Our target is that when is acceded the directory http://www.midominio.com/privado/, our server makes access control, then it ask for an user/password, and validate trough our directory server.
As usually, we install over Debian etch server, with Apache/2.2.3. We are based on oficial documentation, we need availabel the following modules:
~# cd /etc/apache2/mods-enabled/ ~# ln -s ../mods-available/auth_basic.load auth_basic.load ~# ln -s ../mods-available/authnz_ldap.load authnz_ldap.load ~# ln -s ../mods-available/ldap.load ldap.load ~# /etc/init.d/apache restart
After thet we will write the Location directive in our VirtualHost:
<Location "/privado/"> AuthBasicProvider ldap AuthType Basic AuthzLDAPAuthoritative off AuthName "Archivos privados" AuthLDAPURL "ldap://ldap.midominio.com:389/dc=midominio,dc=com" require valid-user </Location>
This an very basic access control LDAP based. We could aply the “require group administrators” directive and we only allow access for the Administrators LDAP group. Or we could make this control in .htaccess file, if you do not have permissions to edit Apache configuration. At last, better way in the original source or googling a bit.