So, what's the story
I want to enable NTLM auth in Apache and already installed ntlm library (mod_auth_ntlm), installed necessary VS redistributable and placed following strings to httpd.conf
LoadModule auth_ntlm_module modules/mod_authn_ntlm.so
<Location /test >
AuthType NTLM
NTLMAuth on
NTLMAuthoritative on
NTLMOfferBasic off
<RequireAll>
<RequireAny>
Require valid-user
</RequireAny>
</RequireAll>
</Location>
Starting phpinfo - and there is no variables like REMOTE_USER, but ntlm library is successfully loaded
Any folder on web-server is accessible except /test folder - it just returns error 500 Apache error.log has following strings:
[Wed Feb 24 14:54:46.231132 2016] [authn_core:error] [pid 668:tid 1776] [client 10.16.66.19:53872] AH01796: AuthType NTLM configured without corresponding module
So, what's the catch? Any other possibilities?
Solution found!
Still, it's not NTLM library, but SSPI (mod-authn-sspi)
Download correct version of SSPI library (in case of Apache 2.4 it should be mod_authnz_sspi)
Unzip and put .so file into Apache /modules directory
LoadModule authnz_sspi_module modules/mod_authnz_sspi.so <Directory "/test"> AllowOverride None Options None Order allow,deny Allow from all AuthType SSPI SSPIAuth On SSPIAuthoritative On SSPIDomain KL Require valid-user </Directory>
AuthName "authoriz" AuthType SSPI SSPIAuth On SSPIAuthoritative On require valid-user
Of course, you can change AuthName
<?php $cred = explode('\\\\',$_SERVER['REMOTE_USER']); if (count($cred) == 1) array_unshift($cred, "(no domain info - perhaps SSPIOmitDomain is On)"); list($domain, $user) = $cred; echo "You appear to be user <B>$user</B><BR/>"; echo "logged into the Windows NT domain <B>$domain</B>"; ?>
Should work!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.