MIDAS Active Directory (LDAP) IntegrationActive Directory Integration

Configuring Apache

For Apache 2.2:

In order for Apache 2.2 to authenticate against an Active Directory server, the module "mod_auth_sspi.so" must be present, enabled, and correctly configured.

Once installed, this module can be enabled by adding the following line to your server's httpd.conf file:

LoadModule sspi_auth_module modules/mod_auth_sspi.so

Next, you will need to configure the directory on your server where your MIDAS resides to authenticate against your Active Directory. Again, this is done by adding the following to your httpd.conf file:

<Location "/midas/">
  AuthName "Intranet"
  AuthType SSPI
  SSPIDomain xxx.xxx.xxx.xxx
  SSPIAuth on
  SSPIOfferSSPI on
  SSPIAuthoritative on
  SSPIUsernameCase lower
  SSPIPerRequestAuth on
  SSPIOmitDomain on
  require valid-user
</Location>
Where "/midas/" is the location where MIDAS resides on your server, relative to the root (usually "htdocs" or "public_html"), and xxx.xxx.xxx.xxx is the IP address or domain name of your Active Directory server. In the above example, MIDAS resides under /public_html/midas/, and therefore the location to use is "/midas/"

Tip: You will need to restart Apache for changes you make to your httpd.conf file to take affect


For Apache 2.4:

In order for Apache 2.4 to authenticate against an Active Directory server, the module "mod_authnz_sspi.so" must be present, enabled, and correctly configured.

The module mod_authnz_sspi may be obtained from https://www.apachehaus.net/modules/mod_authnz_sspi - Make sure you download the right version for your Apache install (x64 or x86).

Unzip the module, and add the files from the bin location to your Apache "bin" folder, and the files from the module folder to your Apache "module" folder.

Once installed, this module can be enabled by adding the following line to your server's httpd.conf file:

LoadModule authnz_sspi_module modules/mod_authnz_sspi.so

Please also ensure that the following modules are uncommented in your http.conf file (by removing any leading "#"):

LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_core_module modules/mod_authz_core.so

Next, you will need to configure the directory on your server where your MIDAS resides to authenticate against your Active Directory. Again, this is done by adding the following to your httpd.conf file:

<Location "/midas/">
  AuthName "Intranet"
  AuthType SSPI
  SSPIDomain xxx.xxx.xxx.xxx
  SSPIAuth on
  SSPIOfferSSPI on
  SSPIAuthoritative on
  SSPIUsernameCase lower
  SSPIPerRequestAuth on
  SSPIOmitDomain on
  require valid-user
</Location>
Where "/midas/" is the location where MIDAS resides on your server, relative to the root (usually "htdocs" or "public_html"), and xxx.xxx.xxx.xxx is the IP address or domain name of your Active Directory server. In the above example, MIDAS resides under /public_html/midas/, and therefore the location to use is "/midas/"

Tip: You will need to restart Apache for changes you make to your httpd.conf file to take affect


Next Up...