13.3.2. PHP4, LDAP, and the Apache HTTP Server
Red Hat Enterprise Linux includes a package containing an LDAP module for the PHP server-side scripting language.
The
php-ldap
package adds LDAP support to the PHP4 HTML-embedded scripting language via the /usr/lib/php4/ldap.so
module. This module allows PHP4 scripts to access information stored in an LDAP directory.
Red Hat Enterprise Linux ships with the
mod_authz_ldap
module for the Apache HTTP Server. This module uses the short form of the distinguished name for a subject and the issuer of the client SSL certificate to determine the distinguished name of the user within an LDAP directory. It is also capable of authorizing users based on attributes of that user's LDAP directory entry, determining access to assets based on the user and group privileges of the asset, and denying access for users with expired passwords. The mod_ssl
module is required when using the mod_authz_ldap
module.
Important
The
mod_authz_ldap
module does not authenticate a user to an LDAP directory using an encrypted password hash. This functionality is provided by the experimental mod_auth_ldap
module, which is not included with Red Hat Enterprise Linux. Refer to the Apache Software Foundation website online at http://www.apache.org/ for details on the status of this module.