[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [hobbit] enable/disable radius
- To: hobbit (at) hswn.dk
- Subject: Re: [hobbit] enable/disable radius
- From: "Hobbit User in Richmond" <hobbit (at) epperson.homelinux.net>
- Date: Mon, 16 Jun 2008 11:32:55 -0400 (EDT)
- Importance: Normal
- References: <000c01c8cfc0$31ec0140$95c403c0$ (at) rr.com>
- User-agent: SquirrelMail/1.4.13-1.fc8
On Mon, June 16, 2008 10:49, Joshua Krause wrote:
> I was wondering how to configure the enable/disable page to use radius.
> I've done some searching on the net but haven't found anything real
> concrete.
>
I use mod_auth_xradius-0.4.6, built in place, authenticating against a
Netware-Radius gateway, which presents as a stock radius server.
Following config needs
/usr/lib/httpd/modules/mod_auth_xradius.so
This is in /etc/httpd/conf.d/hobbit-apache.conf:
# Hobbit admin script authentication against NDS via Radius, match against
hobbitgroup
ScriptAlias /hobbit-seccgi/ "/usr/lib/hobbit/cgi-secure/"
<Directory "/usr/lib/hobbit/cgi-secure">
AllowOverride None
Options ExecCGI Includes
Order allow,deny
Allow from all
## --Radius options begin here--
## This is what the client sees in their Prompt.
AuthName "Novell/RADIUS Authentication Required"
## This identifies the authentication module
AuthBasicProvider xradius
## Type of authentication to use.
AuthType basic
## Address and the Shared Secret of the RADIUS Server to contact.
AuthXRadiusAddServer "radius-server.example.com:1645" "radiussecr3t"
## Time in Seconds to wait for replies from the RADIUS Servers
AuthXRadiusTimeout 7
## Number of times to resend a request to a server if no reply is
received.
AuthXRadiusRetries 2
## --Radius options end here--
# "valid-user" restricts access to anyone who is logged in.
Require valid-user
# "group admins" further restricts to users who have logged in, AND
# are members of the "admins" group in hobbitgroup.
AuthGroupFile /etc/hobbit/hobbitgroup
Require group admins
</Directory>