[httpauth] Web Server Authentication and OpenLDAP

gwarf

Joined: 2007-05-22
Posts: 2
Posted: Tue, 2007-05-22 15:01

Hi,

Using the httpauth module, I'm trying to get Web Server authentication work against my OpenLDAP sever.
I did set up the URL Rewrite module and the HTTP Auth module, and I did edit the /var/www/gallery/.htaccess like this:

<IfModule mod_rewrite.c>
 (...)
</IfModule>
AuthType basic
AuthName "Access to gallery site"
AuthBasicProvider ldap
AuthLDAPBindDN cn=admin,ou=team,dc=example,dc=org 
AuthLDAPBindPassword ZeBigPassWord 
AuthLDAPURL ldap://ldap.training.example.org/dc=example,dc=org?uid?sub?(objectClass=inetOrgPerson) STARTTLS
AuthLDAPGroupAttribute member
AuthLDAPRemoteUserIsDN off  
require ldap-group ou=team,dc=example,dc=org

In the auth form, I input my uid/pass (verified again the LDAP directory) and if the authentication succeed and if an user with the name equal to the LDAP uid exists in the Gallery database, I'm logged in.
So, this part works, but it when I try to logout that there's a problem...
If I click on the logout links, when Gallery2 tries to return to the homepage, a new login box appears... (and I can't login in order to logout (......), the login box appears again and again, and don't seems to validate my uid/pass...)

So I wonder what I did wrong or where is the bug/feature :)

Perhaps is there a better/easier/cleaner way to do this ? (I think I did see someone posting about using a wrapper php-script, and G2 embed...)

Thanks for any suggestions/comments. :)

I'm using :

  • Gallery-2.2.1-full, installed in /var/www/gallery
  • Apache 2.2.3-4
  • PHP 5.2.0-8+etch4
  • debian etch
  • OpenLDAP 2.3.30-5
 
ricardo

Joined: 2003-01-22
Posts: 9
Posted: Sat, 2008-09-27 22:21
gwarf wrote:
Hi,

Using the httpauth module, I'm trying to get Web Server authentication work against my OpenLDAP sever.
I did set up the URL Rewrite module and the HTTP Auth module, and I did edit the /var/www/gallery/.htaccess like this:<!--break-->

<IfModule mod_rewrite.c>
 (...)
</IfModule>
AuthType basic
AuthName "Access to gallery site"
AuthBasicProvider ldap
AuthLDAPBindDN cn=admin,ou=team,dc=example,dc=org 
AuthLDAPBindPassword ZeBigPassWord 
AuthLDAPURL ldap://ldap.training.example.org/dc=example,dc=org?uid?sub?(objectClass=inetOrgPerson) STARTTLS
AuthLDAPGroupAttribute member
AuthLDAPRemoteUserIsDN off  
require ldap-group ou=team,dc=example,dc=org

In the auth form, I input my uid/pass (verified again the LDAP directory) and if the authentication succeed and if an user with the name equal to the LDAP uid exists in the Gallery database, I'm logged in.
So, this part works, but it when I try to logout that there's a problem...
If I click on the logout links, when Gallery2 tries to return to the homepage, a new login box appears... (and I can't login in order to logout (......), the login box appears again and again, and don't seems to validate my uid/pass...)

So I wonder what I did wrong or where is the bug/feature :)

Perhaps is there a better/easier/cleaner way to do this ? (I think I did see someone posting about using a wrapper php-script, and G2 embed...)

Thanks for any suggestions/comments. :)

I'm using :

  • Gallery-2.2.1-full, installed in /var/www/gallery
  • Apache 2.2.3-4
  • PHP 5.2.0-8+etch4
  • debian etch
  • OpenLDAP 2.3.30-5

Hi,

Did you ever get this working?

Thanks
Ricardo