Apache LDAP authentication

To enable your web pages to use LDAP authentication , please follow the listed steps:

  1. create a file named .htaccess in the directory you want to protect
  2. inside it insert something like this :
    • AuthName "My LDAP Authentication"
    • AuthType Basic
    • LDAP_Server ldap1.cs.kent.edu
      # here you can substitute ldap1 with ldap2; # the ldap hosts can also be put on the same line for redundancy
    • LDAP_Port 389
    • Base_DN "dc=cs,dc=kent,dc=edu"
    • UID_attr uid
    • require user username1, username2, username3
There are a few other variations :
  • To let all users with an LDAP account , use : require valid-user
  • To authenticate users by name, rather username , use : require user "John Doe"
  • To authenticate users from a group test , use : require group test
  • To filter users based on an LDAP attribute(e.g. to restrict to users that are allowed to login into b1), use :
    AuthAuthoritative Off
    require ldap-attribute host="b1.cs.kent.edu"
If the group authentication above does not work, then try adding the following directives to your .htaccess file:
AuthAuthoritative Off
require filter "(KSUStatus=sys)"

Valid groups for "KSUStatus are:

  • faculty
  • staff
  • sys
  • grad
  • ugrad
  • lowlevel

Note: Authentication on webpages(classes).cs.kent.edu is a little different, only the following is needed :

  • AuthName "My LDAP Authentication"
  • AuthType Basic
  • AuthLDAPURL "ldap://ldap1.cs.kent.edu ldap2.cs.kent.edu/dc=cs, dc=kent, dc=edu"
  • require user username
If you have suggestions on this document, please email them at systems@cs.kent.edu.

 
Computer Science Lab 139
About Our Program
The Department offers Computer Science degrees at the Bachelor's, Masters and Ph.D. level. The faculty believes in a strong advising approach at all levels. Advisors help the students choose the appropriate program according to their goals, needs and interests.