-
Notifications
You must be signed in to change notification settings - Fork 29
/
httpd.conf
131 lines (114 loc) · 3.5 KB
/
httpd.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
######################################################################
# Modifications to the httpd.conf file for mod_auth_radius.c
# written by Alan DeKok <[email protected]>
#
# Version: $Id$
#
######################################################################
#
# These configuration options should be ADDED to the httpd.conf file
# for your site.
#
######################################################################
######################################################################
#
# Tell Apache to load the module.
#
LoadModule radius_auth_module libexec/mod_auth_radius.so
# the path to the module file will depend on your Apache installation, e.g.
#LoadModule radius_auth_module /usr/lib/apache2/modules/mod_auth_radius.so
######################################################################
#
# Add the general configuration of mod_auth_radius
# either to the BOTTOM of httpd.conf
# or into <VirtualHost> configuration before per-directory settings
#
<IfModule mod_auth_radius.c>
#
# AddRadiusAuth server[:port] <shared-secret> [ timeout [ : retries ]]
#
# Use localhost, the standard RADIUS port, secret 'testing123',
# time out after 5 seconds, and retry 3 times.
AddRadiusAuth localhost:1812 testing123 5:3
#
# AuthRadiusBindAddress <hostname/ip-address>
#
# Bind client (local) socket to this local IP address.
# The server will then see RADIUS client requests will come from
# the given IP address.
#
# By default, the module does not bind to any particular address,
# and the operating system chooses the address to use.
#
#
# AddRadiusCookieValid <minutes-for-which-cookie-is-valid>
#
# the special value of 0 (zero) means the cookie is valid forever.
#
AddRadiusCookieValid 5
</IfModule>
######################################################################
#
# A sample per-directory access-control configuration.
#
# This may go into httpd.conf, either the general section or <VirtualHost>
# When used in an '.htaccess' file, the text BETWEEN the
# <Location /secure/> </Location> directives
# should go into the .htaccess file.
#
# You can also use <Directory /var/www/secure/> </Directory> or similar.
#
# If you want to be sure it only applies when mod_auth_radius is used,
# you can also wrap it in an <IfModule> directive, as above.
#
<Location /secure/>
#
# Use basic password authentication.
# AuthType Digest won't work with RADIUS authentication.
#
AuthType Basic
#
# Tell the user the realm to which they're authenticating.
# This string should be configured for your site.
#
AuthName "RADIUS authentication for localhost"
#
# Set RADIUS to be the provider for this basic authentication
#
AuthBasicProvider radius
#
# Set the debug mode
#
#AuthRadiusDebug on
#
# Make a local variation of AddRadiusCookieValid. The server will choose
# the MINIMUM of the two values.
#
# AuthRadiusCookieValid <minutes-for-which-cookie-is-valid>
#
AuthRadiusCookieValid 5
#
# Set the use of RADIUS authentication at this <Location>"
#
# Globally set the RADIUS authentication active.
#
#
# If there is a directory which you do NOT want to have RADIUS
# authentication for, then use a <Directory> or <Location> directive,
# and set "AuthRadiusActive Off". The default is "On".
#
AuthRadiusActive On
#
# require that mod_auth_radius return a valid user, otherwise
# access is denied.
#
require valid-user
#
# Force the calling station ID to 'MyServiceName' for location /secure/
# AddRadiusCallingStationID <string 1..255 bytes>
#
AddRadiusCallingStationID MyServiceName
#
# end of the per-location directives
#
</Location>