Apache httpd : Kerberos Authentication2024/01/31 |
Limit accesses on specific web pages and use Windows Active Directory users for authentication with SSL connection.
Windows Active Directory is required in your local network, refer to here.
|
|||||||||||
[1] | |||||||||||
[2] | For example, set Kerberos Authentication under the [/usr/local/www/apache24/data/auth-kerberos] directory. |
root@www:~ #
pkg install -y ap24-mod_auth_kerb2 krb5
root@www:~ #
vi /etc/krb5.conf # create new [libdefaults] default_realm = SRV.WORLD [realms] SRV.WORLD = { kdc = fd3s.srv.world admin_server = fd3s.srv.world }
root@www:~ #
vi /usr/local/etc/apache24/Includes/auth-kerberos.conf # create new <Directory /usr/local/www/apache24/data/auth-kerberos> SSLRequireSSL AuthType Kerberos AuthName "Kerberos Authntication" KrbAuthRealms SRV.WORLD KrbMethodNegotiate Off KrbSaveCredentials Off KrbVerifyKDC Off Require valid-user </Directory>
root@www:~ #
vi /usr/local/etc/apache24/httpd.conf # line 184 : uncomment LoadModule auth_kerb_module libexec/apache24/mod_auth_kerb.so
root@www:~ #
service apache24 reload
# create a test page
root@www:~ #
mkdir /usr/local/www/apache24/data/auth-kerberos root@www:~ # vi /usr/local/www/apache24/data/auth-kerberos/index.html <html> <body> <div style="width: 100%; font-size: 40px; font-weight: bold; text-align: center;"> Test Page for Kerberos Auth </div> </body> </html> |
[3] | Access to the test page with Web browser on any Client Computer, then authentication is required for settings. Authenticate with an existing Active Directory user. |
[4] | That's OK if authentication passed and test page is shown normally. |
Sponsored Link |
|