Kimberly Begley wrote:
I am trying to set up the apache proxy setting for a local galaxy install.
I have this section set but the REMOTE_USER is not getting set properly:
<Location /> AuthType Basic AuthBasicProvider ldap AuthLDAPURL "ldap://server:389/ou=People,dc=domain,dc=edu?uid?sub?(objectClass=person)" AuthzLDAPAuthoritative off Require valid-user </Location> RequestHeader set REMOTE_USER %{AUTHENTICATE_uid}e
I have a feeling I'm missing something.
The authentication for the server is working but the galaxy interface gives the error message that the remote user is not being sent.
Any additional settings that I'm missing here?
Hi Kimberly, If you're using that exact block, it would not work. Your AuthLDAPURL value will need to be modified to your site. This normally means changing: "ldap://" to "ldaps://" if using LDAP over SSL. "server" to the hostname of your LDAP server. "389" to an alternate port if applicable. "ou=People" to another organizational unit if your user accounts live at a different location in the LDAP directory (although "People" is the standard) "dc=domain,dc=edu" to the base distinguished name used by your LDAP server (usually, but not always, your DNS domain) "uid" to the LDAP field containing the user name. "person" to one of the object classes assigned to account entries. This requires a pretty substantial knowledge of LDAP, so if unsure, it'd be best to contact your LDAP directory administrator. --nate