Login or Register to Ask a Question and Join Our Community


Web Development

Apache authz

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Web Development Apache authz
# 1  
Old 02-09-2015
Apache authz
Hi All,

I have configured my Apache HTTP Server to authenticate users using SSL certificates and to forward the CN of the user from the certificate in the HTTP header to the backend server.

The server config also does a look up in Active Directory to make sure the user exists and to perform some basic authz (e.g. the user is in a particular group).

Is it possible to retrieve the user's group/role memberships from AD and forward these to the backend server in an HTTP header? Any pointers please?

Many thanks
Simon
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. Red Hat

Process not running: /opt/java15/jdk/bin/java -classpath /opt/apache/apache-ant-1.7.0-mod/lib/ant-la

Have no idea on what the below error message is: Process not running: /opt/java15/jdk/bin/java -classpath /opt/apache/apache-ant-1.7.0-mod/lib/ant-launcher.jar org.apache.tools.ant.launch.Launcher -buildfile build.xml dist. Any help? (3 Replies)
Discussion started by: gull05
3 Replies

2. Web Development

Apache module development on apache 2.2

Hi, I'm new to developing modules for Apache. I understand the basics now and can develop something simple which allows a 'GET' request to happen, but what I want to do is actually 'POST' information to my site. I know the basic POST Request works and I can see that it is post by looking at... (2 Replies)
Discussion started by: fishman2001
2 Replies

3. UNIX for Dummies Questions & Answers

Apache help

Hi, I am new to unix and am trying to determine if apache is installed on my server. Is there a command to determine the running version or if it is even installed. I appreciate your help. Thanks, Eric (2 Replies)
Discussion started by: ejbrever
2 Replies

4. IP Networking

Apache

I want to have multiple domains to be configured in apache web server on redhat linux can i have that without DNS server being configured. What all i have to do for that.What all to configure ? please note that i need to access the site by its name not by IP . I want this in a LAN . I dont... (4 Replies)
Discussion started by: Vijayanand
4 Replies

5. IP Networking

Apache

I want to have multiple domains to be configured in apache web server on redhat linux can i have that without DNS server configured. What all i have to do for that.What all to configure ? And importantly i want the site be accessed by name rather IP address. Please help me ... (1 Reply)
Discussion started by: Vijayanand
1 Replies

6. IP Networking

Apache

I want to have multiple domains to be configured in apache web server on redhat linux Please help me Vijay (2 Replies)
Discussion started by: Vijayanand
2 Replies

7. UNIX for Dummies Questions & Answers

Apache!

How do you tell which apache version is currently running. the situation is that I got multiply httpd.conf files on a solaris 2.6 server and I need to tell which version is what? I have checked the httpd.conf but no joy Thanks in Advance (3 Replies)
Discussion started by: hassan2
3 Replies

8. UNIX for Dummies Questions & Answers

apache

how must httpd.conf be configured to exec the php files? (2 Replies)
Discussion started by: user666
2 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

http::daemon::ssl

SSL(3pm)						User Contributed Perl Documentation						  SSL(3pm)

NAME

       HTTP::Daemon::SSL - a simple http server class with SSL support

SYNOPSIS

	 use HTTP::Daemon::SSL;
	 use HTTP::Status;

	 # Make sure you have a certs/ directory with "server-cert.pem"
	 # and "server-key.pem" in it before running this!
	 my $d = HTTP::Daemon::SSL->new || die;
	 print "Please contact me at: <URL:", $d->url, ">
";
	 while (my $c = $d->accept) {
	     while (my $r = $c->get_request) {
		 if ($r->method eq 'GET' and $r->url->path eq "/xyzzy") {
		     # remember, this is *not* recommened practice :-)
		     $c->send_file_response("/etc/passwd");
		 } else {
		     $c->send_error(RC_FORBIDDEN)
		 }
	     }
	     $c->close;
	     undef($c);
	 }

DESCRIPTION

       Instances of the HTTP::Daemon::SSL class are HTTP/1.1 servers that listen on a socket for incoming requests. The HTTP::Daemon::SSL is a
       sub-class of IO::Socket::SSL, so you can perform socket operations directly on it too.

       The accept() method will return when a connection from a client is available.  In a scalar context the returned value will be a reference
       to a object of the HTTP::Daemon::ClientConn::SSL class which is another IO::Socket::SSL subclass.  In a list context a two-element array is
       returned containing the new HTTP::Daemon::ClientConn::SSL reference and the peer address; the list will be empty upon failure. (Note that
       version
	1.02 erroneously did not honour list context). Calling the get_request() method on the HTTP::Daemon::ClientConn::SSL object will read data
       from the client and return an HTTP::Request object reference.

       This HTTPS daemon does not fork(2) for you.  Your application, i.e. the user of the HTTP::Daemon::SSL is reponsible for forking if that is
       desirable.  Also note that the user is responsible for generating responses that conform to the HTTP/1.1 protocol.  The
       HTTP::Daemon::ClientConn class provides some methods that make this easier.

METHODS

       The following methods are the only differences from the HTTP::Daemon base class:

       $d = new HTTP::Daemon::SSL
	   The constructor takes the same parameters as the IO::Socket::SSL constructor.  It can also be called without specifying any parameters,
	   but you will have to make sure that you have an SSL certificate and key for the server in certs/server-cert.pem and
	   certs/server-key.pem.  See the IO::Socket::SSL documentation for how to change these default locations and specify many other aspects
	   of SSL behavior. The daemon will then set up a listen queue of 5 connections and allocate some random port number.  A server that wants
	   to bind to some specific address on the standard HTTPS port will be constructed like this:

	     $d = new HTTP::Daemon::SSL
		   LocalAddr => 'www.someplace.com',
		   LocalPort => 443;

SEE ALSO

       RFC 2068

       IO::Socket::SSL, HTTP::Daemon, Apache

COPYRIGHT

       Code and documentation from HTTP::Daemon Copyright 1996-2001, Gisle Aas Changes Copyright 2003-2004, Peter Behroozi

       This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

perl v5.10.1							    2011-04-02								  SSL(3pm)