FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 02-06-2011, 04:36 PM
Joe Tseng
 
Default Authenticating virtual web host with LDAP

I suspect it's something simple but since I'm still somewhat new at this I can't figure it out myself...

I was using this to guide me to set up an virtual web host to authenticate against OpenLDAP:

http://wiki.amahi.org/index.php/LDAP#Control_a_web-application_access_using_LDAP

(FYI I had already added a user to use SSH as an authorizedService using the previous section: http://wiki.amahi.org/index.php/LDAP#Allow_a_user_SSH_access)

I created the LDIF file:

==================================================
dn: uid=jtseng,ou=People,dc=at,dc=home
changetype: modify
add: authorizedService
authorizedService: sshd
==================================================

And when I tried to add the entry I got the following:

==================================================
# ldapadd -h localhost -D "cn=root,$SUFFIX" -w mypassword -x -f give_webapp_access.ldif
modifying entry "uid=jtseng,ou=People,dc=at,dc=home"
ldap_modify: Object class violation (65)
additional info: attribute 'authorizedService' not allowed
==================================================

Thanks for the help,

- Joe


If you type "Google" into Google, you can break the Internet. -- Jen Barber
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 02-06-2011, 07:53 PM
Joe Tseng
 
Default Authenticating virtual web host with LDAP

Figured it out... I put the lines below in a config file separate from httpd.conf:

==================================================
<VirtualHost *:80>
ServerName svnrepos
ServerAlias svnrepos.at.home

DocumentRoot /var/hda/web-apps/svnrepos/html
<Directory "/var/hda/web-apps/svnrepos/html">
Options Indexes FollowSymLinks +ExecCGI
AddHandler fcgid-script .fcg
AllowOverride AuthConfig
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/hda/web-apps/svnrepos/logs/error_log
CustomLog /var/hda/web-apps/svnrepos/logs/access_log combined env=!dontlog
<Location />
DAV svn
SVNListParentPath on
SVNPath /var/hda/web-apps/svnrepos/html
SVNAutoversioning on
AuthBasicProvider ldap
AuthLDAPUrl ldap://localhost:389/ou=People,dc=at,dc=home
AuthzLDAPAuthoritative off
AuthType basic
AuthName "svn repos"
Require valid-user
</Location>
</VirtualHost>
==================================================

----------------------------------------
> From: joe_tseng@hotmail.com
> To: users@lists.fedoraproject.org
> Subject: Authenticating virtual web host with LDAP
> Date: Sun, 6 Feb 2011 12:36:43 -0500
>
>
> I suspect it's something simple but since I'm still somewhat new at this I can't figure it out myself...
>
> I was using this to guide me to set up an virtual web host to authenticate against OpenLDAP:
>
> http://wiki.amahi.org/index.php/LDAP#Control_a_web-application_access_using_LDAP
>
> (FYI I had already added a user to use SSH as an authorizedService using the previous section: http://wiki.amahi.org/index.php/LDAP#Allow_a_user_SSH_access)
>
> I created the LDIF file:
>
> ==================================================
> dn: uid=jtseng,ou=People,dc=at,dc=home
> changetype: modify
> add: authorizedService
> authorizedService: sshd
> ==================================================
>
> And when I tried to add the entry I got the following:
>
> ==================================================
> # ldapadd -h localhost -D "cn=root,$SUFFIX" -w mypassword -x -f give_webapp_access.ldif
> modifying entry "uid=jtseng,ou=People,dc=at,dc=home"
> ldap_modify: Object class violation (65)
> additional info: attribute 'authorizedService' not allowed
> ==================================================
>
> Thanks for the help,
>
> - Joe
>
>
> If you type "Google" into Google, you can break the Internet. -- Jen Barber
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 10:05 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org