1. Installing Nginx
(1 Install Pcre:tar zxvf pcre-8.37.tar cd pcre-8.37./configure make && make install (2 install OpenSSL tar zxvf openssl-1.0.1g.tar.gz CD openssl-1.0.1g./config make percent make install if OpenSSL still has an error: Yum-y install OpenSSL Openldap-devel (3 install nginx cd/usr/src tar zxvf nginx-1.6.2.tar.gz cd nginx-1.6.2./configure--prefix=/usr/local/ng Inx make && make install
2.nginx Installing the LDAP module
Cd/usr/src/git Clone Https://github.com/kvspb/nginx-auth-ldap.git cd/usr/src/nginx-1.6.2./configure--add-module=/ Usr/src/nginx-auth-ldap/make Install
3. Build registry (omitted)
4. Modify Nginx configuration file
# for more information on configuration, see:# * official English Documentation: http://nginx.org/en/docs/# * Official Russian documentation: http://nginx.org/ru/docs/user nginx;worker_processes auto;error_log /var/log/nginx/error.log;pid /run/nginx.pid;events { worker_connections 1024;} #ldap认证 http { log_format main ' $remote _addr - $remote _user [$time _local] "$request" " ' $status $body _bytes_ sent "$http _referer" "$http _user_agent" "$http _x_forwarded_for" '; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; include /etc/nginx/conf.d/*.conf; #反向代理配置 ldap_server test1 { url ldap://10.10.212.71/ou=people,dc=wepaas,dc=com?uid? Sub? (objectclass=*); #binddn "uid=wepaas,ou=people,dc=wepaas,dc=com"; #binddn_passwd "wepaas2016#"; group_attribute uniquemember; group_attribute_is_dn on; require valid_user; } upstream webserver { server 127.0.0.1:5000; } server { listen 9000 default_server; server_name registry.eitcloud.cn; location / { proxy_pass&Nbsp;http://webserver; auth_ldap_ Servers test1; auth_ ldap "Forbidden"; root html; index index.html index.htm; } }}
Reference Documentation:
Https://github.com/kvspb/nginx-auth-ldap
Http://www.365dw.cn/575.html
This article is from the "Ming Linux blog" blog, be sure to keep this source http://zhaijunming5.blog.51cto.com/10668883/1743907
Nginx Reverse proxy registry, authenticate with LDAP