slightly patched fork of LDAP authentication module for nginx
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Patrik Weiskircher 20f279f0f9 Fix requests that were waiting on a LDAP connection getting lost and timing out after 10 seconds. 10 years ago
LICENSE Add contribution notice to the licenses 11 years ago
README.md updated README 11 years ago
config config: Fix compilation for Linux 10 years ago
example.conf need ; after the password input, or else it give an error 12 years ago
ngx_http_auth_ldap_module.c Fix requests that were waiting on a LDAP connection getting lost and timing out after 10 seconds. 10 years ago

README.md

LDAP Authentication module for nginx

LDAP module for nginx which supports authentication against multiple LDAP servers.

How to install

FreeBSD

cd /usr/ports/www/nginx && make config install clean

Check HTTP_AUTH_LDAP options

[*] HTTP_AUTH_LDAP        3rd party http_auth_ldap module 

Linux

cd ~ && git clone https://github.com/kvspb/nginx-auth-ldap.git   

in nginx source folder

./configure --add-module=path_to_http_auth_ldap_module
make install

Example configuration

Define list of your LDAP servers with required user/group requirements:

    http {
      ldap_server test1 {
        url ldap://192.168.0.1:3268/DC=test,DC=local?sAMAccountName?sub?(objectClass=person);
        binddn "TEST\\LDAPUSER";
        binddn_passwd LDAPPASSWORD;
        group_attribute uniquemember;
        group_attribute_is_dn on;
        require valid_user;
      }

      ldap_server test2 {
        url ldap://192.168.0.2:3268/DC=test,DC=local?sAMAccountName?sub?(objectClass=person);
        binddn "TEST\\LDAPUSER";
        binddn_passwd LDAPPASSWORD;
        group_attribute uniquemember;
        group_attribute_is_dn on;
        require valid_user;
      }
    }

And add required servers in correct order into your location/server directive:

    server {
        listen       8000;
        server_name  localhost;

        auth_ldap "Forbidden";
        auth_ldap_servers test1;
		auth_ldap_servers test2;

        location / {
            root   html;
            index  index.html index.htm;
        }

    }