I have a site that I want to force a user to log in via LDAP before they can see the front page of the website. This works with generic webpages fine, but doesn't work with a rails site running passenger on apache2. I've seen some references that this is because passenger doesn't respect the Directory command (or picks up before it gets to that directive). Is there a way to make this happen or do I need to add devise to the site instead?
<VirtualHost *:80> ServerName test.example.com DocumentRoot "/www/software/rails_site/current/public" ErrorLog "/www/logs/software/rails_site/error_log" CustomLog "/www/logs/software/rails_site/access_log" common DirectoryIndex index.html RailsEnv production <Directory "/www/software/rails_site/current/public"> AuthType Basic AuthName "Secure portal" AuthBasicProvider ldap AuthzLDAPAuthoritative on AuthLDAPURL "info" AuthLDAPBindPassword "pass" require ldap-user usernames Order deny,allow Satisfy Any </Directory> </VirtualHost>
The above doesn't prevent the site from loading or do any challenge when first trying to load the site.
preguntado el 01 de febrero de 12 a las 22:02
Try placing the authentication directives inside a Location instead of a Directory so that they will be triggered first by the incoming URI. Apparently Passenger has an order of operations associated with Directory directives.
This old post confirms that what you're trying to do (at least used to be) possible: