How to configure Apache Security on Ldap

This is a simply configuration of apahce to use Ldap authentication, You need to enable ldap and ldap_auth modules.

 

<Location /ldaplocation >
 
AuthType Basic
AuthName "ldap auth"
AuthBasicProvider ldap
AuthLDAPBindDN "CN=ldapbind,O=test,C=it"
AuthLDAPBindPassword mypasswordhere
AuthLDAPURL "ldap://ldaphost:389/?uid?sub?(objectClass=inetOrgPerson)"
 
Options Indexes
SetOutputFilter DEFLATE
  <Limit OPTIONS PROPFIND GET REPORT MKACTIVITY PROPPATCH PUT CHECKOUT MKCOL MOVE COPY DELETE LOCK UNLOCK MERGE>
     Require valid-user
 </Limit>
</Location>

3 simple step to use .htaccess & .htpasswd

1) Create htpasswd

htpasswd -c /srv/www/htpasswd username —-> <insert password>

2) Put file named .htaccess
containing this lines:

#######################################
AuthUserFile  /srv/www/.htpasswd
AuthType Basic
AuthName "backend"
Require valid-user
#######################################

3) allow override in http.con as follow:

<Directory "/srv/www/htdocs">;
...

# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
#   Options FileInfo AuthConfig Limit
AllowOverride AuthConfig
# Controls who can get stuff from this server.
Order allow,deny
Allow from all

...
</Directory>