ACP Apache Authentication

PHP

Php is used to pass the user name to ACP via an environment variable.

  • In c:\php Rename php-ini-development.ini to php.ini.
  • Add the php directory to the path
  • In the search box type environment and select edit the system environment variables
  • In system properties select Environment variables
  • Select system variables>Path and press Edit.
  • Select New and add C:\php then press OK. Then exit the system properties dialog.
  • In a command prompt enter php - if you get an error you will probably need to reboot. php should start and you will get a blinking cursor. Press Control + C to get out of the php loop.

Apache Authentication

Password file

  • (Create a file passwords without extension. Save this in C:\Apache24\password

(This file should be placed somewhere not accessible from the web so that it cannot be downloaded}.

  • To create the file, use the htpasswd utility that came with Apache. This will be located in Apache24 bin directory. In a command prompt:

(Substitute your desired username here>. c:\Apache24\bin>htpasswd -c c:\Apache24\passwords <yourusername>
{The -c flag creates a new file}

  • htpasswd will ask you for the password, and then ask you to type it again to confirm it:

New password: ************
Re-type new password: ************
Adding password for user yourusername

Add/Manage users

Add any other users and password pairs later. You can refer to this page

Apache windows sspi authentication

The mod_authnz_sspi module is no longer available from Apachehaus. It has been replaced by the NTLM module. We have not configured this module on our servers and cannot provide further instructions at this time, but the folllowing may still work if you replace the mod_authnz_sspi with the mod_authn_ntml module .

Add the Apache Windows sspi Authentication module

  • Download the module and unzip it to a folder.

https://www.apachehaus.net/modules/mod_authnz_sspi/mod_authnz_sspi-0.1.1a1-2.4.x-x64-vc15.zip

  • Note that this module is not from Apache. This most recent version is vc15 - this is an add on done by the community.
  • From the downloaded folder: Apache24\modules copy mod_authnz_sspi.so and save to the Apache modules directory.

C:\Apache24\modules\mod_authnz_sspi.so

  • Copy: Apache24\bin\sspipkgs.exe and save it in the Apache bin directory.

C:\Apache24\bin\sspipkgs.exe

Add/Manage users

  • Ensure each user has a windows account. (If not, add them as a local user from computer management and create a password for them). This will be the user name to sign into ACP and the windows password will be the password for ACP. So if they are a new user you will need to give then the windows credentials. There is no way for a user to set their own password unless they have access to the server's computer management.
  • An admin will need to add the users to the ACP projects they will be a member of.
  • An admin will need to change passwords.

Connect to a Microsoft on premises active directory with LDAP

LDAP Documentation:

https://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html https://coderanger.net/~coderanger/tracdoc/install/apacheauth.html#windows-active-directory

  • Uncomment these 2 lines in the httpd.conf file

LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule ldap_module modules/mod_ldap.so


Binding information: To connect to the active directory, we need the values for these 3 Apache configuration variables:
AuthLDAPBindDN
AuthLDAPBindPassword
AuthLDAPURL )

  • Add the authentication section to the httpd.conf file in the directory tags (Lumina will normally do this as part of the apache httpd.conf file setup).

#Auth section
AuthType Basic
AuthName "ldap authentication"
AuthBasicProvider ldap
AuthLDAPBindDN "<<Enclode the BindDN in quotes, with single quotes around filters with spaces.>>"
AuthLDAPBindPassword
AuthLDAPURL 'Single quotes around the entire LDAP URL and double quotes around any filters with spaces'
LDAPReferrals Off
Require valid-user
RequestHeader set X-Remote-User %{REMOTE_USER}s
#end auth_basic_module#

Connect to Azure Active directory or AZURE Entra ID with OpenID

A

B

Comments


Tarik TAOUCHE

15 months ago
Score 0

Hi there,

the link below seems to be broken or not functionnal. https://www....x64-vc15.zip

is there another link to it since we haven't find it anywhere ?

Thanks
Permalink

Dpaine

21 days ago
Score 0
No link, it but apparently The sspi module is no longer available from official sources. It has been replaced by the NTLM module. We have not configured this module on our servers and cannot provide instructions at this time
Permalink

You are not allowed to post comments.