zoukankan      html  css  js  c++  java

  • Nginx nginx-auth-ldap认证

    Nginx nginx-auth-ldap认证

    官方网站:


    环境:
    CentOS 7.1
    nginx-1.10.0
    openldap-2.4.44




    一.添加nginx-auth-ldap nginx模块
    编译nginx-auth-ldap模块需要ldap.h头文件,所以需要先安装ldap库
    yum -y install openldap-devel


    在编译nginx时,添加上模块编译参数,如
    cd /usr/local/src
    git clone https://github.com/kvspb/nginx-auth-ldap.git

    --add-module=/usr/local/src/nginx-auth-ldap


    二.配置ldap认证
    http {
            ldap_server openldap {
            url ldap://192.168.192.20:389/dc=example,dc=com?uid?sub?(&(objectClass=account));
            binddn "cn=Manager,dc=example,dc=com";
            binddn_passwd "secret";
            group_attribute memberuid;
            group_attribute_is_dn on;
            require valid_user;
          }
    }
    server {
           location /status {
                stub_status on;
                access_log off;
                auth_ldap "Restricted Space";
                auth_ldap_servers openldap;
            }
    }

    注意: 不同的ldap实现,相关的objectClass可能不一样,直接套用nginx-auth-ldap的示例配置直接在openldap上就通不过,解决方法参看https://github.com/kvspb/nginx-auth-ldap/issues/129
    2016/07/04 17:07:40 [error] 33552#0: *9 http_auth_ldap: Could not find user DN, client: 192.168.192.1, server: www.jlive.com, request: "GET /status HTTP/1.1", host: "192.168.192.20"
  • 相关阅读:
    缓存Cache
    RDD的行动操作
    redis数据库的配置
    requests的封装(user-agent,proxies)
    phantjs
    python多线程
    etree-xpath
    Flask
    Flask
    Flask
  • 原文地址:https://www.cnblogs.com/lixuebin/p/10814038.html
Copyright © 2011-2022 走看看