Line 1: |
Line 1: |
| + | {{Level|Developer}} |
| =Generic Instructions for building a Web Application RPM= | | =Generic Instructions for building a Web Application RPM= |
| | | |
Line 233: |
Line 234: |
| $OUT .= " AuthName \"$name\"\n"; | | $OUT .= " AuthName \"$name\"\n"; |
| $OUT .= " AuthType Basic\n"; | | $OUT .= " AuthType Basic\n"; |
| + | $OUT .= " AuthBasicProvider external\n"; |
| $OUT .= " AuthExternal pwauth\n"; | | $OUT .= " AuthExternal pwauth\n"; |
| $OUT .= " require valid-user\n"; | | $OUT .= " require valid-user\n"; |
Line 248: |
Line 250: |
| $OUT .= " AuthName \"$name\"\n"; | | $OUT .= " AuthName \"$name\"\n"; |
| $OUT .= " AuthType Basic\n"; | | $OUT .= " AuthType Basic\n"; |
| + | $OUT .= " AuthBasicProvider external\n"; |
| $OUT .= " AuthExternal pwauth\n"; | | $OUT .= " AuthExternal pwauth\n"; |
| '''$OUT .= " require valid-user\n";''' | | '''$OUT .= " require valid-user\n";''' |
Line 258: |
Line 261: |
| $OUT .= " AuthName \"$name\"\n"; | | $OUT .= " AuthName \"$name\"\n"; |
| $OUT .= " AuthType Basic\n"; | | $OUT .= " AuthType Basic\n"; |
| + | $OUT .= " AuthBasicProvider external\n"; |
| $OUT .= " AuthExternal pwauth\n"; | | $OUT .= " AuthExternal pwauth\n"; |
| '''$OUT .= " require user admin pierre paul\n";''' | | '''$OUT .= " require user admin pierre paul\n";''' |
Line 277: |
Line 281: |
| nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth | | nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth |
| { | | { |
− | $OUT .= " AddExternalGroup ugroup /usr/lib/httpd/modules/unixgroup\n"; | + | $OUT .= " AddExternalGroup unixgroup /usr/lib/httpd/modules/unixgroup\n"; |
− | $OUT .= " SetExternalGroupMethod ugroup environment\n"; | + | $OUT .= " SetExternalGroupMethod unixgroup environment\n"; |
| } | | } |
| | | |
Line 286: |
Line 290: |
| $OUT .= " AuthName \"$name\"\n"; | | $OUT .= " AuthName \"$name\"\n"; |
| $OUT .= " AuthType Basic\n"; | | $OUT .= " AuthType Basic\n"; |
| + | $OUT .= " AuthBasicProvider external\n"; |
| $OUT .= " AuthExternal pwauth\n"; | | $OUT .= " AuthExternal pwauth\n"; |
− | $OUT .= " GroupExternal ugroup\n"; | + | $OUT .= " GroupExternal unixgroup\n"; |
| $OUT .= " AuthzUserAuthoritative off\n"; | | $OUT .= " AuthzUserAuthoritative off\n"; |
| '''$OUT .= " require user admin pierre paul\n";''' | | '''$OUT .= " require user admin pierre paul\n";''' |
Line 313: |
Line 318: |
| nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth | | nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth |
| { | | { |
− | $OUT .= " AddExternalGroup ugroup /usr/lib/httpd/modules/unixgroup\n"; | + | $OUT .= " AddExternalGroup unixgroup /usr/lib/httpd/modules/unixgroup\n"; |
− | $OUT .= " SetExternalGroupMethod ugroup environment\n"; | + | $OUT .= " SetExternalGroupMethod unixgroup environment\n"; |
| } | | } |
| | | |
Line 326: |
Line 331: |
| $OUT .= " AuthType Basic\n"; | | $OUT .= " AuthType Basic\n"; |
| $OUT .= " AuthExternal pwauth\n"; | | $OUT .= " AuthExternal pwauth\n"; |
− | $OUT .= " GroupExternal ugroup\n"; | + | $OUT .= " GroupExternal unixgroup\n"; |
| + | $OUT .= " AuthzUserAuthoritative off\n"; |
| + | $OUT .= " require user $foo{'User'}\n"; |
| + | $OUT .= " require group $foo{'Group'}\n"; |
| + | $OUT .= " Satisfy $satisfy\n"; |
| + | } |
| + | |
| + | -change groups and users allowed by CL |
| + | |
| + | config setprop foo User "admin toto" |
| + | config setprop foo Group "famille virt" |
| + | then |
| + | signal-event console-save |
| + | |
| + | =====SME Server 9===== |
| + | The apache authentication is made by a new file named authnz_external_module instead of auth_external_module, therefore you need to slightly modify the code above. <br /> |
| + | If it is not done you can have this error in log file and you won't be authenticated |
| + | configuration error: couldn't check user. No user file?: |
| + | See this [http://code.google.com/p/mod-auth-external/wiki/ConfigApache22 howTo]. You need to verify if your /etc/httpd/conf/httpd.conf contain these lines |
| + | AddExternalGroup unixgroup /usr/bin/unixgroup |
| + | SetExternalGroupMethod unixgroup environment |
| + | |
| + | We are waiting the default use of authenticator unixgroup in sme9 (see [[bugzilla:8008]]). For now you need to make the relevant fragment template. |
| + | |
| + | nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth |
| + | { |
| + | $OUT .= " AddExternalGroup unixgroup /usr/bin/unixgroup\n"; |
| + | $OUT .= " SetExternalGroupMethod unixgroup environment\n"; |
| + | } |
| + | |
| + | nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/92foo |
| + | |
| + | { |
| + | $OUT .= " AuthName \"$name\"\n"; |
| + | $OUT .= " '''AuthBasicProvider external'''\n"; |
| + | $OUT .= " AuthType Basic\n"; |
| + | $OUT .= " AuthExternal pwauth\n"; |
| + | $OUT .= " GroupExternal unixgroup\n"; |
| $OUT .= " AuthzUserAuthoritative off\n"; | | $OUT .= " AuthzUserAuthoritative off\n"; |
| $OUT .= " require user $foo{'User'}\n"; | | $OUT .= " require user $foo{'User'}\n"; |
Line 368: |
Line 410: |
| | | |
| { | | { |
− | my $status = $roundcube{'status'} || "disabled"; | + | my $status = $foo{'status'} || "disabled"; |
− | return " # roundcube is disabled in this VirtualHost" | + | return " # foo is disabled in this VirtualHost" |
| unless $status eq 'enabled'; | | unless $status eq 'enabled'; |
| | | |