svn commit: lorikeet r680 - in trunk/mod_auth_ntlm_winbind: .
lmuelle at samba.org
lmuelle at samba.org
Tue Nov 14 23:28:54 GMT 2006
Author: lmuelle
Date: 2006-11-14 23:28:53 +0000 (Tue, 14 Nov 2006)
New Revision: 680
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=680
Log:
Consolidate documentation in the README.
Replace duplication form the source by a short pointer to the README.
Modified:
trunk/mod_auth_ntlm_winbind/README
trunk/mod_auth_ntlm_winbind/mod_auth_ntlm_winbind.c
Changeset:
Modified: trunk/mod_auth_ntlm_winbind/README
===================================================================
--- trunk/mod_auth_ntlm_winbind/README 2006-11-14 22:23:39 UTC (rev 679)
+++ trunk/mod_auth_ntlm_winbind/README 2006-11-14 23:28:53 UTC (rev 680)
@@ -1,7 +1,19 @@
-mod_auth_ntlm_winbind is an Apache 1.x/2.x module that provides NTLM
-and Basic authentication via winbind.
+OVERVIEW
-INSTALLATION:
+The mod_auth_ntlm_winbind module provides authentication and
+authorisation over the web against a Microsoft Windows NT/2000/XP or
+Samba Domain Controller using Samba's winbind daemon running on the
+same machine Apache 1.x or 2.x is running on.
+
+Used only by IE and newer versions of the Mozilla browser family, the
+NTLM over HTTP protocol is completed undocumented by Microsoft but has
+been reverse engineered and described at the following URL:
+
+http://davenport.sf.net/ntlm.html
+
+
+INSTALLATION
+
The configure.in script and Makefile are essentially wrappers around
apxs, which should be able to do all the work by itself. Having said
that, the build/install process should simply be a matter of:
@@ -27,7 +39,9 @@
$ apxs -DAPACHE2 -c -i mod_auth_ntlm_winbind.c
(substitute apxs2 as appropriate)
+
CONFIGURATION
+
mod_auth_ntlm_winbind uses the same ntlm_auth helper as the Squid
proxy, so the same setup applies as for Squid: the winbindd_privileged
directory must be accessible by the webserver userid. The
@@ -51,11 +65,13 @@
PlaintextAuthHelper
Location and arguments to the Samba ntlm_auth utility for Plaintext auth
-Here are some example configuration blocks:
+The following httpd.conf configuration describes an example
+configuration for this module:
+
NTLM authentication:
-<Directory "/var/www/auth">
+<Directory "/srv/www/auth">
AuthName "NTLM Authentication thingy"
NTLMAuth on
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
@@ -64,9 +80,9 @@
require valid-user
</Directory>
-NTLM+Negotiate authentication:
+or, to enable 'NTLM+Negotiate' authentication too:
-<Directory "/var/www/auth">
+<Directory "/srv/www/auth">
AuthName "NTLM Authentication thingy"
NTLMAuth on
NegotiateAuth on
@@ -77,3 +93,9 @@
AuthType Negotiate
require valid-user
</Directory>
+
+
+To debug what is going on, add the following line to your httpd.conf
+to enable debug messages to be written to the apache error log file:
+
+LogLevel debug
Modified: trunk/mod_auth_ntlm_winbind/mod_auth_ntlm_winbind.c
===================================================================
--- trunk/mod_auth_ntlm_winbind/mod_auth_ntlm_winbind.c 2006-11-14 22:23:39 UTC (rev 679)
+++ trunk/mod_auth_ntlm_winbind/mod_auth_ntlm_winbind.c 2006-11-14 23:28:53 UTC (rev 680)
@@ -36,53 +36,9 @@
*/
-
/*
- * OVERVIEW:
- *
- * The mod_auth_ntlm_winbind module allows authentication and authorisation
- * over the web against a Windows NT/2000/XP domain controller using the
- * winbind daemon running on the same machine apache is running on.
- *
- * Used only by IE and newer versions of Mozilla, the NTLM over HTTP protocol is completed undocumented
- * by Microsoft but has been reverse engineered and described at the
- * following URL:
- *
- * http://davenport.sf.net/ntlm.html
- *
- * CONFIGURATION:
- *
- * The following httpd.conf configuration describes an example
- * configuration for this module:
- *
- * <Directory "/var/www/auth">
- * AuthName "NTLM Authentication thingy"
- * NTLMAuth on
- * NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
- * NTLMBasicAuthoritative on
- * AuthType NTLM
- * require valid-user
- * </Directory>
- *
- * or, to enable 'Negotiate' authentication too:
- *
- * <Directory "/var/www/auth">
- * AuthName "NTLM Authentication thingy"
- * NTLMAuth on
- * NegotiateAuth on
- * NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
- * NegotiateAuthHelper "/usr/bin/ntlm_auth --helper-protocol=gss-spnego"
- * NTLMBasicAuthoritative on
- * AuthType NTLM
- * AuthType Negotiate
- * require valid-user
- * </Directory>
- *
- * To debug what is going on, add the following line to your httpd.conf
- * to enable debug messages to be written to the apache error log file:
- *
- * LogLevel debug
- *
+ * The sections OVERVIEW, INSTALLATION, and CONFIGURATION are available from
+ * the README file in this directory.
*/
#include "httpd.h"
More information about the samba-cvs
mailing list