Changes

From SME Server
Jump to navigationJump to search

Web Application RPM (view source)

Revision as of 10:28, 14 January 2016

1,873 bytes added ,  10:28, 14 January 2016
m
→‎Apache Authentication: add AuthBasicProvider directive
Line 1: Line 1:  +
{{Level|Developer}}
 
=Generic Instructions for building a Web Application RPM=
 
=Generic Instructions for building a Web Application RPM=
   Line 233: Line 234:  
           $OUT .= "    AuthName \"$name\"\n";
 
           $OUT .= "    AuthName \"$name\"\n";
 
           $OUT .= "    AuthType Basic\n";
 
           $OUT .= "    AuthType Basic\n";
 +
          $OUT .= "    AuthBasicProvider external\n";
 
           $OUT .= "    AuthExternal pwauth\n";
 
           $OUT .= "    AuthExternal pwauth\n";
 
           $OUT .= "    require valid-user\n";
 
           $OUT .= "    require valid-user\n";
Line 248: Line 250:  
           $OUT .= "    AuthName \"$name\"\n";
 
           $OUT .= "    AuthName \"$name\"\n";
 
           $OUT .= "    AuthType Basic\n";
 
           $OUT .= "    AuthType Basic\n";
 +
          $OUT .= "    AuthBasicProvider external\n";
 
           $OUT .= "    AuthExternal pwauth\n";
 
           $OUT .= "    AuthExternal pwauth\n";
 
           '''$OUT .= "    require valid-user\n";'''
 
           '''$OUT .= "    require valid-user\n";'''
Line 258: Line 261:  
           $OUT .= "    AuthName \"$name\"\n";
 
           $OUT .= "    AuthName \"$name\"\n";
 
           $OUT .= "    AuthType Basic\n";
 
           $OUT .= "    AuthType Basic\n";
 +
          $OUT .= "    AuthBasicProvider external\n";
 
           $OUT .= "    AuthExternal pwauth\n";
 
           $OUT .= "    AuthExternal pwauth\n";
 
           '''$OUT .= "    require user admin pierre paul\n";'''
 
           '''$OUT .= "    require user admin pierre paul\n";'''
Line 277: Line 281:  
nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth
 
nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth
 
  {
 
  {
         $OUT .= "    AddExternalGroup ugroup /usr/lib/httpd/modules/unixgroup\n";
+
         $OUT .= "    AddExternalGroup unixgroup /usr/lib/httpd/modules/unixgroup\n";
         $OUT .= "    SetExternalGroupMethod ugroup environment\n";
+
         $OUT .= "    SetExternalGroupMethod unixgroup environment\n";
 
  }
 
  }
   Line 286: Line 290:  
           $OUT .= "    AuthName \"$name\"\n";
 
           $OUT .= "    AuthName \"$name\"\n";
 
           $OUT .= "    AuthType Basic\n";
 
           $OUT .= "    AuthType Basic\n";
 +
          $OUT .= "    AuthBasicProvider external\n";
 
           $OUT .= "    AuthExternal pwauth\n";
 
           $OUT .= "    AuthExternal pwauth\n";
           $OUT .= "    GroupExternal ugroup\n";
+
           $OUT .= "    GroupExternal unixgroup\n";
 
           $OUT .= "    AuthzUserAuthoritative off\n";
 
           $OUT .= "    AuthzUserAuthoritative off\n";
 
           '''$OUT .= "    require user admin pierre paul\n";'''
 
           '''$OUT .= "    require user admin pierre paul\n";'''
Line 313: Line 318:  
nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth
 
nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth
 
  {
 
  {
         $OUT .= "    AddExternalGroup ugroup /usr/lib/httpd/modules/unixgroup\n";
+
         $OUT .= "    AddExternalGroup unixgroup /usr/lib/httpd/modules/unixgroup\n";
         $OUT .= "    SetExternalGroupMethod ugroup environment\n";
+
         $OUT .= "    SetExternalGroupMethod unixgroup environment\n";
 
  }
 
  }
 
   
 
   
Line 326: Line 331:  
           $OUT .= "    AuthType Basic\n";
 
           $OUT .= "    AuthType Basic\n";
 
           $OUT .= "    AuthExternal pwauth\n";
 
           $OUT .= "    AuthExternal pwauth\n";
           $OUT .= "    GroupExternal ugroup\n";
+
           $OUT .= "    GroupExternal unixgroup\n";
 +
          $OUT .= "    AuthzUserAuthoritative off\n";
 +
          $OUT .= "    require user $foo{'User'}\n";
 +
          $OUT .= "    require group $foo{'Group'}\n";
 +
          $OUT .= "    Satisfy $satisfy\n";
 +
}
 +
 
 +
-change groups and users allowed by CL
 +
 
 +
config setprop foo User "admin toto"
 +
config setprop foo Group "famille virt"
 +
then
 +
signal-event console-save
 +
 
 +
=====SME Server 9=====
 +
The apache authentication is made by a new file named  authnz_external_module instead of auth_external_module, therefore you need to slightly modify the code above. <br />
 +
If it is not done you can have this error in log file and you won't be authenticated
 +
configuration error:  couldn't check user.  No user file?:
 +
See this [http://code.google.com/p/mod-auth-external/wiki/ConfigApache22 howTo]. You need to verify if your /etc/httpd/conf/httpd.conf contain these lines
 +
AddExternalGroup unixgroup /usr/bin/unixgroup
 +
SetExternalGroupMethod unixgroup environment
 +
 
 +
We are waiting the default use of authenticator unixgroup in sme9 (see [[bugzilla:8008]]). For now you need to make the relevant fragment template.
 +
 
 +
nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/35-group-auth
 +
{
 +
        $OUT .= "    AddExternalGroup unixgroup /usr/bin/unixgroup\n";
 +
        $OUT .= "    SetExternalGroupMethod unixgroup environment\n";
 +
}
 +
 
 +
nano /etc/e-smith/templates/etc/httpd/conf/httpd.conf/92foo
 +
 
 +
{
 +
$OUT .= "    AuthName \"$name\"\n";
 +
          $OUT .= "    '''AuthBasicProvider external'''\n";
 +
          $OUT .= "    AuthType Basic\n";
 +
          $OUT .= "    AuthExternal pwauth\n";
 +
          $OUT .= "    GroupExternal unixgroup\n";
 
           $OUT .= "    AuthzUserAuthoritative off\n";
 
           $OUT .= "    AuthzUserAuthoritative off\n";
 
           $OUT .= "    require user $foo{'User'}\n";
 
           $OUT .= "    require user $foo{'User'}\n";
Retrieved from "https://wiki.koozali.org/Special:MobileDiff/22309...30185"

Navigation menu