The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.

NAME

Apache::AuthPerLDAP - mod_perl PerLDAP Authentication Module

SYNOPSIS

<Directory /foo/bar>
# Authentication Realm and Type (only Basic supported)
AuthName "Foo Bar Authentication"
AuthType Basic

# Any of the following variables can be set.  
# Defaults are listed to the right.
PerlSetVar BaseDN o=Foo,c=Bar        # Default: ""  (empty String)
PerlSetVar LDAPServer ldap.foo.com   # Default: localhost
PerlSetVar LDAPPort 389              # Default: 389 (standard LDAP port)
PerlSetVar UIDAttr uid               # Default: uid
require valid-user

PerlAuthenHandler Apache::AuthPerLDAP

</Directory>

These directives can also be used in a .htaccess file.

DESCRIPTION

AuthPerLDAP provides Basic Authentication, with username/password lookups against an LDAP server, using Netscape's PerLDAP kit.

It is heavily based on Clayton Donley's Apache::AuthLDAP module, but uses the newer Netscape PerLDAP (Mozilla::LDAP), which in turn uses the Netscape Directory SDK for C. Thus Donley's original Net::LDAPapi module and library is no longer required.

It requires mod_perl and PerLDAP (v1.2 or later). Building mod_perl with:

perl Makefile.PL PERL_AUTHEN=1 PERL_STACKED_HANDLERS=1 PERL_GET_SET_HANDLERS

works for me. If this module is the only Apache/Perl module you are going to use, you probably don't need anything but the PERL_AUTHEN hook enabled.

Unlike Donley's Apache::AuthLDAP module, AuthPerLDAP is only used for authentication, and thus only supports the require-user directive. If a user enters the correct username and password, the authentication is considered to be OK.

TODO

  • Find out more about these messages in the error_log: "child pid 5244 exit signal Segmentation Fault (11)"

  • Further testing.

  • More detailed documentation.

  • Some examples of how to setup and use this module.

CREDITS

Apache::AuthPerLDAP is greatly inspired by the original Apache::AuthLDAP written by Clayton Donley.

Adoption to PerLDAP was done by reading the PerLDAP source and documentation provided by Netscape Corp. and Leif Hedstrom, found at www.perldap.org.

The new book published by O'Reilly & Associates, and authored by Lincoln Stein and Doug MacEachern helped clarify many mod_perl issues I previously had problems with: "Writing Apache Modules with Perl and C" (www.modperl.com).

Andreas K. Sorensen provided usefull Perl wisdom during debugging.

AUTHOR

Henrik Strom <henrik@computer.org>

COPYRIGHT

Copyright (c) 1999 Henrik Strom

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

SEE ALSO

mod_perl(1), Mozilla::LDAP::Conn, Apache::AuthenCache.