▸ quoted from Joshua Krause
On Mon, June 16, 2008 10:49, Joshua Krause wrote:
I was wondering how to configure the enable/disable page to use radius.
I've done some searching on the net but haven't found anything real
concrete.
I use mod_auth_xradius-0.4.6, built in place, authenticating against a
Netware-Radius gateway, which presents as a stock radius server.
Following config needs
/usr/lib/httpd/modules/mod_auth_xradius.so
This is in /etc/httpd/conf.d/hobbit-apache.conf:
# Hobbit admin script authentication against NDS via Radius, match against
hobbitgroup
ScriptAlias /hobbit-seccgi/ "/usr/lib/hobbit/cgi-secure/"
<Directory "/usr/lib/hobbit/cgi-secure">
AllowOverride None
Options ExecCGI Includes
Order allow,deny
Allow from all
## --Radius options begin here--
## This is what the client sees in their Prompt.
AuthName "Novell/RADIUS Authentication Required"
## This identifies the authentication module
AuthBasicProvider xradius
## Type of authentication to use.
AuthType basic
## Address and the Shared Secret of the RADIUS Server to contact.
AuthXRadiusAddServer "radius-server.example.com:1645" "radiussecr3t"
## Time in Seconds to wait for replies from the RADIUS Servers
AuthXRadiusTimeout 7
## Number of times to resend a request to a server if no reply is
received.
AuthXRadiusRetries 2
## --Radius options end here--
# "valid-user" restricts access to anyone who is logged in.
Require valid-user
# "group admins" further restricts to users who have logged in, AND
# are members of the "admins" group in hobbitgroup.
AuthGroupFile /etc/hobbit/hobbitgroup
Require group admins
</Directory>