PYNTLM error with required valid-user

Legrandin / PyAuthenNTLM2

PyAuthenNTLM2 is an authentication module for Apache. It validates a user by means of the NTLM protocol and a separate Domain Controller (or Active Directory server).

Other

57 stars 42 forks source link

PYNTLM error with required valid-user #19

Open steveconig opened 10 years ago

steveconig commented 10 years ago

I am using Ubuntu 14.04 with Apache 2.4.7 and Python 3.4. I am trying to get SSO to work with NTLM. I can get basic authentication to authenticate with Active Directory. I am using this Directory Apache Config:

Directory /var/www/some_directory AuthType NTLM AuthName domain.local require valid-user PythonAuthenHandler pyntlm PythonOption Domain domain.local PythonOption PDC dc1.domain.local PythonOption BDC dc2.domain.local /Directory

When I comment out the require valid-user I am able to use basic authentication to authenticate to the site. Yet when I use require valid-user I get an error in apache2/error.log. It does say I authenticate and shows my username/DOMAIN but I get a following error that says "PYNTLM: Authorization failed for username and URI /." Is there an alternative to require valid-user that can be used in the apache2.conf file.

DeathR0W commented 10 years ago

Hi, I am also getting this problem with valid-user for 2.4 and I dont know how to solve it.. were you able to fix this issue?

steveconig commented 9 years ago

I was missing a module, though I don't remember what module it was at the time. I would double check and make sure that you have all of the modules required, they may be different if you are using Ubuntu.

geshido commented 9 years ago

Hello,@steveconig, have you found a module name which absence was causing the problem?

Judokus commented 9 years ago

I think it's the same issue as #15

SanderGit commented 8 years ago

I got it to work by disabling the authorization checks in:

def check_authorization(req, username, proxy):

I changed the last line from this snipped from False to True:


 else:
        req.log_error('PYNTLM: Authorization failed for %s and URI %s.' %
            (username,req.unparsed_uri))
    return True

This is due to changed code in Apache 2.4+ which needs an update in PyAuthenNTLM2 to work.

Judokus commented 8 years ago

doesn't that defeat the whole purpose of using PyAuthenNTLM2 ?

SanderGit commented 8 years ago

Do not mix authentication with authorization.

Op vr 29 apr. 2016 09:54 schreef Judokus notifications@github.com:

doesn't that defeat the whole purpose of using Py_Auth_enNTLM2 ?

— You are receiving this because you commented. Reply to this email directly or view it on GitHub https://github.com/Legrandin/PyAuthenNTLM2/issues/19#issuecomment-215652216