Bweb Installation with Apache 2.4 and Ldap Authentication RHEL 8
EnterpriseBacula Enterprise Only
This solution is only available for Bacula Enterprise. For subscription inquiries, please reach out to sales@baculasystems.com.
This article gives specific insight on how to set up ldap authentication on RHEL 8 and any derivatives. See for the whole procedure to enable it in the main article.
Configuration Settings
vi /etc/httpd/conf.d/bweb-apache.conf
Listen 9180
Define BWEBBASE "/opt/bweb"
Define BWEBLOG "/opt/bacula/working"
Define BWEBCONF "/opt/bweb/etc/bweb.conf"
LDAPVerifyServerCert Off
### Apache Bweb With Without SSL
<VirtualHost *:9180>
ServerName po-oracle8
DocumentRoot "${BWEBBASE}/html"
CustomLog "${BWEBLOG}/bweb-access.log" combined
ErrorLog "${BWEBLOG}/bweb-error.log"
<Directory "${BWEBBASE}/html">
# Apache 2.2
<IfModule !mod_authz_core.c>
Order Allow,Deny
Allow from all
</IfModule>
# Apache 2.4
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
</Directory>
<IfModule alias_module>
Alias /bweb/fv "/tmp"
Alias /bweb ${BWEBBASE}/html
ScriptAlias /cgi-bin/bweb/ "${BWEBBASE}/cgi/"
</IfModule>
<Directory "${BWEBBASE}/cgi">
AllowOverride None
SetEnv BWEBBASE $BWEBBASE
SetEnv BWEBLOG $BWEBLOG
SetEnv BWEBCONF $BWEBCONF
SetENV PERLLIB "${BWEBBASE}/lib"
AllowOverride AuthConfig
#Bweb Configuration htpasswd
################################
# Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
# AuthType Basic
# AuthName Bweb
# AuthUserFile /opt/bweb/etc/bweb.htpasswd
# Require valid-user
#################################
#Bweb Configuration htpasswd
#################################
AuthType Basic
AuthName "Auth"
AuthBasicProvider ldap
AuthLDAPURL ldap://10.0.200.21:389/ou=Users,dc=supportlab,dc=baculasystems,dc=com?sAMAccountName?sub?(objectClass=*)
AuthLDAPBindDN "CN=ad-admin,CN=Users,DC=supportlab,DC=baculasystems,DC=com"
AuthLDAPBindPassword "Bacula18"
Require valid-user
#################################
</Directory>
<Location /bweb/fv>
# Apache 2.2
<IfModule !mod_authz_core.c>
Order Allow,Deny
Allow from all
</IfModule>
# Apache 2.4
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
</Location>
</VirtualHost>
### Bweb With SSL Certificates
Listen 9443
<VirtualHost *:9443>
ServerName po-oracle8.supportlablan.baculasytems.com
SSLEngine on
SSLCertificateFile "/home/sslkey/po-oracle8.cert"
SSLCertificateKeyFile "/home/sslkey/po-oracle8.key"
DocumentRoot "${BWEBBASE}/html"
ServerName po-oracle8.supportlablan.baculasystems.com
CustomLog "${BWEBLOG}/bweb-access.log" combined
ErrorLog "${BWEBLOG}/bweb-error.log"
<Directory "${BWEBBASE}/html">
# Apache 2.2
<IfModule !mod_authz_core.c>
Order Allow,Deny
Allow from all
</IfModule>
# Apache 2.4
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
</Directory>
<IfModule alias_module>
Alias /bweb/fv "/tmp"
Alias /bweb ${BWEBBASE}/html
ScriptAlias /cgi-bin/bweb/ "${BWEBBASE}/cgi/"
</IfModule>
<Directory "${BWEBBASE}/cgi">
AllowOverride None
SetEnv BWEBBASE $BWEBBASE
SetEnv BWEBLOG $BWEBLOG
SetEnv BWEBCONF $BWEBCONF
SetENV PERLLIB "${BWEBBASE}/lib"
AllowOverride AuthConfig
#Bweb Configuration htpasswd
################################
# Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
# AuthType Basic
# AuthName Bweb
# AuthUserFile /opt/bweb/etc/bweb.htpasswd
# Require valid-user
#################################
#Bweb Configuration htpasswd
#################################
AuthType Basic
AuthName "Auth"
AuthBasicProvider ldap
AuthLDAPURL ldap://10.0.200.21:389/ou=Users,dc=supportlab,dc=baculasystems,dc=com?sAMAccountName?sub?(objectClass=*)
AuthLDAPBindDN "CN=ad-admin,CN=Users,DC=supportlab,DC=baculasystems,DC=com"
AuthLDAPBindPassword "Bacula18"
Require valid-user
#################################
</Directory>
<Location /bweb/fv>
# Apache 2.2
<IfModule !mod_authz_core.c>
Order Allow,Deny
Allow from all
</IfModule>
# Apache 2.4
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
</Location>
</VirtualHost>
[root@po-oracle8 ~]# vi /etc/httpd/conf/httpd.conf
ServerRoot "/etc/httpd"
Listen 80
Include conf.modules.d/*.conf
User bacula
Group bacula
ServerAdmin root@localhost
<Directory />
AllowOverride none
Require all denied
</Directory>
DocumentRoot "/var/www/html"
<Directory "/var/www">
AllowOverride None
# Allow open access:
Require all granted
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "logs/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access_log" combined
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
EnableSendfile on
# Load config files in the "/etc/httpd/conf.d" directory, if any.
IncludeOptional conf.d/*.conf
Include conf.modules.d/00-systemd.conf
See also
Previous articles:
Next articles:
Go back to: BWeb Installation with Apache.