Issues with configuration of Apache and mod_auth_sspi

Posted by TekiusFanatikus on Server Fault See other posts from Server Fault or by TekiusFanatikus
Published on 2011-04-04T16:10:27Z Indexed on 2012/03/20 23:31 UTC
Read the original article Hit count: 259

Filed under:

I've been able to get this working using XAMP with Apache 2.0.55 and XAMP Apache 2.2.14 without any problems.

However, when I attempt to configure our intranet server (Apache 2.0.59), I don't get the same results.

The results are that the following variables contain the information desired: $_SERVER["REMOTE_USER"] AND $_SERVER["PHP_AUTH_USER"]. In this case, they are blank. I'm expecting "domain/user_name".

Conf file stuff:

<Directory "/xxx/xampp/htdocs/">
    #
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    #
    # The Options directive is both complicated and important.  Please see
    # http://httpd.apache.org/docs/2.2/mod/core.html#options
    # for more information.
    #

    #Options Indexes FollowSymLinks Includes ExecCGI
    Options Indexes FollowSymLinks

    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #

    #AllowOverride All
    AllowOverride None

    #
    # Controls who can get stuff from this server.
    #
    #Order allow,deny
    #Allow from all
    Order allow,deny
    Allow from all


    #NT Domain Login
    AuthName "Intranet"
    AuthType SSPI
    SSPIAuth On
    SSPIAuthoritative On
    SSPIDomain "xxxx"
    SSPIOfferBasic Off
    SSPIPerRequestAuth On
    SSPIOmitDomain Off      # keep domain name in userid string
    SSPIUsernameCase lower
    Require valid-user 
</Directory>

I would like to note that I've modified the paths to reflect the intranet environment.

I'm using the following module: http://sourceforge.net/projects/mod-auth-sspi/

Once the module is installed and the conf file is modified, the intranet environment's server scope isn't populated with the expected variables.

Edit #1

<Directory "/path_here">
    #
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    #
    # The Options directive is both complicated and important.  Please see
    # http://httpd.apache.org/docs/2.2/mod/core.html#options
    # for more information.
    #

    #Options Indexes FollowSymLinks Includes ExecCGI
    Options Indexes FollowSymLinks

    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #

    #AllowOverride All
    AllowOverride None

    #
    # Controls who can get stuff from this server.
    #
    #Order allow,deny
    #Allow from all
    Order allow,deny
    Allow from all


    #NT Domain Login
    AuthName "Intranet"
    AuthType SSPI
    SSPIAuth On
    SSPIAuthoritative On
    SSPIDomain "domain_here"
    SSPIOfferBasic On
    SSPIPerRequestAuth On
    SSPIOmitDomain Off      # keep domain name in userid string
    SSPIUsernameCase lower
    Require valid-user 
</Directory>

© Server Fault or respective owner

Related posts about php