I've found that I can access HTTP Authorization header by the following code
RewriteEngine on
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
Unfortunately I don't understand how to decode it from base64 and then split username and password.
Of course it's very easy to do this outside apache config, but I need user name and password inside the config in order to pass them to LDAP authorization module.
Actually I want to do something like this:
<Directory "C:/my/directory">
WSGIApplicationGroup %{GLOBAL}
Order deny,allow
Allow from all
AuthType Basic
AuthName "Trac"
AuthBasicProvider "ldap"
AuthLDAPURL "ldap://domain.local:3268/DC=domain,DC=local?sAMAccountName?sub?> (objectClass=user)"
AuthLDAPBindDN %{HTTP_USER}@domain.local
AuthLDAPBindPassword %{HTTP_PASSWORD}
AuthzLDAPAuthoritative off
Require valid-user
</Directory>
I need this because our LDAP server doesn't accept anonymous requests.
Basically, you should create dedicated LDAP user for authorization.
Related to HTTP_AUTHORIZATION header, check RFC2617 http://www.ietf.org/rfc/rfc2617.txt
It depends on which auth scheme you are using.From BASIC scheme you can decode USERNAME and PASSWORD, but from other maybe not possible (NTLM).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.