BWeb Installation with Apache and LDAP Authentication Centos 7

Note

If you are using RHEL 8 or Oracle Linux 8 or any derivatives, check those pages in regards to bweb-apache.conf and httpd.conf:

  1. Install Apache.

    # Install Apache
    yum install httpd -y
    
    # Open Firewall
    firewall-cmd --permanent --add-service=http
    firewall-cmd --permanent --add-service=https
    firewall-cmd --reload
    
    #Start Apache Service
    
     root@po-bweb-apache ~]# systemctl start httpd
     [root@po-bweb-apache ~]# systemctl status httpd
     * httpd.service - The Apache HTTP Server
       Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
       Active: active (running) since Qua 2022-04-06 12:26:20 EDT; 7s ago
          Docs: man:httpd(8)
                man:apachectl(8)
     Main PID: 10915 (httpd)
       Status: "Processing requests..."
       CGroup: /system.slice/httpd.service
               ├─10915 /usr/sbin/httpd -DFOREGROUND
               ├─10916 /usr/sbin/httpd -DFOREGROUND
               ├─10917 /usr/sbin/httpd -DFOREGROUND
               ├─10918 /usr/sbin/httpd -DFOREGROUND
               ├─10919 /usr/sbin/httpd -DFOREGROUND
               └─10920 /usr/sbin/httpd -DFOREGROUND
    
    Abr 06 12:26:20 po-bweb-apache systemd[1]: Starting The Apache HTTP Server...
    Abr 06 12:26:20 po-bweb-apache systemd[1]: Started The Apache HTTP Server.
    
  2. Configure Bweb.

    # Install Bweb Repo
    vi /etc/yum.repos.d/baculasystems.repo
    
    [Bacula-Enterprise-BWeb]
    name = BWeb Management Suite
    baseurl = https://www.baculasystems.com/dl/Customer-123456/rpms/bweb/12.2.2/rhel7-64/
    enabled = 1
    protect = 0
    gpgcheck = 1
    
    [Bacula-Enterprise-DAG]
    name = Bacula Systems DAG for BWeb
    baseurl = https://www.baculasystems.com/dl/DAG/rhel7-64/
    enabled = 1
    protect = 0
    gpgcheck = 0
    
  3. Install Bweb and Bweb Dependencies.

 # Install Bweb Dependecies

 yum install perl-DBI perl-DBD-mysql perl-DBD-Pg perl-GDGraph \
 perl-HTML-Template perl-Time-modules gd perl-Date-Calc \
 perl-Bit-Vector perl-Expect perl-GD \
 perl-GD-Text-Util perl-IO-Tty perl-CGI-Session perl-JSON \
 perl-JSON-XS \program{lighttpd}

# Install Bweb

yum install bacula-enterprise-bweb

/opt/bweb/bin/install_bweb.sh
  1. Configure Apache

    # The apache.conf.sample file available on /opt/bweb/etc/ does not work for Centos 7 Apache 2.4. Created a new one with the following settings:
    
    vi /etc/httpd/httpd.conf
    
    ######################
    
    ServerRoot "/etc/httpd"
    
    Listen 9180
    
    Include conf.modules.d/*.conf
    
    User bacula
    Group bacula
    
    ServerAdmin root@localhost
    
    <Directory />
        Options FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
    </Directory>
    
    DocumentRoot "/opt/bweb/html"
    
    <Directory "/opt/bweb/html">
        Options Indexes FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    
    <IfModule dir_module>
        DirectoryIndex index.html
    </IfModule>
    
    <FilesMatch "^\.ht">
        Order allow,deny
        Deny from all
        Satisfy All
    </FilesMatch>
    
    ErrorLog "logs/error_log"
    
    LogLevel warn
    
    <IfModule log_config_module>
        LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
        LogFormat "%h %l %u %t \"%r\" %>s %b" common
    
        <IfModule logio_module>
          LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
        </IfModule>
    
        CustomLog "logs/access_log" combined
    </IfModule>
    
    <IfModule alias_module>
       ScriptAlias /cgi-bin/bweb/ "/opt/bweb/cgi/"
    </IfModule>
    
    Alias /bweb/fv "/tmp"
    <Location /bweb/fv>
        Options None
        Order allow,deny
        Allow from all
    </Location>
    
    Alias /bweb /opt/bweb/html
    
    <Directory "/opt/bweb/cgi">
        AllowOverride None
        Options None
        Require all granted
    </Directory>
    
    <Directory "/opt/bweb/cgi">
        AllowOverride None
        Options None
        Order allow,deny
        Allow from all
        PassEnv BWEBBASE
        PassEnv BWEBLOG
        PassEnv BWEBCONF
        SetENV PERLLIB "/opt/bweb/lib"
    </Directory>
    
    <IfModule mime_module>
        TypesConfig /etc/mime.types
        AddType application/x-compress .Z
        AddType application/x-gzip .gz .tgz
        AddHandler cgi-script .cgi
        AddType text/html .shtml
        AddOutputFilter INCLUDES .shtml
    
        AddType application/javascript                          js
        AddType application/json                                json
        AddType image/png                                       png
        AddType image/jpeg                                      jpeg jpg jpe
        AddType image/gif                                       gif
        AddType text/html                                       html htm
        AddType text/css                                        css
    
    </IfModule>
    
    AddDefaultCharset UTF-8
    
    <IfModule mime_magic_module>
        MIMEMagicFile conf/magic
    </IfModule>
    
    EnableSendfile on
    
    Timeout 300
    KeepAlive On
    MaxKeepAliveRequests 100
    KeepAliveTimeout 5
    UseCanonicalName Off
    AccessFileName .htaccess
    ServerTokens Minimal
    ServerSignature On
    HostnameLookups Off
    
    <IfModule ssl_module>
       SSLRandomSeed startup builtin
       SSLRandomSeed connect builtin
    </IfModule>
    
    IncludeOptional conf.d/*.conf
    
    #################################
    
  2. Restart Apache

    [root@po-bweb-apache ~]# systemctl restart httpd
    [root@po-bweb-apache ~]# systemctl status httpd
    
    * httpd.service - The Apache HTTP Server
        Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
        Active: active (running) since Qui 2022-04-07 12:00:30 EDT; 6min ago
          Docs: man:httpd(8)
                man:apachectl(8)
      Process: 9118 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
     Main PID: 9123 (httpd)
       Status: "Total requests: 34; Current requests/sec: 0; Current traffic:   0 B/sec"
       CGroup: /system.slice/httpd.service
               ├─9123 /usr/sbin/httpd -DFOREGROUND
               ├─9124 /usr/sbin/httpd -DFOREGROUND
               ├─9125 /usr/sbin/httpd -DFOREGROUND
               ├─9127 /usr/sbin/httpd -DFOREGROUND
               ├─9128 /usr/sbin/httpd -DFOREGROUND
               ├─9131 /usr/sbin/httpd -DFOREGROUND
               ├─9133 /usr/sbin/httpd -DFOREGROUND
               ├─9134 /usr/sbin/httpd -DFOREGROUND
               ├─9157 /usr/sbin/httpd -DFOREGROUND
               ├─9158 /usr/sbin/httpd -DFOREGROUND
               └─9159 /usr/sbin/httpd -DFOREGROUND
    
       Abr 07 12:00:30 po-bweb-apache systemd[1]: Stopped The Apache HTTP Server.
       Abr 07 12:00:30 po-bweb-apache systemd[1]: Starting The Apache HTTP Server...
       Abr 07 12:00:30 po-bweb-apache httpd[9123]: [Thu Apr 07 12:00:30.402034 2022] [env:warn] [pid 9123] AH01506: PassEnv variable BWEBBASE was undefined
       Abr 07 12:00:30 po-bweb-apache httpd[9123]: [Thu Apr 07 12:00:30.402206 2022] [env:warn] [pid 9123] AH01506: PassEnv variable BWEBLOG was undefined
       Abr 07 12:00:30 po-bweb-apache httpd[9123]: [Thu Apr 07 12:00:30.402218 2022] [env:warn] [pid 9123] AH01506: PassEnv variable BWEBCONF was undefined
       Abr 07 12:00:30 po-bweb-apache httpd[9123]: [Thu Apr 07 12:00:30.402343 2022] [alias:warn] [pid 9123] AH00671: The Alias directive in /etc/httpd/conf.d/bweb.conf at line 14 will probably never match because it overlaps an earlier Alias.
       Abr 07 12:00:30 po-bweb-apache httpd[9123]: [Thu Apr 07 12:00:30.402374 2022] [alias:warn] [pid 9123] AH00671: The Alias directive in /etc/httpd/conf.d/bweb.conf at line 22 will probably never match because it overlaps an earlier Alias.
       Abr 07 12:00:30 po-bweb-apache systemd[1]: Started The Apache HTTP Server.
    
  3. Check the Browser Page.

    ../../../../../../_images/CheckBwebBrowser.png
  4. Configure Apache Htpasswd Authentication.

    [root@po-bweb-apache ~]# htpasswd -c /opt/bweb/etc/bweb.htpasswd admin
    New password:
    Re-type new password:
    Adding password for user admin
    
    
    vi /etc/httpd/conf.d/bweb.conf
    
    <Directory /opt/bweb/cgi>
            Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
    
    ##### Uncomment this Lines for Htpasswd Authentication ####
    
            AuthType Basic
            AuthName Bweb
            AuthUserFile /opt/bweb/etc/bweb.htpasswd
            Require valid-user
    ##########################
    
            AllowOverride None
    </Directory>
    ScriptAlias /cgi-bin/bweb /opt/bweb/cgi
    
    Alias /bweb/fv /opt/bweb/spool
    <Directory "/var/spool/bweb">
        Options None
        AllowOverride AuthConfig
        Order allow,deny
        Allow from all
    </Directory>
    
    Alias /bweb /opt/bweb/html
    <Directory "/opt/bweb/html">
        Options None
        AllowOverride AuthConfig
        # For Apache 2.4
        Require all granted
        # For Apache 2.2
        #Order allow,deny
        #Allow from all
    </Directory>
    
  5. Restart Apache.

    [root@po-bweb-apache ~]# systemctl restart httpd
    [root@po-bweb-apache ~]# systemctl status httpd
    * httpd.service - The Apache HTTP Server
       Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
       Active: active (running) since Qui 2022-04-07 12:17:34 EDT; 3s ago
        Docs: man:httpd(8)
              man:apachectl(8)
     Process: 9309 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
    Main PID: 9314 (httpd)
      Status: "Processing requests..."
      CGroup: /system.slice/httpd.service
              ├─9314 /usr/sbin/httpd -DFOREGROUND
              ├─9315 /usr/sbin/httpd -DFOREGROUND
              ├─9316 /usr/sbin/httpd -DFOREGROUND
              ├─9317 /usr/sbin/httpd -DFOREGROUND
              ├─9318 /usr/sbin/httpd -DFOREGROUND
              └─9319 /usr/sbin/httpd -DFOREGROUND
    
    Abr 07 12:17:34 po-bweb-apache systemd[1]: Starting The Apache HTTP Server...
    Abr 07 12:17:34 po-bweb-apache httpd[9314]: [Thu Apr 07 12:17:34.386406 2022] [env:warn] [pid 9314] AH01506: PassEnv variable BWEBBASE was undefined
    Abr 07 12:17:34 po-bweb-apache httpd[9314]: [Thu Apr 07 12:17:34.386604 2022] [env:warn] [pid 9314] AH01506: PassEnv variable BWEBLOG was undefined
    Abr 07 12:17:34 po-bweb-apache httpd[9314]: [Thu Apr 07 12:17:34.386616 2022] [env:warn] [pid 9314] AH01506: PassEnv variable BWEBCONF was undefined
    Abr 07 12:17:34 po-bweb-apache httpd[9314]: [Thu Apr 07 12:17:34.386805 2022] [alias:warn] [pid 9314] AH00671: The Alias directive in /etc/httpd/conf.d/bweb.conf at line 14 will probably never match because it overlaps an earlier Alias.
    Abr 07 12:17:34 po-bweb-apache httpd[9314]: [Thu Apr 07 12:17:34.386839 2022] [alias:warn] [pid 9314] AH00671: The Alias directive in /etc/httpd/conf.d/bweb.conf at line 22 will probably never match because it overlaps an earlier Alias.
    Abr 07 12:17:34 po-bweb-apache systemd[1]: Started The Apache HTTP Server.
    
  6. Test Authentication on Browser.

    ../../../../../../_images/TestAuthBrowser.png
  7. Configure Apache Ldap Authentication.

    In the file vi /etc/httpd/conf.d/bweb.conf
    
    Change the Following Htpasswd
    
    ##########################
             AuthType Basic
             AuthName Bweb
             AuthUserFile /opt/bweb/etc/bweb.htpasswd
             Require valid-user
    ##########################
    
    To AD/LDAP Authenctication
    
    ##########################
    AuthType Basic
    AuthName "Apache LDAP authentication"
    AuthBasicAuthoritative Off
    AuthBasicProvider ldap
    AuthLDAPURL "ldap://SERVER_IP/CN=Users,DC=tech,DC=local?sAMAccountName?sub?(objectClass=*)"
    AuthLDAPBindDN "CN=ad-admin,CN=Users,DC=supportlab,DC=baculasystems,DC=com"
    AuthLDAPBindPassword "xxxxxx"
    Require valid-user
    ##########################
    
  8. Enable User Authentication.

../../../../../../_images/EnableUserAuth.png ../../../../../../_images/EnableUserAuth2.png
  1. Restart Apache and Test Authentication.

    [root@po-bweb-apache ~]# systemctl restart httpd
    [root@po-bweb-apache ~]# systemctl status httpd
    * httpd.service - The Apache HTTP Server
       Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
       Active: active (running) since Qui 2022-04-07 12:17:34 EDT; 3s ago
         Docs: man:httpd(8)
               man:apachectl(8)
      Process: 9309 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
     Main PID: 9314 (httpd)
       Status: "Processing requests..."
       CGroup: /system.slice/httpd.service
               ├─9314 /usr/sbin/httpd -DFOREGROUND
               ├─9315 /usr/sbin/httpd -DFOREGROUND
               ├─9316 /usr/sbin/httpd -DFOREGROUND
               ├─9317 /usr/sbin/httpd -DFOREGROUND
               ├─9318 /usr/sbin/httpd -DFOREGROUND
               └─9319 /usr/sbin/httpd -DFOREGROUND
    
    Abr 07 12:17:34 po-bweb-apache systemd[1]: Starting The Apache HTTP Server...
    Abr 07 12:17:34 po-bweb-apache httpd[9314]: [Thu Apr 07 12:17:34.386406 2022] [env:warn] [pid 9314] AH01506: PassEnv variable BWEBBASE was undefined
    Abr 07 12:17:34 po-bweb-apache httpd[9314]: [Thu Apr 07 12:17:34.386604 2022] [env:warn] [pid 9314] AH01506: PassEnv variable BWEBLOG was undefined
    Abr 07 12:17:34 po-bweb-apache httpd[9314]: [Thu Apr 07 12:17:34.386616 2022] [env:warn] [pid 9314] AH01506: PassEnv variable BWEBCONF was undefined
    Abr 07 12:17:34 po-bweb-apache httpd[9314]: [Thu Apr 07 12:17:34.386805 2022] [alias:warn] [pid 9314] AH00671: The Alias directive in /etc/httpd/conf.d/bweb.conf at line 14 will probably never match because it overlaps an earlier Alias.
    Abr 07 12:17:34 po-bweb-apache httpd[9314]: [Thu Apr 07 12:17:34.386839 2022] [alias:warn] [pid 9314] AH00671: The Alias directive in /etc/httpd/conf.d/bweb.conf at line 22 will probably never match because it overlaps an earlier Alias.
    Abr 07 12:17:34 po-bweb-apache systemd[1]: Started The Apache HTTP Server.