Apache::AuthLDAP - mod_perl LDAP Access Control and Authentication Module


    <Directory /foo/bar>
    # Authentication Realm and Type (only Basic supported)
    AuthName "Foo Bar Authentication"
    AuthType Basic

    # Any of the following variables can be set.  Defaults are listed
    # to the right.
    PerlSetVar BaseDN o=Foo,c=Bar        # Default:  Empty String ("")
    PerlSetVar LDAPServer   # Default: localhost
    PerlSetVar LDAPPort 389              # Default: 389 (standard LDAP port)
    PerlSetVar UIDAttr uid               # Default: uid

    PerlAuthenHandler Apache::AuthLDAP

    # Require lines can be any of the following:
    require valid-user             # Any Valid LDAP User
    require user uid1 uid2 uid2    # Allow Any User in List
    require ldapattrib val1 val2   # Allow Any User w/ Entry Containing
                                   # Matching Attribute and Value

    These directives can also be used in a .htaccess file.


This perl module is designed to work with mod_perl and my Net::LDAPapi module (

This version of the module does not support access control based on LDAP groups, but the next release will. It does support a handy access control based on attribute and value pairs. This can be used to restrict access to people whose LDAP entries contain a given department number, etc...

I welcome feedback on this module and the Net::LDAPapi module.


Clayton Donley <>


Copyright (c) 1998 Clayton Donley

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.