Am 12.09.2016 um 21:04 schrieb Joshua Schaeffer:
- https://github.com/kvspb/nginx-auth-ldap
I'm using that one to authenticate my users. auth_ldap_cache_enabled on; ldap_server my_ldap_server { url ldaps://ldap.example.org/dc=users,dc=mybase?uid?sub; binddn cn=nginx,dc=mybase; binddn_passwd ...; require valid_user; } server { ... location / { auth_ldap "foobar"; auth_ldap_servers "my_ldap_server"; root /srv/www/...; } } this is like documented on https://github.com/kvspb/nginx-auth-ldap exept my auth_ldap statements are inside the location. while docs suggest them outside. Q: does that matter? I found it useful to explicit set "auth_ldap_cache_enabled on" but cannot remember the detailed reasons. Finally: it's working as expected for me (basic auth, no Kerberos) BUT: I fail to compile this module with openssl-1.1.0 I send a message to https://github.com/kvspb some days ago but got no response till now. the problem (nginx-1.11.3 + openssl-1.1.0 + nginx-auth-ldap) cc -c -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wall -I src/core -I src/event -I src/event/modules -I src/os/unix -I /opt/local/include -I objs -I src/http -I src/http/modules -I src/http/v2 \ -o objs/addon/nginx-auth-ldap-20160428/ngx_http_auth_ldap_module.o \ ./nginx-auth-ldap-20160428//ngx_http_auth_ldap_module.c ./nginx-auth-ldap-20160428//ngx_http_auth_ldap_module.c: In function 'ngx_http_auth_ldap_ssl_handshake': ./nginx-auth-ldap-20160428//ngx_http_auth_ldap_module.c:1325:79: error: dereferencing pointer to incomplete type int setcode = SSL_CTX_load_verify_locations(transport->ssl->connection->ctx, ^ ./nginx-auth-ldap-20160428//ngx_http_auth_ldap_module.c:1335:80: error: dereferencing pointer to incomplete type int setcode = SSL_CTX_set_default_verify_paths(transport->ssl->connection->ctx); ^ make[2]: *** [objs/addon/nginx-auth-ldap-20160428/ngx_http_auth_ldap_module.o] Error 1 objs/Makefile:1343: recipe for target 'objs/addon/nginx-auth-ldap-20160428/ngx_http_auth_ldap_module.o' failed Maybe the list have a suggestion... _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx