# [Solved] ldap authentication and apache 2.2

## dbodner

Hey guys,

Having some problems setting up ldap authentication with apache 2.2, something that worked previously with 2.0.  I have the following setup:

[ebuild   R   ] www-servers/apache-2.2.6  USE="ldap ssl -debug -doc -mpm-event -mpm-itk -mpm-peruser -mpm-prefork -mpm-worker -no-suexec (-selinux) -static-modules -threads" 0 kB 

[ebuild   R   ] dev-libs/apr-util-1.2.10  USE="berkdb gdbm ldap -doc -mysql -postgres -sqlite -sqlite3" 0 kB

And in /etc/conf.d/apache2:

APACHE2_OPTS="-D DEFAULT_VHOST -D FCGID -D USERDIR -D PHP5 -D LDAP -D AUTH_LDAP"

However, when I add the following to a vhost:

   AuthType Basic

    AuthName "blah"

    AuthLDAPEnabled on

    AuthLDAPURL "ldap://ldap_ip/ou=People,dc=mydomain,dc=com?uid?one"

    AuthLDAPGroupAttribute memberUid

    AuthLDAPGroupAttributeIsDN off

    Require valid-user

I get the following error:

Invalid command 'AuthLDAPEnabled', perhaps misspelled or defined by a module not included in the server configuration

What do I need to do to set this up with apache 2.2?Last edited by dbodner on Fri Dec 21, 2007 8:53 pm; edited 1 time in total

----------

## linear

 *dbodner wrote:*   

> However, when I add the following to a vhost:
> 
> AuthType Basic
> 
> AuthName "blah"
> ...

 

You are correct that there were a few configuration file changes between Apache2 vs. Apache 2.2.  I found this page regarding a similar config issue; Subversion LDAP config Apache 2 vs Apache 2.2

Some of the known changes are: 

 *Mike Van Lammeren wrote:*   

> 1. LDAPTrustedCA and LDAPTrustedCAType were merged into
> 
> LDAPTrustedGlobalCert.
> 
> 2. BASE64_FILE turns into CA_BASE64.
> ...

 

In your particular case here, I think that AuthLDAPEnabled is deprecated.   Have you tried taking out that line and seeing if it will work?

HTH.  Let us know...

/bk

----------

## dbodner

 :Embarassed: 

Hah.  It works.  Thanks.

----------

## pr0ph3t

If you don't mind my asking, what exactly did you do to get this working? I'm basically working within 47_mod_dav_svn.conf trying to get svn and ldap working together. But I keep getting the error:

```

 * Apache2 has detected a syntax error in your configuration files:

Syntax error on line 19 of /etc/apache2/modules.d/47_mod_dav_svn.conf:

Invalid command 'AuthLDAPURL', perhaps misspelled or defined by a module not included in the server configuration

```

My 47_mod_dav_svn.conf file currently looks like:

```

<IfDefine SVN>

        <IfModule !mod_dav_svn.c>

                LoadModule dav_svn_module       modules/mod_dav_svn.so

        </IfModule>

        <IfDefine SVN_AUTHZ>

                <IfModule !mod_authz_svn.c>

                        LoadModule authz_svn_module     modules/mod_authz_svn.so

                </IfModule>

        </IfDefine>

        <Location /svn>

                DAV svn

                SVNPath /opt/svn/test

                #SVNParentPath /opt/svn

                #SVNListParentPath on

                #AuthLDAPAuthoritative on

                AuthType Basic

                AuthName "SVN Server"

                AuthLDAPURL "ldap://myserver:389/ou=memberlist,ou=mygroups,o=ibm.com?mail?sub?(objectClass=*)"

                Require valid-user

        </Location>

</IfDefine>

```

I have this in /etc/conf.d/apache2.conf:

```

APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D LANGUAGE -D SSL -D SSL_DEFAULT_VHOST -D SUEXEC"

APACHE2_OPTS="$APACHE2_OPTS -D SVN -D SVN_AUTHZ -D DAV -D DAV_FS -D LDAP -D AUTH_LDAP"

```

I'm not sure what I need to do to get beyond that error. It's as if the ldap module is not loaded. I've done nothing to 46_mod_ldap.conf, but I wonder if I need to.

Thanks!

----------

