Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
132 lines (114 sloc) 3.5 KB
######################################################################
# Modifications to the httpd.conf file for mod_auth_radius.c
# written by Alan DeKok <aland@freeradius.org>
#
# Version: $Id$
#
######################################################################
#
# These configuration options should be ADDED to the httpd.conf file
# for your site.
#
######################################################################
######################################################################
#
# Tell Apache to load the module.
#
LoadModule radius_auth_module libexec/mod_auth_radius.so
# the path to the module file will depend on your Apache installation, e.g.
#LoadModule radius_auth_module /usr/lib/apache2/modules/mod_auth_radius.so
######################################################################
#
# Add the general configuration of mod_auth_radius
# either to the BOTTOM of httpd.conf
# or into <VirtualHost> configuration before per-directory settings
#
<IfModule mod_auth_radius.c>
#
# AddRadiusAuth server[:port] <shared-secret> [ timeout [ : retries ]]
#
# Use localhost, the standard RADIUS port, secret 'testing123',
# time out after 5 seconds, and retry 3 times.
AddRadiusAuth localhost:1812 testing123 5:3
#
# AuthRadiusBindAddress <hostname/ip-address>
#
# Bind client (local) socket to this local IP address.
# The server will then see RADIUS client requests will come from
# the given IP address.
#
# By default, the module does not bind to any particular address,
# and the operating system chooses the address to use.
#
#
# AddRadiusCookieValid <minutes-for-which-cookie-is-valid>
#
# the special value of 0 (zero) means the cookie is valid forever.
#
AddRadiusCookieValid 5
</IfModule>
######################################################################
#
# A sample per-directory access-control configuration.
#
# This may go into httpd.conf, either the general section or <VirtualHost>
# When used in an '.htaccess' file, the text BETWEEN the
# <Location /secure/> </Location> directives
# should go into the .htaccess file.
#
# You can also use <Directory /var/www/secure/> </Directory> or similar.
#
# If you want to be sure it only applies when mod_auth_radius is used,
# you can also wrap it in an <IfModule> directive, as above.
#
<Location /secure/>
#
# Use basic password authentication.
# AuthType Digest won't work with RADIUS authentication.
#
AuthType Basic
#
# Tell the user the realm to which they're authenticating.
# This string should be configured for your site.
#
AuthName "RADIUS authentication for localhost"
#
# Set RADIUS to be the provider for this basic authentication
#
AuthBasicProvider radius
#
# Set the debug mode
#
#AuthRadiusDebug on
#
# Make a local variation of AddRadiusCookieValid. The server will choose
# the MINIMUM of the two values.
#
# AuthRadiusCookieValid <minutes-for-which-cookie-is-valid>
#
AuthRadiusCookieValid 5
#
# Set the use of RADIUS authentication at this <Location>"
#
# Globally set the RADIUS authentication active.
#
#
# If there is a directory which you do NOT want to have RADIUS
# authentication for, then use a <Directory> or <Location> directive,
# and set "AuthRadiusActive Off". The default is "On".
#
AuthRadiusActive On
#
# require that mod_auth_radius return a valid user, otherwise
# access is denied.
#
require valid-user
#
# Force the calling station ID to 'MyServiceName' for location /secure/
# AddRadiusCallingStationID <string 1..255 bytes>
#
AddRadiusCallingStationID MyServiceName
#
# end of the per-location directives
#
</Location>