Skip to content
No description or website provided.
HTML Puppet Ruby Shell
Find file
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
files Use file() function instead of fileserver
manifests
spec Show bug
templates Set default ssl hash alg to sha256
.fixtures.yml Use puppet forge for fixtures
.gitignore Use docker for acceptance tests
.puppet-lint.rc Update with modulesync
.travis.yml Update with modulesync
Gemfile Update with modulesync
README Fix variables containing capital letters
Rakefile Add publishing rake tasks
metadata.json Release version 1.0.9

README

This module requires stdlib for validate_re support.

Types
#####

# Authentication, Authorization and Access Control

Definitions related to the apache authentication should always be in the form :

apache::auth::type::provider::authorization

To be consistent with the three types of Apache modules involved in the 
authentication and authorization process :
http://httpd.apache.org/docs/2.2/howto/auth.html

The main advantages of this new way to manage authentication are the possibility 
of sharing resources between virtual hosts and access restrictions

######################################
## Simple Basic File Authentication ##
######################################

Example:

1. create one or more users :

   apache::auth::htpasswd {"user1 in /a/path/htpasswd":
    ensure => present,
    user_file_location => "/srv/a/path",
    user_file_name => "htpasswd",
    username => "user1",
    clearPassword => "user1", # use encryption in definition
  }

  apache::auth::htpasswd {"user2 in /var/www/camptocamp.com/private/htpasswd":
    ensure => present,
    vhost => "camptocamp.com"
    username => "user2",
    crypt_password => 'kdrY191UyPY3E', # (htpasswd -ndb user2 user2)
  }
 
2. create one or more groups :

  apache::auth::htgroup {"group1 in /var/www/camptocamp.com/private/htgroup":
    ensure => present,
    groupname => "group1",
    members => "user1 user2",
  }

3. restrict access to a location with these users our groups

  apache::auth::basic::file::group {"group1-webdav1":
    vhost => "camptocamp.com",
    location => "/webdav1",
    groups => "group1",
  }

  apache::auth::basic::file::user {"user1-on-webdav2":
    vhost => "camptocamp.com",
    location => "/webdav2",
    auth_user_file => "/srv/dav0/htpasswd",
    users => "user1", # it not defined -> 'valid-user'
  }

###############################
## Basic LDAP Authentication ##
###############################

Example:

apache::auth::basic::ldap {"collectd":
  vhost => $fqdn,
  location => "/collection3",
  auth_ldap_url => 'ldap://ldap.foobar.ch/c=ch?uid??',
  auth_ldap_group_attribute => "memberUid",
  auth_ldap_group_attribute_is_dn => "off",
  authz_require => "ldap-group ou=foo,ou=bar,o=entreprises,c=ch",
}

Something went wrong with that request. Please try again.