How to make apache2 authenticate against MS SQL 2000 Server - Page 3

Want to support HowtoForge? Become a subscriber!
 
Submitted by spats (Contact Author) (Forums) on Fri, 2007-01-12 19:24. ::

5.2. Apache part

After some googling again I found that there is an apache module, that makes it authenticate against almost everything. Modules name is mod_auth_external and project is located at http://www.unixpapa.com/mod_auth_external.html

Special interest for me was that “The external authentication program can be a shell script or perl program” (or as I strongly suspected - java program as in my case).
I’ve got the version that was suitable for our apache and unpacked it:

wget http://www.unixpapa.com/software/mod_auth_external-2.2.11.tar.gz
tar –xvzf mod_auth_external-2.2.11.tar.gz

README and INSTALL files from that package revealed pretty much all I needed to set it up.
Suse didn’t have apxs that was needed to compile and install the module – so I installed apxs2 which is in apache2-devel package from iso that has been mounted under /mnt/iso4.

rpm -ivh /mnt/iso4/suse/x86_64/apache2-devel-2.0.49-27.8.x86_64.rpm

Further following instructions in INSTALL file of mod_auth_external I compiled and installed mod_auth_external:

apxs2 -c mod_auth_external.c
apxs2 -i -a mod_auth_external.la

apxs should do some configuration but it was already warning in INSTALL file that it does not work in some cases.
So I manually added the line to /etc/apache2/sysconfig.d/loadmodule.conf line:

LoadModule auth_external_module /usr/lib64/apache2-prefork/mod_auth_external.so
 

And linked the mod_auth_external.so from /usr/lib64/apache2/mod_auth_external.so to /usr/lib64/apache2-prefork/mod_auth_external.so where our apache takes all its modules from.

Last thing that had to be done to configure apache – set directives in httpd.conf and <directory> as it was described in INSTALL.

But before that – I realized that there are incompatibilities in my testConnection.java. mod_auth_external can pass parameters to scripts as ENV variables, via pipe, checkpassword or hardcodedfunction (sybase, radius). I had to pass password and username to testConnection as command line arguments in first version - so easiest seemed to rewrite it to take username and password from stdin (pipe).

Another change I made was because The sample perl scripts if authentication was unsuccessful terminated with

exit 0

and if successful with

exit 1

I made analog changes in my java program.


Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.