AD/LDAP Authentication on Nginx

If you are like me then one of your biggest pet peeve’s with Nginx is its lack of authentication methods like those so easily accessible in Apache. Beyond that, if you would like to add an authentication method to Nginx, it will typically require a recompile. If you are running Debian or Ubuntu then I would like to introduce you to nginx-extras. The package nginx-extras is compiled with all the standard modules as well as some very useful extras which are listed here.  Debian’s package version does not support LDAP authentication however, DotDeb packages do include the LDAP module.  Note you will need to install the DotDeb package as described in Nginx Latest on Debian Wheezy. So without further ado, first we will have to ensure that we have the required package which is nginx-extras.

Once the required packages are installed we can start configuring our virtual host. Configuring Nginx to authenticate using LDAP or AD is fairly strait forward and as simple as adding your AD or LDAP server connection in the /etc/nginx.conf file as seen below.

Note that everything in brackets needs to be replaced with your specific configuration (remove the brackets as well). Once that is complete, simply add the following two statements to your Nginx virtual host configuration.

That is it. Lastly you will want to restart Nginx and then navigate to your website and you will now be prompted to enter a username and password.

If you are looking for other authentication methods using nginx, please see our companion articles Certificate Authentication on Nginx and MySQL Authentication on Nginx

Did you find this article useful? Why not share it with your friends?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.