[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [hobbit] Securing Hobbit from visitors
- To: "hobbit (at) hswn.dk" <hobbit (at) hswn.dk>
- Subject: RE: [hobbit] Securing Hobbit from visitors
- From: Galen Johnson <Galen.Johnson (at) sas.com>
- Date: Thu, 13 Mar 2008 10:01:28 -0400
- Accept-language: en-US
- Acceptlanguage: en-US
- References: <961092e10803112158l78a51010xf274a6f0c5ea8ad6 (at) mail.gmail.com> <200803121021.56843.bgmilne (at) staff.telkomsa.net> <961092e10803120514n6be55fa5j914318feb74d610b (at) mail.gmail.com> <200803121511.31621.bgmilne (at) staff.telkomsa.net> <961092e10803120724t3dcb755au401af97b156b98cb (at) mail.gmail.com> <47D8070D.2040905 (at) uni-osnabrueck.de> <961092e10803121013w11036bd5lcc88cf78e5d0c45e (at) mail.gmail.com> <47D8DF5B.3000402 (at) uni-osnabrueck.de> <BAY138-DS1D0E98592F2E6DEF1B8B99F090 (at) phx.gbl> <961092e10803130541w52d8ff91qa849fca9bfb2d836 (at) mail.gmail.com>
- Thread-index: AciFCDC3CdFLzu59S3GRPO/6uYYf/QACmWBQ
- Thread-topic: [hobbit] Securing Hobbit from visitors
Yes, it does since AuthLDAP requires additional binding and search information in order to get the user info.
=G=
From: Josh Luthman [mailto:josh (at) imaginenetworksllc.com]
Sent: Thursday, March 13, 2008 8:42 AM
To: hobbit (at) hswn.dk
Subject: Re: [hobbit] Securing Hobbit from visitors
CentOS release 5 (Final) and Apache/2.2.3
Is it possible that .htpasswd acts differently from LDAP?
On 3/13/08, T.J. Yang <tj_yang (at) hotmail.com<mailto:tj_yang (at) hotmail.com>> wrote:
I got a working configuration in Solaris 10 with apache 2.x server.
What is your OS and apache version ?
lets document the fix here when problem is resolved.
http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administration_Guide#LDAP_Authentication
tj
--------------------------------------------------
From: "Dirk Kastens" <Dirk.Kastens (at) uni-osnabrueck.de<mailto:Dirk.Kastens (at) uni-osnabrueck.de>>
Sent: Thursday, March 13, 2008 2:01 AM
To: <hobbit (at) hswn.dk<mailto:hobbit (at) hswn.dk>>
Subject: Re: [hobbit] Securing Hobbit from visitors
> Josh Luthman schrieb:
>> Forgot all about that - I originally had the lines...
>>
>> AuthName "Hobbit Monitoring"
>>
>> Then I added the 1, 2 and 3 to the ends of them to identify/confirm where
>> the secondary and tertiary logins were coming from (obviously, the Alias
>> statements =)
>>
>> There was no change before/after the number after the AuthName
>
> Then I don't know why it didn't work. I have the following configuration
> in my httpd.conf:
>
> ScriptAlias /hobbit-cgi/ "/data1/hobbit/cgi-bin/"
> <Directory "/data1/hobbit/cgi-bin">
> ...
> AuthName "LDAP-Kennung"
> AuthType basic
> AuthLDAPEnabled on
> ...
> require user userA userB userC
> </Directory>
>
> ScriptAlias /hobbit-seccgi/ "/data1/hobbit/cgi-secure/"
> <Directory "/data1/hobbit/cgi-secure">
> ...
> AuthName "LDAP-Kennung"
> AuthType basic
> AuthLDAPEnabled on
> ...
> require user userB userD
> </Director>
>
> When userB calls a script under /hobbit-cgi he has to authenticate against
> LDAP. When he then calls a script under /hobbit-seccgi he doesn't have to
> authenticate again, because apache regognizes the he already authenticated
> against the AuthName "LDAP-Kennung".
>
> ----------------
> Regards,
>
> Dirk Kastens
> Universitaet Osnabrueck, Rechenzentrum (Computer Center)
> Albrechtstr. 28, 49069 Osnabrueck, Germany
> Tel.: +49-541-969-2347, FAX: -2470
>
> To unsubscribe from the hobbit list, send an e-mail to
> hobbit-unsubscribe (at) hswn.dk<mailto:hobbit-unsubscribe (at) hswn.dk>
>
>
>
To unsubscribe from the hobbit list, send an e-mail to
hobbit-unsubscribe (at) hswn.dk<mailto:hobbit-unsubscribe (at) hswn.dk>
--
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
Those who don't understand UNIX are condemned to reinvent it, poorly.
--- Henry Spencer