On Fri, 23 Jan 2015, David Hawes wrote:
On Fri, Jan 23, 2015 at 5:38 AM, Tiit Kaeeli <[email protected]> wrote:
On Thu, 22 Jan 2015, David Hawes wrote:
On Thu, Jan 22, 2015 at 8:07 AM, Tiit Kaeeli <[email protected]> wrote:
Hi,
For LDAP based group authorization on Apache, I tried to enable SAML
support.
http://permalink.gmane.org/gmane.comp.java.jasig.cas.user/26597
notes, that
mod_auth_cas 1.0.9.1 cannot parse the <saml1p:StatusCode
Value="saml1p:Success"/> part of this response.
To get around this, either use git master or use the patch from
https://github.com/Jasig/mod_auth_cas/pull/46/files.
Readme on git master (cloned 19.01.2015) states
The following development libraries and utilities must be installed:
...
* Apache Web Server - 2.2.3
...
After compiling and loading to Apache, the following error is returned:
apache2: Syntax error on line 244 of /etc/apache2/apache2.conf: Syntax
error
on line 2 of /etc/apache2/mods-enabled/auth_cas.load: Cannot load
/opt/mod_auth_cas/mod_auth_cas.so into server:
/opt/mod_auth_cas/mod_auth_cas.so: undefined symbol:
ap_hook_check_access_ex
Action 'configtest' failed.
http://httpd.apache.org/docs/2.4/developer/new_api_2_4.html
New functions ap_hook_check_access_ex, ap_hook_check_access,
ap_hook_check_authn, ap_hook_check_authz which accept
AP_AUTH_INTERNAL_PER_*
flags
Are you using git master, or did you patch?
Can you post a diff of your mod_auth_cas.c with git master's?
I used git master from 19.01.2015
What's the output of 'httpd -v'?
apache2 -V
Server version: Apache/2.2.22 (Debian)
Server built: Dec 23 2014 22:48:29
Server's Module Magic Number: 20051115:30
Server loaded: APR 1.4.6, APR-Util 1.4.1
Compiled using: APR 1.4.6, APR-Util 1.4.1
Architecture: 64-bit
Server MPM: Prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=128
-D HTTPD_ROOT="/etc/apache2"
-D SUEXEC_BIN="/usr/lib/apache2/suexec"
-D DEFAULT_PIDLOG="/var/run/apache2.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="/var/run/apache2/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="mime.types"
-D SERVER_CONFIG_FILE="apache2.conf"
If you want to test something, change mod_auth_cas.c:2648 to "#if 0"
to force using ap_hook_check_user_id. Recompile and see if that works.
After the change, this is the output:
apache2: Syntax error on line 244 of /etc/apache2/apache2.conf: Syntax
error on line 2 of /etc/apache2/mods-enabled/auth_cas.load: Cannot load
/opt/mod_auth_cas/mod_auth_cas.so into server:
/opt/mod_auth_cas/mod_auth_cas.so: undefined symbol: ap_log_error_
Action 'configtest' failed.
The Apache error log may have more information.
failed!
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
