Apache 2 - LDAP/Active Directory - Automatic login/authentication process

Is there a fully automated way to authentication a user using IE8+ with Apache without the user having to enter any form of credentials? Running IIS is not really an option even tho i'm running Windows.

I've found some Perl based solutions that should work but i could only get it to work on *Nix with a LOT of fuzzing around.

I'm currently using authnz_ldap_module which works great, but the users are really cranky and annoyed by having to put in their user-id and password for each new session that they open.

Any ideas?

Answers


I've been having the same problem myself today after eventually getting the mod_authnz_ldap module to work.

From my research thus far, I gather you can't do seamless signon with the mod_authnz_ldap module and you'll have to use mod_auth_sspi instead. I've tried this out and it seems to work as expected (on Internet Explorer anyway - you can also configure Firefox to pass through by modifying the network.automatic-ntlm-auth.trusted-uris key).

Here's the steps:

  1. Download the mod_auth_sspi module from http://sourceforge.net/projects/mod-auth-sspi/
  2. From the zip file's bin folder, copy mod_auth_sspi.so to your apache modules folder
  3. From the zip file's bin folder, copy sspipkgs.exe to your apache bin folder
  4. Edit httpd.conf so that the Directory is configured something like this:
 Alias /secure "C:/Secure"
 <Directory "C:/Secure">
 Order deny,allow
 Allow from all

 AuthType SSPI
 SSPIAuth On
 SSPIOfferBasic on
 SSPIBasicPreferred On
 SSPIAuthoritative Off
 AuthName "Login"
 SSPIDomain dc.domain

 Require valid-user
 </Directory>

Now restart Apache.

Unfortunately, after all that it's no good for me as a solution as I have multiple LDAP servers to authenticate against, but hopefully this will help you.


Need Your Help

SQL IF statement?

sql sql-server sql-server-2008

I am working on a query and part of the query must return values based on when the transaction occurred.

Remove multiple files using multithreading in Java

java multithreading performance optimization file-io

My application generates a lot of log files, I want to clean this folder each time I startup the application. The simplest way to do that is: