logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Third-party Modules View previous topic :: View next topic
Reply to topic   Topic: apache 2.0.58 with Radius
Author
madRAM



Joined: 10 Apr 2006
Posts: 14

PostPosted: Wed 05 Jul '06 11:57    Post subject: apache 2.0.58 with Radius Reply with quote

Hi folks,

I have an issue with my Apache 2.0.58 for which Steffen was so kind and compiled Radius support. I think I need mod_auth_basic for the Radius authentication (based on mod_auth_radius) to work, but apparently that module does not exist in the modules directory.

Can anyone tell me how basic authentication in any way is supposed to work without mod_auth_basic? If I uncomment the LoadModule line in my httpd.conf apache complains that AuthType is not allowed here when, later on in my httpd.conf I have this statement:

AuthType Basic
AuthName "Radius Authentication"
AuthAuthority Off
...

Please, can someone tell me what to do?

Christian
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Wed 05 Jul '06 12:13    Post subject: Reply with quote

RTM=read the manual!

http://www.freeradius.org/mod_auth_radius/

httpd.conf
Code:

<Location /secure/>
AuthType Basic
AuthName "RADIUS authentication for localhost"
AuthAuthoritative off
AuthRadiusAuthoritative on
AuthRadiusCookieValid 5
AuthRadiusActive On
require valid-user
</Location>
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 3092
Location: Hilversum, NL, EU

PostPosted: Wed 05 Jul '06 12:43    Post subject: Reply with quote

In 2.0.58 there is no mod_auth_basic, it is a 2.2 module.

From the 2.2 Manual:

.. mod_auth is now split into mod_auth_basic and mod_authn_file.... , see http://httpd.apache.org/docs/2.2/new_features_2_2.html

In 2.0.58 enable: LoadModule auth_module modules/mod_auth.so


Steffen
Back to top
madRAM



Joined: 10 Apr 2006
Posts: 14

PostPosted: Wed 05 Jul '06 12:58    Post subject: Reply with quote

Thanks for your reply but, maybe I don't get the point. I have all the options that you posted in my VirtualHost directive. Do I need to capsule them in a Location directive WITHIN my VirtualHost?

Regards,

Christian
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 3092
Location: Hilversum, NL, EU

PostPosted: Wed 05 Jul '06 13:03    Post subject: Reply with quote

The AuthType directive selects the type of user authentication for a directory.

Context: directory, .htaccess

So yo need to put the directives in a diectory or location container, or in a .htaccess file.


Steffen
Back to top
madRAM



Joined: 10 Apr 2006
Posts: 14

PostPosted: Wed 05 Jul '06 14:15    Post subject: Reply with quote

Ok that was definately my fault. I should have read the manual in more detail. I'm sorry for that.

Now I am able to start both Apache versions with mod_auth_radius support. I do have one last problem though. Whenever I try to log in using my OTP I receive an Internal Server Error and in the log of the Apache I see the following lines:

Internal error: pcfg_openfile() called with NULL filename
[client IP] (9) Bad file descriptor: Could not open password file: (null)

I think this is due to that fact that Apache still wants to use normal authentication. I think this is because I can't use the directive

AuthAuthoritative off

When I try to use it, I get an error when starting the apache - seems like he does not know about that directive.

I'm really sorry to bothering you with this issue, but you are kind of my last hope Wink)

Christian
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 3092
Location: Hilversum, NL, EU

PostPosted: Wed 05 Jul '06 15:42    Post subject: Reply with quote

AuthAuthoritative off works here on 2.0.58

Did you defined ? :

#
# AddRadiusAuth server[:port] <shared-secret> [ timeout [ : retries ]]
#

For example:
# Use localhost, the old RADIUS port, secret 'testing123',
# time out after 5 seconds, and retry 3 times.

AddRadiusAuth localhost:1645 testing123 5:3


Steffen
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 3092
Location: Hilversum, NL, EU

PostPosted: Wed 05 Jul '06 15:53    Post subject: Reply with quote

From the manual at www.freeradius.org/mod_auth_radius/ :

You must have at least one authentication method as authoritative. If
they all return "DECLINED", you get a "server configuration error"
message.

Steffen
Back to top
madRAM



Joined: 10 Apr 2006
Posts: 14

PostPosted: Wed 05 Jul '06 16:38    Post subject: Reply with quote

Thanks a lot Steffen,

I was able to get past this error by now - and of course facing the next one Wink

Apache is now sending authentication request against a Microsoft IAS in the internal network.

I will try and go on with this.

Again, thanks for all your help.

Christian
Back to top
gkmekala



Joined: 05 Nov 2007
Posts: 1

PostPosted: Mon 05 Nov '07 18:16    Post subject: Radius auth doesn't work with mod_jk Reply with quote

First I tried with radius auth module on apache2.2.4. It crashes apache. I found that it works on apsche2.0.58. It worked for me with plain apache2 but not in conjuntion with mod_jk where the actual webapp is in tomcat.
Any help is appreciated.
Back to top


Reply to topic   Topic: apache 2.0.58 with Radius View previous topic :: View next topic
Post new topic   Forum Index -> Third-party Modules