Re: Question about the list

Wed, 17 Aug 2005 12:51:05 -0700 

Hi Andrew.
I'm sure these kind of questions are best answered on httpd- [EMAIL PROTECTED] 

there are two options here.

you can either use apaches authentication handling, which will prompt  
you with a dialog for a user/password

OR

you can use rewrite and do a cookie check which redirects non-cookied  
people to a special page which does the LDAP

lookup and cookie setting.


Some people @ columbia wrote a module called mod_auth_pamacea does  
this I believe. the only caveats I see with it are

:- it is GPL

:- the session manager it uses is file based, which won't scale  
(their words) but you could change the session manager to use

   a mysql DB or somesuch if you need scalability

regards
Ian

On 18/08/2005, at 3:30 AM, Andrew Musselman wrote:


Well, after searching the archive more I found some usage questions;
hence I will post my own :)

We are trying to shut down web access to all our networked printers on
campus "the easy way":  set up a proxy server through which only

selected people can access the printers.  The authentication can be  
done

using LDAP.

A couple of methods have been suggested, and I am researching them
now:
(1) mod_ssl + mod_auth_ldap + mod_proxy
(2) mod_ssl + mod_authz_ldap + mod_proxy
(3) mod_ssl + A nice little PHP login page that queries LDAP before
turning things over to mod_proxy.

So far I have had success with setting up a virtual host as a forward

proxy and with activating SSL for LDAP queries through a login  
page, but
I'm really confused about something:  how could I set things up so  
users

visit some login page, their credentials are checked through LDAP, and
then they are forwarded to the printer they want?

Does anyone have any suggestions, or has anyone tried this and gotten
anywhere?  Thanks for your time.

Best,
Andrew


Andrew Musselman
[EMAIL PROTECTED]



[EMAIL PROTECTED] 8/17/2005 9:56 AM >>>


Hello--

I have some questions that are not development questions, but I
couldn't find a list for just the use of mod_proxy.  Does anyone know
of
a list that might be appropriate?

Thank you,
Andrew

Andrew Musselman
[EMAIL PROTECTED]



--
Ian Holsman
Director
Network Management Systems
CNET Networks
PH: 415-344-2608 (USA) /(++61) 3-9877-0909 (Australia)























					Reply via email to