LDAP session backend

An Apache session module was created by LL::NG team to store sessions in an LDAP directory.

Attention

This module is not part of LL::NG distribution, and can be found on CPAN: Apache::Session::LDAP.

Tip

This module is also available on GitHub.

Sessions will be stored as LDAP entries, like this:

dn: cn=6fb7c4a170a04668771f03b0a4747f46,ou=sessions,dc=example,dc=com
objectClass: applicationProcess
cn: 6fb7c4a170a04668771f03b0a4747f46
description: [Base64 serialized data]

Setup

Go in the Manager and set the LDAP session module (Apache::Session::LDAP) in General parameters » Sessions » Session storage » Apache::Session module and add the following parameters (case sensitive):

Required parameters

Name

Comment

Example

ldapServer

URI of the server

ldap://localhost

ldapConfBase

DN of sessions branch

ou=sessions,dc=example,dc=com

ldapBindDN

Connection login

cn=admin,dc=example,dc=dom

ldapBindPassword

Connection password

secret

Optional parameters

Name

Comment

Default value

ldapObjectClass

Objectclass of the entry

applicationProcess

ldapAttributeId

Attribute storing session ID

cn

ldapAttributeContent

Attribute storing session content

description

ldapVerify

Perform certificate validation

require (use none to disable)

ldapCAFile

Path of CA file bundle

(system CA bundle)

ldapCAPath

Perform CA directory

(system CA bundle)

Security

Restrict network access to the LDAP directory, and add specific ACL to session branch.

You can also use different user/password for your servers by overriding parameters globalStorage and globalStorageOptions in lemonldap-ng.ini file.