###################################################################### # Modifications to the httpd.conf file for mod_auth_radius.c # written by Alan DeKok # # Version: $Id$ # ###################################################################### # # These configuration options should be ADDED to the httpd.conf file # for your site. # ###################################################################### ###################################################################### # # Tell Apache to load the module. # LoadModule radius_auth_module libexec/mod_auth_radius.so # the path to the module file will depend on your Apache installation, e.g. #LoadModule radius_auth_module /usr/lib/apache2/modules/mod_auth_radius.so ###################################################################### # # With Apache 1.x, it is necessary to add an 'AddModule' statement. # The order of the modules listed by 'AddModule' can be important. # This seems to work: # just AFTER 'AddModule mod_auth.c' add: # AddModule mod_auth_radius.c ###################################################################### # # Add the general configuration of mod_auth_radius # either to the BOTTOM of httpd.conf # or into configuration before per-directory settings # # # AddRadiusAuth server[:port] [ timeout [ : retries ]] # # Use localhost, the standard RADIUS port, secret 'testing123', # time out after 5 seconds, and retry 3 times. AddRadiusAuth localhost:1812 testing123 5:3 # # AuthRadiusBindAddress # # Bind client (local) socket to this local IP address. # The server will then see RADIUS client requests will come from # the given IP address. # # By default, the module does not bind to any particular address, # and the operating system chooses the address to use. # # # AddRadiusCookieValid # # the special value of 0 (zero) means the cookie is valid forever. # AddRadiusCookieValid 5 ###################################################################### # # A sample per-directory access-control configuration. # # This may go into httpd.conf, either the general section or # When used in an '.htaccess' file, the text BETWEEN the # directives # should go into the .htaccess file. # # You can also use or similar. # # If you want to be sure it only applies when mod_auth_radius is used, # you can also wrap it in an directive, as above. # # # Use basic password authentication. # AuthType Digest won't work with RADIUS authentication. # AuthType Basic # # Tell the user the realm to which they're authenticating. # This string should be configured for your site. # AuthName "RADIUS authentication for localhost" # Apache 1.x specific settings: # # don't use 'mod_auth'. # You might want to disable other authentication types here. # You can get a similar effect by commenting out the # 'AddModule mod_auth_*' lines, previously in httpd.conf # #AuthAuthoritative off # # Use mod_auth_radius for all authentication, and make the responses # from it authoritative. # #AuthRadiusAuthoritative on # Apache 2.x specific setting: # # Set RADIUS to be the provider for this basic authentication # AuthBasicProvider radius # # Make a local variation of AddRadiusCookieValid. The server will choose # the MINIMUM of the two values. # # AuthRadiusCookieValid # AuthRadiusCookieValid 5 # # Set the use of RADIUS authentication at this " # # Globally set the RADIUS authentication active. # # # If there is a directory which you do NOT want to have RADIUS # authentication for, then use a or directive, # and set "AuthRadiusActive Off". The default is "On". # AuthRadiusActive On # # require that mod_auth_radius return a valid user, otherwise # access is denied. # require valid-user # # end of the per-location directives #