[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [hobbit] enable/disable radius



On Mon, June 16, 2008 10:49, Joshua Krause wrote:
> I was wondering how to configure the enable/disable page to use radius.
> I've done some searching on the net but haven't found anything real
> concrete.
>

I use mod_auth_xradius-0.4.6, built in place, authenticating against a
Netware-Radius gateway, which presents as a stock radius server. 
Following config needs
/usr/lib/httpd/modules/mod_auth_xradius.so

This is in /etc/httpd/conf.d/hobbit-apache.conf:

# Hobbit admin script authentication against NDS via Radius, match against
hobbitgroup
ScriptAlias /hobbit-seccgi/ "/usr/lib/hobbit/cgi-secure/"
<Directory "/usr/lib/hobbit/cgi-secure">
    AllowOverride None
    Options ExecCGI Includes
    Order allow,deny
    Allow from all


## --Radius options begin here--
        ## This is what the client sees in their Prompt.
        AuthName "Novell/RADIUS Authentication Required"
        ## This identifies the authentication module
        AuthBasicProvider xradius
        ## Type of authentication to use.
        AuthType basic
        ## Address and the Shared Secret of the RADIUS Server to contact.
        AuthXRadiusAddServer "radius-server.example.com:1645" "radiussecr3t"
        ## Time in Seconds to wait for replies from the RADIUS Servers
        AuthXRadiusTimeout 7
        ## Number of times to resend a request to a server if no reply is
received.
        AuthXRadiusRetries 2
## --Radius options end here--


    # "valid-user" restricts access to anyone who is logged in.
    Require valid-user

    # "group admins" further restricts to users who have logged in, AND
    # are members of the "admins" group in hobbitgroup.
    AuthGroupFile /etc/hobbit/hobbitgroup
    Require group admins

</Directory>