logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: True NTLM Authentication in Apache 2.2.x
Author
nchristiansen



Joined: 08 Feb 2008
Posts: 2
Location: Earth

PostPosted: Fri 08 Feb '08 1:42    Post subject: True NTLM Authentication in Apache 2.2.x Reply with quote

Unlike the thread seamless authentication I am looking for a true NTLM authentication module for Apache.

The LDAP authentication module (mod_authnz_ldap) requires that the browser to send the login credentials using the HTTP Basic Authentication protocol.

This is not secure enough for our needs. We need to have the browser send a true NTLM authentication token, which is then passed from the Apache server to an Active Directory server. Then the module will need to set the appropriate environment variables like the LDAP authentication module.

Is there such a module.

If necessary we can use the mod_perl and the CPAN Apache::AuthenNTLM module. But I would like to have a native Apache 2.2.x module if avilable.

Edit: I should also say that we are using CentOS 5 (Linux) as our platform.
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Fri 08 Feb '08 10:02    Post subject: Reply with quote

On Windows there is mod_auth_sspi. Maybe you ask the editor to compile it for Linux.
Back to top
PipoDeClown



Joined: 20 Dec 2005
Posts: 77

PostPosted: Fri 08 Feb '08 14:10    Post subject: Reply with quote

http://port25.technet.com/archive/2008/01/25/technical-analysis-apache-with-mod-auth-kerb-and-windows-server.aspx
Back to top
nchristiansen



Joined: 08 Feb 2008
Posts: 2
Location: Earth

PostPosted: Fri 08 Feb '08 18:43    Post subject: Reply with quote

PipoDeClown wrote:
http://port25.technet.com/archive/2008/01/25/technical-analysis-apache-with-mod-auth-kerb-and-windows-server.aspx


I suspect (but can't verify because the source code seems unavailable) that the code uses native Windows API calls to do the NTLM calls.

Unfortunately, that dows not work for the CentOS Linux distribution.
Back to top


Reply to topic   Topic: True NTLM Authentication in Apache 2.2.x View previous topic :: View next topic
Post new topic   Forum Index -> Apache