auth_ldap is an LDAP authentication module for Apache 1.x, the world’s most popular web server, and was the LDAP module that formed the basis for the built-in LDAP authentication module in Apache 2. auth_ldap has excellent performance, and supports Apache on both Unix and Windows NT. It also has support for LDAP over SSL, and a mode that lets Micros~1 Frontpage clients manage their web permissions while still using LDAP for authentication.

Note that auth_ldap only works with Apache 1.x. Apache 2 is bundled with an LDAP module that was derived from auth_ldap, so you don’t need a third-party module to do LDAP authentication with Apache 2. Operation is very similar to auth_ldap, but since Apache’s authentication architecture has evolved over the years, some directives no longer exist or their behavior may have changed. For more information on auth_ldap for Apache 2, you should consult the Apache documentation.


In addition to the documentation, support for auth_ldap is available through the auth_ldap mailing list. You can also see old auth_ldap messages in the list archives.


To compile auth_ldap, you will need either the Netscape Directory SDK, or the OpenLDAP SDK. For SSL, the Netscape SDK is required. auth_ldap has been tested against all versions of Apache 1.3. auth_ldap has not been tested against Apache 1.2, to my knowledge. It’s known to run on Solaris, Linux, and HP/UX.



auth_ldap News

History of the auth_ldap project.

    auth_ldap 1.6.1 released

    I have finally released 1.6.1 of auth_ldap. This version corrects various bugs that have been reported on the mailing list, and also corrects one potentially serious security bug. I recommend that all users of auth_ldap upgrade to this version. You can get it here, and you can also read the change log.

    auth_ldap 1.6.0 released

    Yes, after months and months, I have decided that it is time to call this release finished. Release 1.6.0 is now the official production version of auth_ldap. You can get it here, and you can also read the change log.

    auth_ldap 1.5.4 released

    This release incorporates the TLS patches from Jeff Costlow, fixes a small memory leak, and adds some more tweaks to the configure process. This will be the last release before auth_ldap is re-released as version 1.6. Get it here.

    auth_ldap 1.5.3 released

    This release improves on the autoconf process. In addition, some of the code has been changed to makeauth_ldap more robust when it is not the only auth module in Apache; there were certain situations whereauth_ldap would segfault if another non-authoritative auth module was also running. Download the new release here.

    auth_ldap 1.4.8 released

    This release just adds support for building auth_ldap as a static module (compiled into Apache). If you don’t need to build auth_ldap statically, you don’t need this release. Get ithere.

    auth_ldap 1.5.2 released

    This release fixes the same memory leak that release 1.4.7 fixed. Get it here.

    auth_ldap 1.4.7 released

    This release fixes a serious memory leak. All production users of auth_ldap should upgrade. Get it here.

    auth_ldap 1.5.1 released

    This release is the first candidate for the upcoming 1.6 version of auth_ldap. In addition to bug fixes, major changes include better support for FrontPage and better compatibility with OpenLDAP 2. Barring any serious bug reports, the next release of auth_ldap will be 1.6.0. Get the latest release here.

    auth_ldap 1.4.6 released

    This release corrects a few outstanding problems with the ldap_url_parse() function in OpenLDAP 2.x. If you aren’t having problems with LDAP URLs in your Apache configuration, then you don’t need to upgrade. Otherwise, get the latest version here.

    New Mailing List for auth_ldap

    I have created a mailing list for auth_ldap. This will be the primary support channel for auth_ldap from now on, and hopefully, the archives will become a useful resource for all auth_ldap users. You can subscribe to the mailing list from the list’s web site.

    auth_ldap 1.4.4 released

    This release adds support for OpenLDAP 2.0, but doesn’t make any other changes. Get it here. Stay tuned for a 1.5.1 developers release, which will also support OpenLDAP 2.0, as well as support autoconf style configuration.

    auth_ldap 1.4.5 released

    This release corrects some problems with certain versions of OpenLDAP. The behavior of the ldap_url_parse() function had changed, resulting in bad search scopes. Get the latest version

    auth_ldap 1.4.3 Released

    The only new thing in this is the beginnings of a FAQ. There is no new functionality in this version. Download now!

    First Developers' Release for the Next auth_ldap Development Cycle

    I have released auth_ldap 1.5.0, which is the first release of the new developers beta test cycle. There are a lot of changes in this release, including one change with the AuthLDAPCacheSize directive that is not backwards compatible with old auth_ldap configurations. The good news is that the old version and the new version had reasonable values for this directive, so most people probably do not use it in their configs. For more information, read the full change log.

    This is a beta developers release only! If you are using auth_ldap in a mission-critical production environment, you probably should not be using this release. If you want to assist with testing the next version of auth_ldap please feel free to download it and give me feedback.

    auth_ldap 1.4.2 Released

    In celebration of auth_ldap’s 2000th download, I decided to release a new version. Note that I skipped the 1.4.1 release because of a last minute bug I discovered after I packaged everything. Download now!

    auth_ldap 1.4 Released

    After months of testing, and a 3-month hiatus whilst I changed jobs and moved to Seattle, auth_ldap 1.4 has finally been released. Download now!

    Here is a list of the major changes:

    • Support for LDAP over SSL
    • LDAP caching
    • Improved NT support
    • OpenLDAP support
    • Added AuthLDAPRemoteUserIsDN directive
    • Removed AuthLDAPRedundantServers directive
    • Split source into multiple files

    copyright © 2008-2017, david carrigan. all rights reserved.