Add LDAP Authentication¶
The following prerequisites need to be satisfied:
- An LDAP server, e.g.,
- NSS configured on the OnDemand Server to look up users via LDAP
- The mod_authnz_ldap Apache module installed
Then you can modify your ood-portal-generator configuration file as such:
# /etc/ood/config/ood_portal.yml --- auth: - "AuthType Basic" - "AuthName \"private\"" - "AuthBasicProvider ldap" - "AuthLDAPURL \"ldaps://ldap.my-center.edu:636/ou=People,ou=hpc\"" - "RequestHeader unset Authorization" - "Require valid-user"
RequestHeader setting is used to strip private session
information from being sent to the backend web servers.
Each array item is treated as a line in the Apache configuration file. You can add more Apache LDAP directives as separate array items.
Build the Apache configuration file and install it.