On 8/16/07, Joe Seeley <[EMAIL PROTECTED]> wrote: > I am reposting this since I have not found a solution and never got a reply > on the original post. I've seen through Google others with the same > problem, but never a solution. I'm hopeful that someone knows what's going > on... > > I am trying to use Apache LDAP authentication and proxying to make sure > users exist in our LDAP repository. This is working, but the user is always > prompted to login multiple times. In Firefox the users are prompted twice > for their login; in IE the users are prompted three times for their login. > > My conf file looks something like this. > > ProxyRequests Off > ProxyPass / http://localhost:5000/ > ProxyPassReverse / http://localhost:5000 > ProxyHTMLURLMap http://localhost:5000 http://1.2.3.4 > ProxyHTMLURLMap http://localhost:5000 http://1.2.3.5 > > <Location /> > ProxyPassReverse http://localhost:5000 > SetOutputFilter proxy-html > ProxyHTMLURLMap / / > AuthLDAPEnabled on > AuthLDAPAuthoritative on > AuthLDAPURL "ladp://myserver:3268/DC=FOO > ,DC=BAR,DC=COM?sAMAccountName?sub?" > AuthLDAPBindDN '[EMAIL PROTECTED]" > AuthLDAPBindPassword "password" > AuthType Basic > AuthName "Login in using your domain login." > require valid-user > </Location> > > If you see a mistake in my conf file, or understand why this is prompting > for multiple logins I would appreciate any advice. > > Thanks, > Joe
Strange, it almost seems like the creds aren't being cached, but if it is only 2 or 3 times, that can't be the case. Are you loading both mod_ldap and mod_authnz_ldap? Can you test without the proxy parts? Not much help I'm afraid... nick -- Nick Owen WiKID Systems, Inc. 404.962.8983 http://www.wikidsystems.com Commercial/Open Source Two-Factor Authentication --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
