0

I have some api covered by reverse proxy. I have configured basic auth with ldap AD credentials and it works like a charm. But there are some users from external organization that don't have AD account.

Is it possible to configure ldap and .htpasswd authentication at the same time? That's why I call it hybrid basic auth.

I have only tried this in nginx with satisfy operator but in nginx for ldap auth I have to compile it from sources. This is not acceptable for my client.

Improve this question

1 Answer 1

Reset to default
1

Ok, now I know it is possible :)

<VirtualHost *:80>
 <Location />
  Order allow,deny
  Allow from all
  ProxyPass  http://localhost:3000/
  ProxyPassReverse http://localhost:3000/

  AuthType Basic
  AuthName "Please enter Your credentials"

  AuthBasicProvider ldap file
  AuthLDAPURL ldap://10.10.10.1:389/OU=Users,OU=Company,DC=int,DC=company,DC=pl?sAMAccountName?sub?(objectClass=*)
  AuthLDAPBindDN "CN=tech_user,OU=Special_Users,OU=Users,OU=Company,DC=int,DC=company,DC=pl"
  AuthLDAPBindPassword "some_password"
  AuthUserFile /etc/apache2/.htpasswd

  Require valid-user
  Satisfy All
 </Location>

 ProxyPreserveHost On
</VirtualHost>
Improve this answer
1
  • Excellent :-) What would make a good answer a great one is editing it to add context. For example adding the file name, and a bit of description of what exactly is happening there. Commented Feb 26, 2023 at 23:12

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.