仅针对某些虚拟主机的 Apache LDAP 身份验证
Apache LDAP Authentication only for some virtualhosts
我在 CentOS 7 下有一个网络服务器 运行 Apache 2.4.6,其中我有几个网络资源。我只想对其中的一些资源应用 LDAP 身份验证,因此我尝试通过为每个资源创建一个虚拟主机并仅为我想要的资源配置 LDAP 身份验证来实现。
这是我的尝试:
/etc/httpd/conf.d/test1.conf:
<VirtualHost *:80>
Servername server_name
DocumentRoot /var/www/html/test1
<Directory "/var/www/html/test1">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
#LDAP
SetHandler php-script
Require all denied
AuthBasicProvider ldap
AuthUserFile /dev/null
AuthName "ldap_auth"
AuthType Basic
AuthLDAPURL ldap_url
AuthLDAPBindDN ldap_dn
AuthLDAPBindPassword ldap_pass
Require ldap-group ldap_group
</Directory>
</VirtualHost>
/etc/httpd/conf.d/test2.conf:
<VirtualHost *:80>
Servername server_name
DocumentRoot /var/www/html/test2
<Directory "/var/www/html/test2">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
这是我当前httpd.conf文件的相关信息:
ServerRoot "/etc/httpd"
Listen 80
Include conf.modules.d/*.conf
User apache
Group apache
<Directory />
AllowOverride none
Require all denied
</Directory>
<Directory "/var/www">
AllowOverride None
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
IncludeOptional conf.d/*.conf
但它总是要求对 test1 和 test2 进行身份验证,对于 test2 我什至无法在登录后加载内容(test1 加载正常)。
最终通过使用Alias指令实现,所以:
/etc/httpd/conf.d/test1.conf:
<VirtualHost *:80>
Servername server_name
DocumentRoot /var/www/html/test1
Alias /test1 /var/www/html/test1
<Directory "/var/www/html/test1">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
#LDAP
SetHandler php-script
Require all denied
AuthBasicProvider ldap
AuthUserFile /dev/null
AuthName "ldap_auth"
AuthType Basic
AuthLDAPURL ldap_url
AuthLDAPBindDN ldap_dn
AuthLDAPBindPassword ldap_pass
Require ldap-group ldap_group
</Directory>
</VirtualHost>
/etc/httpd/conf.d/test2.conf:
<VirtualHost *:80>
Servername server_name
DocumentRoot /var/www/html/test2
Alias /test2 /var/www/html/test2
<Directory "/var/www/html/test2">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
我在 CentOS 7 下有一个网络服务器 运行 Apache 2.4.6,其中我有几个网络资源。我只想对其中的一些资源应用 LDAP 身份验证,因此我尝试通过为每个资源创建一个虚拟主机并仅为我想要的资源配置 LDAP 身份验证来实现。
这是我的尝试:
/etc/httpd/conf.d/test1.conf:
<VirtualHost *:80>
Servername server_name
DocumentRoot /var/www/html/test1
<Directory "/var/www/html/test1">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
#LDAP
SetHandler php-script
Require all denied
AuthBasicProvider ldap
AuthUserFile /dev/null
AuthName "ldap_auth"
AuthType Basic
AuthLDAPURL ldap_url
AuthLDAPBindDN ldap_dn
AuthLDAPBindPassword ldap_pass
Require ldap-group ldap_group
</Directory>
</VirtualHost>
/etc/httpd/conf.d/test2.conf:
<VirtualHost *:80>
Servername server_name
DocumentRoot /var/www/html/test2
<Directory "/var/www/html/test2">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
这是我当前httpd.conf文件的相关信息:
ServerRoot "/etc/httpd"
Listen 80
Include conf.modules.d/*.conf
User apache
Group apache
<Directory />
AllowOverride none
Require all denied
</Directory>
<Directory "/var/www">
AllowOverride None
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
IncludeOptional conf.d/*.conf
但它总是要求对 test1 和 test2 进行身份验证,对于 test2 我什至无法在登录后加载内容(test1 加载正常)。
最终通过使用Alias指令实现,所以:
/etc/httpd/conf.d/test1.conf:
<VirtualHost *:80>
Servername server_name
DocumentRoot /var/www/html/test1
Alias /test1 /var/www/html/test1
<Directory "/var/www/html/test1">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
#LDAP
SetHandler php-script
Require all denied
AuthBasicProvider ldap
AuthUserFile /dev/null
AuthName "ldap_auth"
AuthType Basic
AuthLDAPURL ldap_url
AuthLDAPBindDN ldap_dn
AuthLDAPBindPassword ldap_pass
Require ldap-group ldap_group
</Directory>
</VirtualHost>
/etc/httpd/conf.d/test2.conf:
<VirtualHost *:80>
Servername server_name
DocumentRoot /var/www/html/test2
Alias /test2 /var/www/html/test2
<Directory "/var/www/html/test2">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all