Welcome! Log In Create A New Profile

Re: Connecting Nginx to LDAP/Kerberos

All files from this thread

File Name	File Size		Posted by	Date
Nginx_kerberos_auth1.png	134.1 KB	open \| download	Joshua Schaeffer	09/14/2016	Read message
logs.tar.gz	6.2 KB	open \| download	Joshua Schaeffer	09/14/2016	Read message

Previous Message Next Message

Forum List Message List New Topic Print View

A. Schulze

September 12, 2016 03:24PM

Am 12.09.2016 um 21:04 schrieb Joshua Schaeffer:
> - https://github.com/kvspb/nginx-auth-ldap

I'm using that one to authenticate my users.

auth_ldap_cache_enabled on;
ldap_server my_ldap_server {
url ldaps://ldap.example.org/dc=users,dc=mybase?uid?sub;
binddn cn=nginx,dc=mybase;
binddn_passwd ...;
require valid_user;
}

server {
...
location / {
auth_ldap "foobar";
auth_ldap_servers "my_ldap_server";

root /srv/www/...;
}
}

this is like documented on https://github.com/kvspb/nginx-auth-ldap exept my auth_ldap statements are inside the location.
while docs suggest them outside.
Q: does that matter?

I found it useful to explicit set "auth_ldap_cache_enabled on" but cannot remember the detailed reasons.
Finally: it's working as expected for me (basic auth, no Kerberos)

BUT: I fail to compile this module with openssl-1.1.0
I send a message to https://github.com/kvspb some days ago but got no response till now.

the problem (nginx-1.11.3 + openssl-1.1.0 + nginx-auth-ldap)

cc -c -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wall -I src/core -I src/event -I src/event/modules -I src/os/unix -I /opt/local/include -I objs -I src/http -I src/http/modules -I src/http/v2 \
-o objs/addon/nginx-auth-ldap-20160428/ngx_http_auth_ldap_module.o \
./nginx-auth-ldap-20160428//ngx_http_auth_ldap_module.c
../nginx-auth-ldap-20160428//ngx_http_auth_ldap_module.c: In function 'ngx_http_auth_ldap_ssl_handshake':
../nginx-auth-ldap-20160428//ngx_http_auth_ldap_module.c:1325:79: error: dereferencing pointer to incomplete type
int setcode = SSL_CTX_load_verify_locations(transport->ssl->connection->ctx,
^
../nginx-auth-ldap-20160428//ngx_http_auth_ldap_module.c:1335:80: error: dereferencing pointer to incomplete type
int setcode = SSL_CTX_set_default_verify_paths(transport->ssl->connection->ctx);
^
make[2]: *** [objs/addon/nginx-auth-ldap-20160428/ngx_http_auth_ldap_module.o] Error 1
objs/Makefile:1343: recipe for target 'objs/addon/nginx-auth-ldap-20160428/ngx_http_auth_ldap_module.o' failed

Maybe the list have a suggestion...

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
Connecting Nginx to LDAP/Kerberos	Joshua Schaeffer	September 12, 2016 03:06PM
Re: Connecting Nginx to LDAP/Kerberos	A. Schulze	September 12, 2016 03:24PM
Re: Connecting Nginx to LDAP/Kerberos	Joshua Schaeffer	September 12, 2016 03:34PM
Re: Connecting Nginx to LDAP/Kerberos	A. Schulze	September 12, 2016 03:40PM
Re: Connecting Nginx to LDAP/Kerberos	Joshua Schaeffer	September 12, 2016 03:54PM
Re: Connecting Nginx to LDAP/Kerberos	Joshua Schaeffer	September 14, 2016 12:14PM
Re: Connecting Nginx to LDAP/Kerberos	rov12	November 16, 2016 04:11PM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 269

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018