Our game plan is to first install OpenLDAP package. OpenLDAP is not required for Apache_LDAP_DAV to work, but we will need the installed OpenLDAP lib files to compile mod_ldap. And then we will compile Apache with mod_ldap and mod_dav.
Please download the following packages.
OpenLDAP (for LDAP lib files)
mod_dav (Apache module for WebDAV)
mod_ldap (LDAP module for LDAP)
OpenSSL (SSL enginer for creating/managing certificates)
mod_SSL (SSL Module for Apache)
To compile the WebDAV service with LDAP authencation capability, we will need to have the LDAP library files installed on the machine. The LDAP library files will be used to compile the LDAP module for Apache. Best way to get the LDAP library files is to download the OpenLDAP sourcecode from http://www.openldap.org and compile it to produce the required library files. You may use any other LDAP like IPlanet as well, but I recommend an OpenSource solution.
Become root by using the su command:
$ su |
Now change to the directory where you placed the OpenLDAP (tar) source file, and extract the content. (I use a temp directory, /tmp/download):
# cd /tmp/download # gzip -d openldap-stable-xxxxxxx.tar.gz # tar -xvf openldap-stable-xxxxxxx.tar # cd openldap-x.x.xx |
Now you can run "configure" for the openldap package. "configure" has many command line options. Type "configure --help" to see all options.
For this WebServer we dont really need the LDAP deamon, assuming there is a LDAP server running elsewhere. We just need the LDAP lib files. Since we will not be compiling the LDAP deamon, we will have to specify '--disable-slapd' as a command line option to 'configure':
# ./configure --disable-slapd |
After you are done with configuring, you can make the dependencies for the openldap package:
# make depend |
After making the dependencies the openldap package needs to be compiled. Use the make command:
# make |
If everything goes OK, you will end up with compiled version of openldap in the current directory. Then you will need to install the compiled binaries into appropriate places:
# make install |
Now you should have the compiled LDAP lib files required for the mod_ldap in the correct directory structure.
OpenSSL is required to create and manage SSL certificates on the webserver. The installion is also necessary for the lib files that will be used by the SSL module for apache.
Now change to the directory where you placed the OpenSSL source code files
# cd /tmp/download # gzip -d openssl.x.x.gz # tar -xvf openssl.x.x # cd openssl.x.x # make # make test # make install |
mod_dav requires that you have Apache pre-configured so that it knows where where everything is. Change back to the directory where you have the source files:
# cd /tmp/download # gzip -d apache_1.x.x.tar.gz # tar -xvf apache_1.x.x.tar # cd apache_1.x.x # ./configure --prefix=/usr/local/apache |
As mentioned above mod_dav will be statically linked with the Apache installation. Start by extracting mod_dav files:
# cd /tmp/download # gzip -d mod_dav-1.x.x.tar.gz # tar -xvf mod_dav-1.x.x.tar |
Change to the NEW directory which was created during the extract:
# cd mod_dav-1.x.x
Now configure the mod_dav package for static linking to Apache:
# ./configure --with-apache= /tmp/download/apache_1.x.x
Compile and install the files:
# make
# make install
mod_dav will have been partially compiled and placed into the Apache tree during the make install step.
Change back to the temp download directory, and extract the mod_auth_ldap files:
# cd /tmp/download # gzip -d mod _auth_ldap.tar.gz # tar -xvf mod_auth_ldap.tar |
Now install the modauthldap files to the Apache source tree:
# cd apache_x.x.x # mv ../modauthldap ./src/modules/ldap |
# cd /tmp/download # gzip -d mod_ssl-2.x.x.tar.gz # tar -xvf mod_ssl-2.x.tar # ./configure --with-apache=../apache_1.3.x.x |
Finally we have reached the destination. But not yet.......
"The Journey is the Destination" (Jerry Garica of Grateful Dead) |
Now we are ready to compile and install Apache with WebDAV and LDAP authentication for DAV.
Change back to the temp download directory:
# cd /tmp/download
Change to the Apache tree directory:
# cd apache-x.x.x
Now set the variable SSL_BASE to the OpenSSL lib files. On tcsh it will be as following:
# setenv SSL_BASE /tmp/download/openssl-0.9.x |
This will the compiler where to find the SSL LIB files.
And now configure apache for the compilation with mod_dav, mod_auth_ldap, and mod_ssl:
# ./configure --prefix=/usr/local/apache \ --enable-module=ssl \ --activate-module=src/modules/ldap/mod_auth_ldap.c \ --activate-module=src/modules/dav/libdav.a \ --enable-shared=ssl [...you can add more options here...] |
--enable-shared is an optional, it tells the configure to compile SSL as dynamic module. Depending on the services that you will be providing, you may or may not need dynamic compilation.
Now compile the Apache and install it into the appropriate place:
# make
Now create the SSL certification on the web server
# make certificate TYPE=custom
Follow through the instructions, and you will have a certificate in no time. Remember CommonName is your FQDN (Fully Qualified Domain Name) e.g. dav.yourcompany.com
For details on creating and managing the SSL certificates, please read the section titled "Creating and Managing SSL certificates".
Now install Apache into its own directory
# make install