[hobbit] Securing Hobbit from visitors: authenitcating agains windows domain

Stef Coene stef.coene at docum.org
Wed Mar 12 18:40:12 CET 2008


On Wednesday 12 March 2008, Josh Luthman wrote:
> I am curious to see how the crew here on the mailing list secures their
> Hobbit from the outside world.  I need to have the WWW pages visible from
> every IP but only from certain people, therefor I need to use users and
> passwords.  Our Hobbitmon is viewed via cell phones and computers (IE and
> Firefox) and protected by an HTTP(S) login currently.  The problem is that
> with three different Directory statements in httpd.conf, you need to login
> three times every time you restart Firefox.
>
> Also, how many businesses have Hobbitmon wide open for the viewing, such as
> Henrik's demo, if any?
I just found out the nice module Apache2-AuthenMSAD.  Very small module, very 
easy to install, very easy to change and adapt.  It authenticate the user 
against the windows domain, it just tries an ldap connection with the 
supplied username and password.  This is the authentication part of apache:

AuthName "Windows domain login"
AuthType Basic

# Authentication  method/handler
PerlAuthenHandler Apache2::AuthenMSAD
PerlSetVar MSADDomain WindowsDomain
PerlSetVar MSADServer DomainController

# Require lines can be any of the following -- any user, one of a list
require valid-user


Stef



More information about the Xymon mailing list