Difference between revisions of "Apache authentication: NTLM Single Signon"
m |
|||
Line 12: | Line 12: | ||
add to httpd.conf (virtual host): | add to httpd.conf (virtual host): | ||
− | {{cat|/etc/apache2/httpd.conf|AuthType NTLM | + | {{cat|/etc/apache2/httpd.conf|<nowiki>AuthType NTLM |
NTLMauth on | NTLMauth on | ||
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp" | NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp" | ||
Require user <users> | Require user <users> | ||
+ | </nowiki> | ||
}} | }} | ||
Line 22: | Line 23: | ||
Alternatively, allow all valid users who are members of the winbind domain with the following: | Alternatively, allow all valid users who are members of the winbind domain with the following: | ||
− | < | + | {{cat|/etc/apache2/httpd.conf|<nowiki>#/etc/apache2/httpd.conf |
+ | AuthType NTLM | ||
NTLMauth on | NTLMauth on | ||
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp -require-membership-of="WORKGROUP\Domain Users"" | NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp -require-membership-of="WORKGROUP\Domain Users"" | ||
Require valid user | Require valid user | ||
− | </ | + | </nowiki> |
+ | }} | ||
− | Restart | + | Restart Apache and test: |
− | {{cmd|# rc-service | + | {{cmd|# rc-service apache2 restart}} |
Revision as of 18:07, 7 December 2018
NTLM single sign on under Apache
Note: This guide assumes you have Samba configured and connected to a Windows domain
Install needed packages:
# apk add apache2 apache-mod-auth-ntlm-winbind
Add apache user to winbind group:
# addgroup <user> winbind
add to httpd.conf (virtual host):
Contents of /etc/apache2/httpd.conf
AuthType NTLM
NTLMauth on
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
Require user <users>
Ensure that all users requiring authentication are added to the last line.
Alternatively, allow all valid users who are members of the winbind domain with the following:
Contents of /etc/apache2/httpd.conf
#/etc/apache2/httpd.conf
AuthType NTLM
NTLMauth on
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp -require-membership-of="WORKGROUP\Domain Users""
Require valid user
Restart Apache and test:
# rc-service apache2 restart