search

buxxi / mod_auth_form-sample

A sample page for how to use mod_auth_form in Apache 2.4+ under Ubuntu.
22 stars 5 forks source link

adjust for LDAP authentication #3

Open rmarzocchi84 opened 2 years ago

rmarzocchi84 commented 2 years ago

This apache configuration works correctly with basic AuthType 

<Location /utenze>
        AuthName "Active Directory Authentication"
        AuthType Basic
        AuthBasicAuthoritative Off
        AuthBasicProvider ldap
         AuthLDAPURL ldap://LDAPIP:3268/?sAMAccountName?sub
        AuthLDAPBindDN USERNAME@DOMAIN
        AuthLDAPBindPassword MYPWD
        Require valid-user
</Location>

I try to modify with your code:

#<Location />
        AuthName "Active Directory Authentication"
        AuthType Form
        AuthBasicAuthoritative Off
        AuthBasicProvider ldap
        AuthLDAPURL ldap://LDAPIP:3268/?sAMAccountName?sub
        AuthLDAPBindDN USERNAME@DOMAIN
        AuthLDAPBindPassword MYPWD
       ErrorDocument 401 /login/index.html
        AuthFormLoginSuccessLocation /login/success.json
       Session On
        SessionCookieName session path=/
#</Location>

Have you suggestion how can I adjust function tryLogin(form) for LDAP authentication?

I do not understand exactly where you do the authentication

buxxi commented 2 years ago

I have no experience using LDAP at all.

The Javascript just makes the form use an AJAX-request instead of a normal one to avoid the protected page not receiving a POST-request and to avoid the browser giving the "Do you want to submit the data again?" when using the back button. All the authentication is done in the configuration.

If you don't have a need for that you could remove the javascript completely if that makes your debugging easier (and also remove the AuthFormLoginSuccessLocation /login/success.json).

You still have two properties that refers to AuthBasic, I suggest you find the appropriate ones for AuthForm instead.