Call external commands for apache user authentication / mod authnz external

From Bitbull Wiki
Jump to navigation Jump to search

1 install module

tested on CentOS 5.3

install httpd httpd-devel
wget http://mod-auth-external.googlecode.com/files/mod_authnz_external-3.2.4.tar.gz
tar vxfz mod_authnz_external-3.2.4.tar.gz
cd mod_authnz_external-3.2.4
apxs -c mod_authnz_external.c #compile module
apxs -i -a mod_authnz_external.la #install module

2 define external auth module

cat INSTALL #read configuration instructions
vi /etc/httpd/conf.d/mod_authnz_external.conf
---
# LoadModule authnz_external_module modules/mod_authnz_external.so
# FunctionToCall   WorkName Type ArgumentToType
DefineExternalAuth samba pipe /usr/local/bin/apache_samba_auth.sh

<Directory /var/www/html/test >
   AuthName "Test Seite via Samba"
   AuthType Basic
   AuthBasicProvider external
   AuthExternal samba
   require valid-user
</Directory>


<Files bbstatus.cgi >
   AuthName "Status Seite"
   AuthType Basic
   AuthBasicProvider external
   AuthExternal samba
   require user chris test
</Files>
---
cat /usr/local/bin/apache_samba_auth.sh
---
#!/bin/bash
# DESC: read USR + PW from stdin, then test it against PDC
read USR
read PW
/usr/bin/smbclient -U $USR%$PW -L 192.168.1.102 >/dev/null 2>&1
---

3 test it

service httpd restart
tail -f /var/log/httpd/*log

browse to the dir