In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-09-22 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
Use nginx to get ldap certification:
Back up the original nginx:
[root@daya-02 nginx-1.12.2] # mv / usr/sbin/nginx / usr/sbin/ nginx.bak [root @ daya-02 nginx-1.12.2] # cp-r / etc/nginx/ / etc/nginx_bak
View the currently installed version of nginx:
[root@daya-02 ~] # nginx-Vnginx version: nginx/1.12.2
Download the same version of the source package:
[root@daya-02 ~] # wget http://nginx.org/download/nginx-1.12.2.tar.gz[root@daya-02 ~] # tar xf nginx-1.12.2.tar.gz
Download the expansion pack required by ldap:
Git clone https://github.com/kvspb/nginx-auth-ldap.git
Check the compilation parameters of the original nginx:
[root@daya-02 nginx-1.12.2] # nginx- Vnginx version: nginx/1.12.2built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC) built with OpenSSL 1.0.2k-fips 26 Jan 2017TLS SNI support enabledconfigure arguments:-- prefix=/usr/share/nginx-- sbin-path=/usr/sbin/nginx-- modules-path=/usr/lib64/nginx/modules-- conf-path=/etc/nginx/nginx.conf-- error-log -path=/var/log/nginx/error.log-http-log-path=/var/log/nginx/access.log-http-client-body-temp-path=/var/lib/nginx/tmp/client_body-http-proxy-temp-path=/var/lib/nginx/tmp/proxy-http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi-http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi-http-scgi-temp-path=/var / lib/nginx/tmp/scgi-- pid-path=/run/nginx.pid-- lock-path=/run/lock/subsys/nginx-- user=nginx-- group=nginx-- with-file-aio-- with-http_auth_request_module-- with-http_ssl_module-- with-http_v2_module-- with-http_realip_module-- with-http_addition_module-- with-http_xslt_module=dynamic-- with-http_image_filter_module=dynamic-- with -http_geoip_module=dynamic-with-http_sub_module-with-http_dav_module-with-http_flv_module-with-http_mp4_module-with-http_gunzip_module-with-http_gzip_static_module-with-http_random_index_module-with-http_secure_link_module-with-http_degradation_module-with-http_slice_module with-http_stub_status_module with-http_perl _ module=dynamic-- with-mail=dynamic-- with-mail_ssl_module-- with-pcre--with-pcre-jit-- with-stream=dynamic-- with-stream_ssl_module-- with-google_perftools_module-- with-debug-- with-cc-opt='-O2-g-pipe-Wall-Wp -D_FORTIFY_SOURCE=2-fexceptions-fstack-protector-strong-- param=ssp-buffer-size=4-grecord-gcc-switches-specs=/usr/lib/rpm/redhat/redhat-hardened-cc1-M64-mtune=generic'-with-ld-opt='-Wl,-z,relro-specs=/usr/lib/rpm/redhat/redhat-hardened-ld-Wl,-E'
If you compile again, you need the original compilation parameters plus the parameters you need to add:
[root@daya-02 nginx-1.12.2] # / configure-- prefix=/usr/share/nginx-- sbin-path=/usr/sbin/nginx-- modules-path=/usr/lib64/nginx/modules-- conf-path=/etc/nginx/nginx.conf-- error-log-path=/var/log/nginx/error.log-- http-log-path=/var/log/nginx/access.log-- http-client-body-temp-path=/var/lib/nginx/tmp/client _ body-http-proxy-temp-path=/var/lib/nginx/tmp/proxy-- http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi-- http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi-- http-scgi-temp-path=/var/lib/nginx/tmp/scgi-- pid-path=/run/nginx.pid-- lock-path=/run/lock/subsys/nginx-- user=nginx-- group=nginx-- with-file-aio-- with-ipv6 -- with-http_auth_request_module-- with-http_ssl_module-- with-http_v2_module-- with-http_realip_module-- with-http_addition_module-- with-http_xslt_module=dynamic-- with-http_image_filter_module=dynamic-- with-http_geoip_module=dynamic-- with-http_sub_module-- with-http_dav_module-- with-http_flv_module-- with-http_mp4_module-- with-http_gunzip_ Module-with-http_gzip_static_module-with-http_random_index_module-with-http_secure_link_module-with-http_degradation_module-with-http_slice_module-with-http_stub_status_module-with-http_perl_module=dynamic-with-mail=dynamic-with-mail_ssl_module-with-pcre- with-pcre-jit-with-stream=dynamic-with-stream_ssl_module-with-google_perftools_ Module-- with-debug-- with-cc-opt='-O2-g-pipe-Wall-Wp -D_FORTIFY_SOURCE=2-fexceptions-fstack-protector-strong-- param=ssp-buffer-size=4-grecord-gcc-switches-specs=/usr/lib/rpm/redhat/redhat-hardened-cc1-M64-mtune=generic'-with-ld-opt='-Wl,-z,relro-specs=/usr/lib/rpm/redhat/redhat-hardened-ld-Wl,-E'-- add-module=/root/nginx-auth-ldap
Then execute make, just make, not install.
Check for availability:
[root@daya-02 nginx-1.12.2] #. / objs/nginx-t
Replace:
[root@daya-02 nginx-1.12.2] # cp. / objs/nginx / usr/sbin/
Restart:
[root@daya-02 nginx-1.12.2] # nginx- s reload
Configure ldap authentication:
Ldap_server test {url ldap://172.16.28.180:389/DC=test,DC=com?cn?sub? (objectClass=person); binddn "cn=admin,dc=test,dc=com"; binddn_passwd 123465; # group_attribute People; # group_attribute_is_dn on; require valid_user;} server {listen 8080; server_name _ Root / usr/share/nginx/html; location / {auth_ldap "Forbidden"; auth_ldap_servers test;}}
Problems encountered: the following are lack of related dependencies in the environment. Just install them.
. / configure: error: the HTTP XSLT module requires the libxml2/libxsltyum install libxslt-devel-y./configure: error: the HTTP image filter module requires the GD library. Yum install gd-devel-y. / configure: error: perl module ExtUtils::Embed is required yum-y install perl-devel perl-ExtUtils-Embed. / configure: error: the GeoIP module requires the GeoIP library. Yum-y install GeoIP GeoIP-devel GeoIP-data. / configure: error: the Google perftools module requires the Google perftoolsyum install gperftools-y./configure: error: SSL modules require the OpenSSL library.yum-y install openssl openssl-develchecking for-- with-ld-opt= "- Wl,-z,relro-specs=/usr/lib/rpm/redhat/redhat-hardened-ld-Wl,-E". Not found./configure: error: the invalid value in-- with-ld-opt= "- Wl,-z,relro-specs=/usr/lib/rpm/redhat/redhat-hardened-ld-Wl -E "yum install redhat-rpm-config-y./configure: error: perl module ExtUtils::Embed is requiredyum-y install perl-devel perl-ExtUtils-Embed error when executing make: / root/nginx-auth-ldap/ngx_http_auth_ldap_module.c:33:18: fatal error: ldap.h: No such file or directory # include yum install-y openldap-devel
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
The market share of Chrome browser on the desktop has exceeded 70%, and users are complaining about
The world's first 2nm mobile chip: Samsung Exynos 2600 is ready for mass production.According to a r
A US federal judge has ruled that Google can keep its Chrome browser, but it will be prohibited from
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
About us Contact us Product review car news thenatureplanet
More Form oMedia: AutoTimes. Bestcoffee. SL News. Jarebook. Coffee Hunters. Sundaily. Modezone. NNB. Coffee. Game News. FrontStreet. GGAMEN
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
