Hi everyone !
I have a very tricky thing to do.
I want to catch the username of the visitor from my intranet from an LDAP/AD
authentification and use suPHP with this user to execute PHP scripts with the
permission of this user.
Here my configuration:
NameVirtualHost mesfichiers
<VirtualHost xxxxxxx>
ServerName mesfichiers
ServerAdmin [EMAIL PROTECTED]
DocumentRoot "/var/www/gestionnaire/"
LogLevel info
<Directory "/var/www/gestionnaire/">
AuthLDAPEnabled on
AuthLDAPAuthoritative on
AuthName "Connexion serveur de fichiers"
AuthType Basic
AuthLDAPURL
ldap://xxxxxxxxx:3268/ou=CDA,dc=agglo-larochelle,dc=fr?sAMAccountName?sub?(objectClass=user)
AuthLDAPBindDN "CN=xxxxx,CN=Users,DC=agglo-larochelle,DC=fr"
AuthLDAPBindPassword xxxx
require valid-user
allow from all
Options +Indexes
</Directory>
RewriteEngine On
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=USER:%1]
#now in my $_SERVER table I have $_SERVER['USER'] = 'myUser'
suPHP_UserGroup CDA+%{USER} staff
Header add X-Forwarded-User %{USER}e
</VirtualHost>
All works fine (ldap autentification ok, le USER apache variable is set
correctly) but I can't use it in my suPHP_UserGroup definition ?
I cause a
[Thu Jul 26 13:09:14 2007] [error] [client xxxxxxx] Premature end of script
headers: index.php
[Thu Jul 26 13:09:14 2007] [error] [client xxxxxxx] Premature end of script
headers: index.php
If I switch suPHP_UserGroup CDA+%{USER} staff
in suPHP_UserGroup CDA+j.rautureau staff
There is no problem. The script is correctly executed by CDA+j.rautureau.
All I would like is to make in dynamic...you see ?
My server: debian sarge, PHP5 CGI, Apache2 (mod_ldap, mod_suphp0.6.2 compiled,
mod_rewrite, mod_headers)
Here's my configuration
./configure --prefix=/usr --with-min-uid=1000 --with-min-gid=50
--sysconfdir=/etc --with-apache-user=www-data --with-setid-mode=force
--disable-checkuid --with-apxs=/usr/bin/apxs2 --disable-checkpath
--with-logfile=/var/log/suphp.log
Thanks for your help!
Jérôme Rautureau
Développeur Systèmes
Communauté d'agglomération de La Rochelle
Tel : 05 46 30 34 25 / Fax : 05 46 30 34 29
_______________________________________________
suPHP mailing list
[email protected]
http://lists.marsching.biz/mailman/listinfo/suphp