nginx ldap group authentication

Started by Vince007, September 27, 2024, 10:38:34 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 27, 2024, 10:38:34 AM
Hi
I'd like to authenticate ldap users based on ldap groups on nginx acting as reverse proxy to backend web servers.
Different ldap groups /users allowed to access differents locations, is this possible ? Actually and as far as i understand, it's only possible to allow all users (not specific ones) and also not groups per location, or just a single ldap group if restricted in the ldap configuration.
I was doing this quite easily with Apache as a reverse proxy on a different firewall, any idea to acheive this on Opnsense ?
Thanks for any help:)
Regards.
Vince
September 27, 2024, 01:47:35 PM #1
I'm curious which firewall you have used before.
Hardware:
DEC740
September 27, 2024, 01:49:33 PM #2
I was using ClearOS and did manual ajustements to the Apache config file.
September 27, 2024, 02:39:53 PM #3
Ah okay. Well there is an Apache based reverse proxy for OPNsense. The package is called os-OPNWAF and is in the Business Edition. But it does not have ldap authentication built into the GUI.

On NGINX I don't know how to do it sadly.

In Caddy you can choose the "forward_auth" directive in the GUI to send users to an SSO portal hosted with an Authelia or Authentik server to allow specific access. These could communicate with an ldap backend.

Best respond here again so others see I couldn't help you. I was just interested. :)
Hardware:
DEC740
September 27, 2024, 02:46:04 PM #4
Thanks for the suggestion, i'll wait to see if anyone else know how to deal with this and Nginx :)
Thanks a lot !
Print
Go Up Pages1
User actions