This is an old revision of the document!
To authenticate via LDAP, Apache (>=2.4) needs the authnz_ldap
to be enabled, for instance, in Debian the following command should be run:
a2enmod authnz_ldap
To protect a location, for instance /trac/SOMETHING/login
the following configuration should be added:
<LocationMatch ^/trac/[^/]+/login$> ### Authentication: LDAP AuthType Basic AuthName "Authorization required" AuthBasicProvider ldap AuthLDAPUrl "ldap://MYLDAPSERVER.TLD:PORT/ou=USERS,ou=GROUP,dc=SERVER,dc=TLD?uid" AuthLDAPBindDN "cn=ADMIN,dc=SERVER,dc=TLD" AuthLDAPBindPassword ADMIN_PASSWORD require valid-user </LocationMatch>
where:
MYLDAPSERVER.TLD
is the LDAP server hostname or IP address,PORT
is the LDAP server port (usually, 389
),ou=USERS,ou=GROUP,dc=SERVER,dc=TLD
is the selector (in this case, USERS
from GROUP
, in SERVER
, in TLD
,cn=ADMIN,dc=SERVER,dc=TLD
is the administrative binding used to authenticate to the LDAP server,ADMIN_PASSWORD
is the administrative binding password