Show Table of Contents
22.214.171.124.9. The mod_authz_ldap Module
Red Hat Enterprise Linux ships with the
mod_authz_ldapmodule for the Apache HTTP Server. This module uses the short form of the distinguished name for a subject and the issuer of the client SSL certificate to determine the distinguished name of the user within an LDAP directory. It is also capable of authorizing users based on attributes of that user's LDAP directory entry, determining access to assets based on the user and group privileges of the asset, and denying access for users with expired passwords. The
mod_sslmodule is required when using the
mod_authz_ldapmodule does not authenticate a user to an LDAP directory using an encrypted password hash. This functionality is provided by the experimental
mod_auth_ldapmodule. Refer to the
mod_auth_ldapmodule documentation online at http://httpd.apache.org/docs-2.0/mod/mod_auth_ldap.html for details on the status of this module.
/etc/httpd/conf.d/authz_ldap.conffile configures the
/usr/share/doc/mod_authz_ldap-<version>/index.html(replacing <version> with the version number of the package) or http://authzldap.othello.ch/ for more information on configuring the
mod_authz_ldapthird party module.