[hobbit] Securing Hobbit from visitors

Dirk Kastens Dirk.Kastens at uni-osnabrueck.de
Thu Mar 13 09:01:31 CET 2008


Josh Luthman schrieb:
> Forgot all about that - I originally had the lines...
> 
> AuthName "Hobbit Monitoring"
> 
> Then I added the 1, 2 and 3 to the ends of them to identify/confirm 
> where the secondary and tertiary logins were coming from (obviously, the 
> Alias statements =)
> 
> There was no change before/after the number after the AuthName

Then I don't know why it didn't work. I have the following configuration 
in my httpd.conf:

ScriptAlias /hobbit-cgi/ "/data1/hobbit/cgi-bin/"
<Directory "/data1/hobbit/cgi-bin">
...
     AuthName "LDAP-Kennung"
     AuthType basic
     AuthLDAPEnabled on
...
require user userA userB userC
</Directory>

ScriptAlias /hobbit-seccgi/ "/data1/hobbit/cgi-secure/"
<Directory "/data1/hobbit/cgi-secure">
...
     AuthName "LDAP-Kennung"
     AuthType basic
     AuthLDAPEnabled on
...
     require user userB userD
</Director>

When userB calls a script under /hobbit-cgi he has to authenticate 
against LDAP. When he then calls a script under /hobbit-seccgi he 
doesn't have to authenticate again, because apache regognizes the he 
already authenticated against the AuthName "LDAP-Kennung".

----------------
Regards,

Dirk Kastens
Universitaet Osnabrueck, Rechenzentrum (Computer Center)
Albrechtstr. 28, 49069 Osnabrueck, Germany
Tel.: +49-541-969-2347, FAX: -2470



More information about the Xymon mailing list