Nginx Reverse proxy registry, authenticate with LDAP

Last Update:2016-02-22 Source: Internet

Author: User

Tags install openssl ldap nginx reverse proxy

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

1. Installing Nginx

(1 Install Pcre:tar zxvf pcre-8.37.tar cd pcre-8.37./configure make && make install (2 install OpenSSL tar zxvf openssl-1.0.1g.tar.gz CD openssl-1.0.1g./config make percent make install if OpenSSL still has an error: Yum-y install OpenSSL Openldap-devel (3 install nginx cd/usr/src tar zxvf nginx-1.6.2.tar.gz cd nginx-1.6.2./configure--prefix=/usr/local/ng Inx make && make install

2.nginx Installing the LDAP module

Cd/usr/src/git Clone Https://github.com/kvspb/nginx-auth-ldap.git cd/usr/src/nginx-1.6.2./configure--add-module=/ Usr/src/nginx-auth-ldap/make Install

3. Build registry (omitted)

4. Modify Nginx configuration file

# for more information on configuration, see:#   * official  English Documentation: http://nginx.org/en/docs/#   * Official  Russian documentation: http://nginx.org/ru/docs/user nginx;worker_processes auto;error_log  /var/log/nginx/error.log;pid /run/nginx.pid;events {    worker_connections  1024;} #ldap认证  http {    log_format  main   ' $remote _addr -   $remote _user [$time _local]  "$request"   "                        ' $status   $body _bytes_ sent  "$http _referer"                           "$http _user_agent"   "$http _x_forwarded_for" ';     access_log  /var/log/nginx/access.log  main;    sendfile             on;    tcp_nopush           on;    tcp_nodelay          on;    keepalive_timeout   65;     types_hash_max_size 2048;    include              /etc/nginx/mime.types;    default_type         application/octet-stream;    include  /etc/nginx/conf.d/*.conf;     #反向代理配置     ldap_server test1 {         url ldap://10.10.212.71/ou=people,dc=wepaas,dc=com?uid? Sub? (objectclass=*);          #binddn   "uid=wepaas,ou=people,dc=wepaas,dc=com";            #binddn_passwd   "wepaas2016#";         group_attribute uniquemember;         group_attribute_is_dn on;        require valid_user;      }    upstream webserver {        server 127.0.0.1:5000;      }    server  {       listen       9000  default_server;       server_name  registry.eitcloud.cn;        location / {             proxy_pass&Nbsp;http://webserver;            auth_ldap_ Servers   test1;            auth_ ldap  "Forbidden";            root   html;            index index.html   index.htm;        }        }}

Reference Documentation:

Https://github.com/kvspb/nginx-auth-ldap

Http://www.365dw.cn/575.html

This article is from the "Ming Linux blog" blog, be sure to keep this source http://zhaijunming5.blog.51cto.com/10668883/1743907

Nginx Reverse proxy registry, authenticate with LDAP

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More