Archive for the ‘Apache’ Category

Apache: setting up ldap for authentication for Nagios

Thursday, December 3rd, 2009

We already have LDAP running in my environment. So, with SLES 10 SP3 and Apache here is a quick way to get your web based Nagios application using your LDAP system.

  1. Set up your nagios.conf file under /etc/apache2/conf.d
  2. Add the following lines to the nagios share
       AuthName   LDAP_Auth_Test                  
       AuthBasicProvider ldap                     
       AuthzLDAPAuthoritative off
       AuthLDAPBindDN uid=your user name,dc=your domain,dc=com
       AuthLDAPBindPassword  password for your user name                         
       AuthLDAPURL ldap:// value
    ,dc=your value,dc=com?uid?
  3. Change the permissions on the nagios.conf file to 400 with the Apache user as the owner. The reason is for security and the only user that needs to read the file is Apache. Don’t worry, root will be able to modify the file.
  4. Vi /etc/sysconfig/apache2 and add the following to the APACHE_MODULES section: authnz_ldap ldap
  5. Start Apache and you are finished. When someone connects to the application, they will receive the authentication text box, so they can enter their userid and password before entering the application.

NOTE: Users are only authenticating against the application. Once they leave the web application, they will be required to authenticate against your proxy server. That is considering you are running Nagios internally with apache on the same host.

Enjoy and I hope this helps.

Apache: DirectoryIndex for adding “index” file types

Thursday, October 29th, 2009

Some circles would have you believe that web sites should be written in one scripting language. That does not hold water when you consider all the applications that will need to be integrated into the web site. We have also experienced some application developers that will place an “index.html” file that calls the other file. I have to assume their training was in web languages and they have no experience with Apache web server.

Take for instance you are a beginner with web page design and want to use the default first page, “index.html.” As you progress you may want to create other web applications that require “index.php”, “index.wml” or “” Do not be afraid to expand your horizons, because Apache is very flexible.

The easiest method for accomplishing this task is with Apache’s “.htaccess” file. Apache will read the .htaccess file prior to performing any work within the directory. The lowest level .htaccess file found is applied to the directory and sub-directories. So, we will need to work with the .htaccess file at the lowest directory we want the directions to apply.

Recently, we set up a mobile directory which included an “index.wml” file. Hosting plans will not allow you to get to the root of their Apache web server to make modifications, so we needed to take care of the problem within the mobile directory.

We created the .htaccess file and placed the following Apache web server instructions:

DirectoryIndex index.wmlsc index.wml
AddType text/vnd.wap.wml .wml
AddType image/vnd.wap.wbmp .wbmp
AddType application/vnd.wap.wmlc .wmlc
AddType text/vnd.wap.wmlscript .wmls
AddType application/vnd.wap.wmlscriptc .wmlsc
AddHandler cgi-script .wmlsc

This enabled us to create a mobile directory and implement an “index.wml” file for interpretation by the web server. Please note that too many .htaccess files will slow the performance of the web server and you also want to be careful not to over ride any previous directives. Oh, and don’t forget to check the permissions on the .htaccess file because you do not want anyone but “root” to be able to write to the file.

Hope this helps,

Mike Kniaziewicz