{"id":35478,"date":"2019-10-31T22:04:33","date_gmt":"2019-10-31T19:04:33","guid":{"rendered":"https:\/\/prohoster.info\/blog\/retsepty-nginx-ldap-avtorizatsiya-s-kapchej\/"},"modified":"2019-10-31T22:04:33","modified_gmt":"2019-10-31T19:04:33","slug":"retsepty-nginx-ldap-avtorizatsiya-s-kapchej","status":"publish","type":"post","link":"https:\/\/prohoster.info\/de\/blog\/administrirovanie\/retsepty-nginx-ldap-avtorizatsiya-s-kapchej","title":{"rendered":"Rezepte f\u00fcr Nginx: LDAP-Authentifizierung mit CAPTCHA","gt_translate_keys":[{"key":"rendered","format":"text"}]},"content":{"rendered":"<p>F\u00fcr die Authentifizierung mit Captcha ben\u00f6tigen wir selbst <noindex><a rel=\"nofollow\" href=\"https:\/\/github.com\/RekGRpth\/nginx\">nginx<\/a><\/noindex> und seine Plugins <noindex><a rel=\"nofollow\" href=\"https:\/\/github.com\/RekGRpth\/encrypted-session-nginx-module\">encrypted-session<\/a><\/noindex>, <noindex><a rel=\"nofollow\" href=\"https:\/\/github.com\/RekGRpth\/form-input-nginx-module\">form-input<\/a><\/noindex>, <noindex><a rel=\"nofollow\" href=\"https:\/\/github.com\/RekGRpth\/ngx_ctpp2\">ctpp2<\/a><\/noindex>, <noindex><a rel=\"nofollow\" href=\"https:\/\/github.com\/RekGRpth\/echo-nginx-module\">echo<\/a><\/noindex>, <noindex><a rel=\"nofollow\" href=\"https:\/\/github.com\/RekGRpth\/ngx_http_auth_basic_ldap_module\">ldap<\/a><\/noindex>, <noindex><a rel=\"nofollow\" href=\"https:\/\/github.com\/RekGRpth\/headers-more-nginx-module\">headers-more<\/a><\/noindex>, <noindex><a rel=\"nofollow\" href=\"https:\/\/nginx.org\/ru\/docs\/http\/ngx_http_auth_request_module.html\">auth_request<\/a><\/noindex>, <noindex><a rel=\"nofollow\" href=\"https:\/\/github.com\/RekGRpth\/set-misc-nginx-module\">set-misc<\/a><\/noindex>. (Ich habe Links zu meinen Forks bereitgestellt, da ich einige \u00c4nderungen vorgenommen habe, die ich bisher nicht in die urspr\u00fcnglichen Repositories einbringen konnte. Man kann auch auf <noindex><a rel=\"nofollow\" href=\"https:\/\/hub.docker.com\/r\/rekgrpth\/nginx\">ein fertiges Bild zur\u00fcckgreifen<\/a><\/noindex>.)<br \/>\n<noindex><a rel=\"nofollow\" name=\"habracut\"><\/a><\/noindex><br \/>\nZun\u00e4chst definieren wir <\/p>\n<pre><code class=\"nginx\">encrypted_session_key \"abcdefghijklmnopqrstuvwxyz123456\";<\/code><\/pre>\n<p>\nAls n\u00e4chstes schalten wir vorsichtshalber den Authentifizierungsheader aus <\/p>\n<pre><code class=\"nginx\">more_clear_input_headers Authorization;<\/code><\/pre>\n<p>\nJetzt sichern wir alles mit einer Authentifizierung <\/p>\n<pre><code class=\"nginx\">auth_request \/auth;\nlocation =\/auth {\n    internal;\n    subrequest_access_phase on; # Erlaube Autorisierungsphase im Unterantrag\n    auth_request off; # keine Autorisierung verwenden\n    set_decode_base64 $auth_decode $cookie_auth; # dekodiere das Authentifizierungs-Cookie\n    set_decrypt_session $auth_decrypt $auth_decode; # entschl\u00fcssle die Authentifizierung\n    if ($auth_decrypt = \"\") { return 401 UNAUTHORIZED; } # wenn die Entschl\u00fcsselung fehlschl\u00e4gt, ist der Benutzer nicht autorisiert\n    more_set_input_headers \"Authorization: Basic $auth_decrypt\"; # setze die Authentifizierung auf Basic (zum Nutzen der Variable $remote_user)\n    auth_basic_ldap_realm Auth; # LDAP-Authentifizierung aktivieren\n    auth_basic_ldap_url ldap:\/\/ldap.server.com; # Adresse festlegen\n    auth_basic_ldap_bind_dn dn.server.com; # Postfix festlegen\n    echo -n OK; # Benutzer autorisiert\n}<\/code><\/pre>\n<p>\nF\u00fcr autorisierte Benutzer zeigen wir Inhalte aus ihrem Verzeichnis an. <\/p>\n<pre><code class=\"nginx\">location \/{\n    alias html\/$remote_user\/;\n}<\/code><\/pre>\n<p>\nIm Falle fehlender Authentifizierung zeigen wir das Anmeldeformular mit CAPTCHA an. <\/p>\n<pre><code class=\"nginx\">error_page 401 = @error401;\nlocation @error401 {\n    set_escape_uri $request_uri_escape $request_uri; # Anfrage kodieren\n    return 303 \/login?request_uri=$request_uri_escape; # Weiterleitung zur Anmeldeseite mit Captcha, Anfrage beibehalten\n}\nlocation = \/login {\n    default_type \"text\/html; charset=utf-8\"; # Typ festlegen\n    if ($request_method = GET) { # Wenn nur die Anmeldeseite mit Captcha angezeigt werden soll\n        template login.html.ct2; # Vorlage festlegen\n        ctpp2 on; # Template-Engine aktivieren\n        set_secure_random_alphanum $csrf_random 32; # Zuf\u00e4lliges CSRF festlegen\n        encrypted_session_expires 300; # Lebensdauer des CSRF auf 5 Minuten setzen (5 * 60 = 300)\n        set_encrypt_session $csrf_encrypt $csrf_random; # Zuf\u00e4lliges CSRF verschl\u00fcsseln\n        set_encode_base64 $csrf_encode $csrf_encrypt; # Verschl\u00fcsseltes CSRF kodieren\n        add_header Set-Cookie \"CSRF=$csrf_encode; Max-Age=300\"; # Verschl\u00fcsseltes CSRF in ein Cookie f\u00fcr 5 Minuten ablegen (5 * 60 = 300)\n        return 200 \"{\"csrf\":\"$csrf_random\"}\"; # JSON f\u00fcr Template-Engine zur\u00fcckgeben\n    } # ansonsten - Anmeldeseite mit Captcha verarbeiten\n    set_form_input $csrf_form csrf; # CSRF aus dem Formular erhalten\n    set_unescape_uri $csrf_unescape $csrf_form; # CSRF aus dem Formular dekodieren\n    set_decode_base64 $csrf_decode $cookie_csrf; # CSRF aus dem Cookie dekodieren\n    set_decrypt_session $csrf_decrypt $csrf_decode; # CSRF aus dem Cookie entschl\u00fcsseln\n    if ($csrf_decrypt != $csrf_unescape) { return 303 $request_uri; } # Wenn CSRF aus dem Formular nicht mit CSRF im Cookie \u00fcbereinstimmt, zur\u00fcck zur Formularanzeige umleiten\n    set_form_input $captcha_form captcha; # Captcha aus dem Formular erhalten\n    set_unescape_uri $captcha_unescape $captcha_form; # Captcha aus dem Formular dekodieren\n    set_md5 $captcha_md5 \"secret${captcha_unescape}${csrf_decrypt}\"; # MD5 berechnen\n    if ($captcha_md5 != $cookie_captcha) { return 303 $request_uri; } # Wenn MD5 nicht mit dem Captcha im Cookie \u00fcbereinstimmt, zur\u00fcck zur Formularanzeige umleiten\n    set_form_input $username_form username; # Benutzername aus dem Formular erhalten\n    set_form_input $password_form password; # Passwort aus dem Formular erhalten\n    set_unescape_uri $username_unescape $username_form; # Benutzername aus dem Formular dekodieren\n    set_unescape_uri $password_unescape $password_form; # Passwort aus dem Formular dekodieren\n    encrypted_session_expires 2592000; # Lebensdauer der Sitzung auf 30 Tage festlegen (30 * 24 * 60 * 60 = 2592000)\n    set $username_password \"$username_unescape:$password_unescape\"; # Basic-Authentifizierung festlegen\n    set_encode_base64 $username_password_encode $username_password; # Basic-Authentifizierung kodieren\n    set_encrypt_session $auth_encrypt $username_password_encode; # Basic-Authentifizierung verschl\u00fcsseln\n    set_encode_base64 $auth_encode $auth_encrypt; # Verschl\u00fcsselte Basic-Authentifizierung kodieren\n    add_header Set-Cookie \"Auth=$auth_encode; Max-Age=2592000\"; # Verschl\u00fcsselte Basic-Authentifizierung in ein Cookie f\u00fcr 30 Tage ablegen (30 * 24 * 60 * 60 = 2592000)\n    set $arg_request_uri_or_slash $arg_request_uri; # Anfrage aus den Argumenten kopieren\n    set_if_empty $arg_request_uri_or_slash \"\/\"; # Wenn kein Argument angegeben ist, zum Beginn\n    set_unescape_uri $request_uri_unescape $arg_request_uri_or_slash; # Anfrage dekodieren\n    return 303 $request_uri_unescape; # Auf die gespeicherte Anfrage umleiten\n}<\/code><\/pre>\n<p>\nlogin.html<\/p>\n<pre><code class=\"xml\">&lt;html&gt;\n    &lt;body&gt;\n        &lt;form method=&quot;post&quot; action=&quot;&quot;&gt;\n            &lt;input type=&quot;hidden&quot; name=&quot;csrf&quot; value=&quot;&lt;TMPL_var csrf&gt;&quot; \/&gt;\n            Benutzername: &lt;input type=&quot;text&quot; name=&quot;username&quot; placeholder=&quot;Benutzernamen eingeben...&quot; \/&gt;&lt;br \/&gt;\n            password: &lt;input type=&quot;password&quot; name=&quot;password&quot; \/&gt;&lt;br \/&gt;\n            Captcha: &lt;img src=&quot;\/captcha?csrf=&lt;TMPL_var csrf&gt;&quot;\/&gt;&lt;input type=&quot;text&quot; name=&quot;captcha&quot; autocomplete=&quot;off&quot; \/&gt;&lt;br \/&gt;\n            &lt;input type=&quot;submit&quot; name=&quot;submit&quot; value=&quot;Absenden&quot; \/&gt;\n        &lt;input type=&quot;hidden&quot; name=&quot;trp-form-language&quot; value=&quot;de&quot;\/&gt;&lt;\/form&gt;\n    &lt;\/body&gt;\n&lt;\/html&gt;<\/code><\/pre>\n<p>Quelle: <a content=\"nofollow\" rel=\"nofollow\" href=\"https:\/\/habr.com\/ru\/post\/456600\/\">habr.com<\/a><\/p>","protected":false,"gt_translate_keys":[{"key":"rendered","format":"html"}]},"excerpt":{"rendered":"<p>\u0414\u043b\u044f \u043f\u0440\u0438\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u0441 \u043a\u0430\u043f\u0447\u0435\u0439 \u043d\u0430\u043c \u043f\u043e\u043d\u0430\u0434\u043e\u0431\u0438\u0442\u0441\u044f \u0441\u0430\u043c nginx \u0438 \u0435\u0433\u043e \u043f\u043b\u0430\u0433\u0438\u043d\u044b encrypted-session, form-input, ctpp2, echo, ldap, headers-more, auth_request, set-misc. (\u042f \u0434\u0430\u043b \u0441\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0441\u0432\u043e\u0438 \u0444\u043e\u0440\u043a\u0438, \u0442.\u043a. \u0434\u0435\u043b\u0430\u043b \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043f\u0440\u043e\u043f\u0438\u0445\u043d\u0443\u0442\u044c \u0432 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438. \u041c\u043e\u0436\u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0433\u043e\u0442\u043e\u0432\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c.) \u0414\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u0437\u0430\u0434\u0430\u0434\u0438\u043c encrypted_session_key &#171;abcdefghijklmnopqrstuvwxyz123456&#187;; \u0414\u0430\u043b\u044c\u0448\u0435, \u043d\u0430 \u0432\u0441\u044f\u043a\u0438\u0439 \u0441\u043b\u0443\u0447\u0430\u0439, \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0435\u043c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a [&hellip;]<\/p>\n","protected":false,"gt_translate_keys":[{"key":"rendered","format":"html"}]},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[688],"tags":[],"class_list":["post-35478","post","type-post","status-publish","format-standard","hentry","category-administrirovanie"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.10 - aioseo.com -->\n\t<meta name=\"description\" content=\"\u0414\u043b\u044f \u043f\u0440\u0438\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u0441 \u043a\u0430\u043f\u0447\u0435\u0439 \u043d\u0430\u043c \u043f\u043e\u043d\u0430\u0434\u043e\u0431\u0438\u0442\u0441\u044f \u0441\u0430\u043c nginx \u0438 \u0435\u0433\u043e \u043f\u043b\u0430\u0433\u0438\u043d\u044b encrypted-session, form-input, ctpp2, echo, ldap, headers-more, auth_request, set-misc. (\u042f \u0434\u0430\u043b \u0441\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0441\u0432\u043e\u0438 \u0444\u043e\u0440\u043a\u0438, \u0442.\u043a. \u0434\u0435\u043b\u0430\u043b \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043f\u0440\u043e\u043f\u0438\u0445\u043d\u0443\u0442\u044c \u0432 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438. \u041c\u043e\u0436\u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0433\u043e\u0442\u043e\u0432\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c.) \u0414\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u0437\u0430\u0434\u0430\u0434\u0438\u043c encrypted_session_key &quot;abcdefghijklmnopqrstuvwxyz123456&quot;; \u0414\u0430\u043b\u044c\u0448\u0435, \u043d\u0430 \u0432\u0441\u044f\u043a\u0438\u0439 \u0441\u043b\u0443\u0447\u0430\u0439, \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0435\u043c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"Yuri Gagarin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/prohoster.info\/de\/blog\/administrirovanie\/retsepty-nginx-ldap-avtorizatsiya-s-kapchej\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.10\" \/>\n\t\t<meta property=\"og:locale\" content=\"de_DE\" \/>\n\t\t<meta property=\"og:site_name\" content=\"ProHoster | \u041a\u0443\u043f\u0438\u0442\u044c \u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0439 \u0445\u043e\u0441\u0442\u0438\u043d\u0433 \u0434\u043b\u044f \u0441\u0430\u0439\u0442\u043e\u0432 \u0441 \u0437\u0430\u0449\u0438\u0442\u043e\u0439 \u043e\u0442 DDoS, VPS VDS \u0441\u0435\u0440\u0432\u0435\u0440\u044b\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"\ud83e\udd47\u0420\u0435\u0446\u0435\u043f\u0442\u044b Nginx: LDAP \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f \u0441 \u043a\u0430\u043f\u0447\u0435\u0439 | ProHoster\" \/>\n\t\t<meta property=\"og:description\" content=\"\u0414\u043b\u044f \u043f\u0440\u0438\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u0441 \u043a\u0430\u043f\u0447\u0435\u0439 \u043d\u0430\u043c \u043f\u043e\u043d\u0430\u0434\u043e\u0431\u0438\u0442\u0441\u044f \u0441\u0430\u043c nginx \u0438 \u0435\u0433\u043e \u043f\u043b\u0430\u0433\u0438\u043d\u044b encrypted-session, form-input, ctpp2, echo, ldap, headers-more, auth_request, set-misc. (\u042f \u0434\u0430\u043b \u0441\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0441\u0432\u043e\u0438 \u0444\u043e\u0440\u043a\u0438, \u0442.\u043a. \u0434\u0435\u043b\u0430\u043b \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043f\u0440\u043e\u043f\u0438\u0445\u043d\u0443\u0442\u044c \u0432 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438. \u041c\u043e\u0436\u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0433\u043e\u0442\u043e\u0432\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c.) \u0414\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u0437\u0430\u0434\u0430\u0434\u0438\u043c encrypted_session_key &quot;abcdefghijklmnopqrstuvwxyz123456&quot;; \u0414\u0430\u043b\u044c\u0448\u0435, \u043d\u0430 \u0432\u0441\u044f\u043a\u0438\u0439 \u0441\u043b\u0443\u0447\u0430\u0439, \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0435\u043c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/prohoster.info\/de\/blog\/administrirovanie\/retsepty-nginx-ldap-avtorizatsiya-s-kapchej\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/prohoster.info\/wp-content\/uploads\/2021\/11\/logo-350.jpg\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/prohoster.info\/wp-content\/uploads\/2021\/11\/logo-350.jpg\" \/>\n\t\t<meta property=\"og:image:width\" content=\"350\" \/>\n\t\t<meta property=\"og:image:height\" content=\"350\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2019-10-31T19:04:33+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2019-10-31T19:04:33+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/prohoster\" \/>\n\t\t<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/prohoster\" \/>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"\ud83e\udd47Rezepte f\u00fcr Nginx: LDAP-Authentifizierung mit CAPTCHA | ProHoster","description":"Um eine Authentifizierung mit CAPTCHA einzurichten, ben\u00f6tigen wir Nginx selbst und die Module encrypted-session, form-input, ctpp2, echo, ldap, headers-more, auth_request, set-misc. (Ich habe Links zu meinen Forks bereitgestellt, da ich einige \u00c4nderungen vorgenommen habe, die ich bisher nicht in die Original-Repositorys einpflegen konnte. Man kann auch ein vorgefertigtes Image verwenden.) Zuerst setzen wir den encrypted_session_key auf \"abcdefghijklmnopqrstuvwxyz123456\"; Danach deaktivieren wir sicherheitshalber den Authentifizierungsheader.","canonical_url":"https:\/\/prohoster.info\/de\/blog\/administrirovanie\/retsepty-nginx-ldap-avtorizatsiya-s-kapchej","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":null,"og:locale":"de_DE","og:site_name":"ProHoster | \u041a\u0443\u043f\u0438\u0442\u044c \u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0439 \u0445\u043e\u0441\u0442\u0438\u043d\u0433 \u0434\u043b\u044f \u0441\u0430\u0439\u0442\u043e\u0432 \u0441 \u0437\u0430\u0449\u0438\u0442\u043e\u0439 \u043e\u0442 DDoS, VPS VDS \u0441\u0435\u0440\u0432\u0435\u0440\u044b","og:type":"article","og:title":"\ud83e\udd47\u0420\u0435\u0446\u0435\u043f\u0442\u044b Nginx: LDAP \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f \u0441 \u043a\u0430\u043f\u0447\u0435\u0439 | ProHoster","og:description":"\u0414\u043b\u044f \u043f\u0440\u0438\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u0441 \u043a\u0430\u043f\u0447\u0435\u0439 \u043d\u0430\u043c \u043f\u043e\u043d\u0430\u0434\u043e\u0431\u0438\u0442\u0441\u044f \u0441\u0430\u043c nginx \u0438 \u0435\u0433\u043e \u043f\u043b\u0430\u0433\u0438\u043d\u044b encrypted-session, form-input, ctpp2, echo, ldap, headers-more, auth_request, set-misc. (\u042f \u0434\u0430\u043b \u0441\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0441\u0432\u043e\u0438 \u0444\u043e\u0440\u043a\u0438, \u0442.\u043a. \u0434\u0435\u043b\u0430\u043b \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043f\u0440\u043e\u043f\u0438\u0445\u043d\u0443\u0442\u044c \u0432 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438. \u041c\u043e\u0436\u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0433\u043e\u0442\u043e\u0432\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c.) \u0414\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u0437\u0430\u0434\u0430\u0434\u0438\u043c encrypted_session_key &quot;abcdefghijklmnopqrstuvwxyz123456&quot;; \u0414\u0430\u043b\u044c\u0448\u0435, \u043d\u0430 \u0432\u0441\u044f\u043a\u0438\u0439 \u0441\u043b\u0443\u0447\u0430\u0439, \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0435\u043c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a","og:url":"https:\/\/prohoster.info\/de\/blog\/administrirovanie\/retsepty-nginx-ldap-avtorizatsiya-s-kapchej","og:image":"https:\/\/prohoster.info\/wp-content\/uploads\/2021\/11\/logo-350.jpg","og:image:secure_url":"https:\/\/prohoster.info\/wp-content\/uploads\/2021\/11\/logo-350.jpg","og:image:width":350,"og:image:height":350,"article:published_time":"2019-10-31T19:04:33+00:00","article:modified_time":"2019-10-31T19:04:33+00:00","article:publisher":"https:\/\/www.facebook.com\/prohoster","article:author":"https:\/\/www.facebook.com\/prohoster"},"aioseo_meta_data":{"post_id":"35478","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":null,"schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"seo_analyzer_scan_date":"2026-01-21 23:26:19","breadcrumb_settings":null,"limit_modified_date":false,"reviewed_by":null,"ai":null,"created":"2021-03-01 02:01:27","updated":"2026-01-21 23:26:19"},"gt_translate_keys":[{"key":"link","format":"url"}],"_links":{"self":[{"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/posts\/35478","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/comments?post=35478"}],"version-history":[{"count":0,"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/posts\/35478\/revisions"}],"wp:attachment":[{"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/media?parent=35478"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/categories?post=35478"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/prohoster.info\/de\/wp-json\/wp\/v2\/tags?post=35478"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}