_authn_file.c
> mod_authn_default.c
> mod_authz_host.c
> mod_authz_groupfile.c
> mod_authz_user.c
> mod_authnz_ldap.c
> mod_authz_default.c
> mod_auth_basic.c
> mod_include.c
> mod_filter.c
> mod_deflate.c
> util_ldap.c
> .......
>
>
> ldd of httpd shows a reference to ldap
> -bash-3.00$ ldd apache_test/bin/httpd
> libldap-2.2.so.7 => /cust/soe/usr/lib/libldap-2.2.so.7
> ......
>
>
> Any ideas as to what I am missing? Is there some more tracing/debugging I
> can enable to gather better data?
>
> Thanks so much!
> Dave
>
>
>

I have also tried compiling mod_ldap and mod_authnz_ldap as DSOs, but when I
try to start apache I get the following error from the LoadModule line for
mod_ldap

httpd: Syntax error on line 783 of /svn/testweb/etc/httpd.conf: Cannot load
/svn/apache_test/modules/mod_ldap.so into server: ld.so.1: httpd: fatal:
relocation error: file /svn/apache_test/modules/mod_ldap.so: symbol
apr_ldap_init: referenced symbol not found

Any ideas as to what I am missing?

Thanks,
Dave

Apache users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact lists@gossamer-threads.com
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.