SSPI & authnz_sspi_module in Laragon


  • | 4288 points

    Hi all,

    I'm trying to use the apache windows authentication module with ldap.

    In the past I've used WAMPServer and I can normally drop authnz_sspi_module into apache/modules/, add LoadModule authnz_sspi_module modules/mod_authnz_sspi.so to httpd.conf, enable LDAP module in apache and PHP then add the following to my virtual host entry:

    <VirtualHost *:80>
        DocumentRoot "c:/laragon/www/authtest"
        ServerName authtest
        ServerAlias authtest
    
    	<Directory "c:/laragon/www/authtest">
    	    Options Indexes FollowSymLinks MultiViews
    	    AllowOverride All
                    Require all granted
    
    	    AuthName "SACBUK"
    	    AuthType SSPI
    	    SSPIAuth On
    	    SSPIAuthoritative On
    	    SSPIOmitDomain On
    
    	    require valid-user
    	</Directory>
    </VirtualHost>
    

    Then if I var_dump( $_SERVER['REMOTE_USER'] ) I can see the logged in user's username.

    However, right now I'm not getting access to the $_SERVER['REMOTE_USER'] variable.

    I've tried this both in: C:\laragon\etc\apache2\sites-enabled\00-default.conf and C:\laragon\etc\apache2\sites-enabled\auto.authtest.dev.conf

    Should I be doing this elsewhere?

    Any advice would be appreciated.

    Thank you!


  • | 1896 points

    If you see no error when changing your virtualhost that means the module loaded. Google $_SERVER['REMOTE_USER'] might help.


  • | 4288 points

    @nhido

    Thanks for your reply.

    Usually if $_SERVER['REMOTE_USER'] isn't set, it's because my config isn't correct or it may not be applied to the correct area.

    Do you know which file I should be writing the config in? Is it C:\laragon\etc\apache2\sites-enabled\00-default.conf or C:\laragon\etc\apache2\sites-enabled\auto.authtest.dev.conf, or is it somewhere else altogether?

    Usually I would edit conf/extra/httpd-vhosts.conf, but I'm guessing laragon functions differently as the code that uses the file from httpd.conf is commented out:

    # Virtual hosts
    #Include conf/extra/httpd-vhosts.conf
    

  • administrators
    | 66720 points

    @haakym: You should write to your project's conf file, so auto.authtest.dev.conf is right.

    However, for persistency you must remove the "auto." prefix of the file --> authtest.dev.conf
    For that, Laragon will respect your own configuartion file and will not auto update it.


  • | 4288 points

    @leokhoa

    Right, that makes sense. I'll give it another shot.

    Many thanks for your assistance!


  • | 4288 points

    @leokhoa

    I have now created authtest.dev.conf do I now need to remove the auto.authtest.dev.conf file? Or will it regenerate regardless?


  • administrators
    | 66720 points

    @haakym :
    It's fine. You need to remove the auto one. It will smart enough to not regenerate :)
    PS: You can just rename the file.


  • | 4288 points

    @leokhoa Awesome! Thanks for your quick replies. I hope I can get this working...


  • | 4288 points

    Got it working with this in the end...

    authtest.dev.conf

    <VirtualHost *:80> 
        DocumentRoot "C:/laragon/www/authtest/"
        ServerName authtest.dev
        ServerAlias *.authtest.dev
        <Directory "C:/laragon/www/authtest/">
            #AllowOverride All
            #Require all granted
    
            Options None 
    		AllowOverride All 
    		
    		Order allow,deny 
    		Allow from all 
    		
    		#AuthName "SSPI Protected Place" 
    		AuthType SSPI 
    		SSPIAuth On 
    		SSPIAuthoritative On 
    		SSPIOfferBasic On 
    		SSPIOmitDomain On 
    
    		Require valid-user 
    
        </Directory>
    </VirtualHost>
    

    Thank you!


  • administrators
    | 66720 points

    You rock! +1


  • | 4288 points

    @leokhoa Thanks! And thanks again for this awesome software!


  • administrators
    | 66720 points

    Welcome! I'm glad to help :)


Log in to reply
 

Looks like your connection to Laragon was lost, please wait while we try to reconnect.