mod_uwa installation

mod_uwa provides an easy-to-use ldap group Web Authorization capability for an Apache web server.

1. Acquire the prerequisites
2. Install the module
3. Authorize your server to LDAP
4. Configure your system

Prerequisites

You will need these associated products. Most of these are available in normal unix distributions.

• An Apache installation. Either version 1.3 or 2.x is OK.
  • Apache home

• An up-to-date OpenSSL library.
  • OpenSSL home

• An up-to-date OpenLDAP library.
  • OpenLDAP home

• An up-to-date sasl2 library.
  • SASL home

• A kerberos library. SASL2 seems to requires the gssapi_krb5 library. Otherwise kerberos would not be needed.
  • Kerberos home

Build and install the module

1. Get the current uwa module.
2. Extract the file contents into a directory.
3. cd to the directory.
4. Check the configuration information in: ldaplib.h. It should be correct for University of Washington sites.
5. Configure and make. Note that sasl2 requires kerberos, even though your configuration may not use it. You may need to specify both --with-sasl2 and --with-krb5.

     $ configure
     $ make
     $ make install
   

Authorize your server to LDAP

UW sites will have to authenticate with a UW issued ssl certificate. Contact the registration site to request authorization. You will need a UW CA certificate.

If you want to use Kerberos authentication to LDAP you will also need a kerberos id and keytab for that name.

If you want to use simple authentication va SSL to LDAP you will only need a password attribute for that name.

Configure your system

See the module configuration documentation.