Saturday, November 5, 2016

Wordpress Multisite and Apache LDAP Auth with Certain Site Exceptions

So I ran into a situation that had me stumped for a couple of days with one of our Wordpress Multisite installations. We needed to have Apache 2.4 provide Active Directory basic auth over the entire installation with the exception of a few individual sites we wanted to have public access to. We also needed to have the whole installation open to our internal local networks.

The stumbling block was that Wordpress does redirects on the site URL's which interferes with how Apache can apply it's authorization logic. In the end I needed 2 directives in my conf file.

Require env NOAUTH
Require env REDIRECT_NOAUTH


So let's say my site installation was http://wordpress.mydomain.com and I had 500 subfolder sites ie:

http://wordpress.mydomain.com/private01
http://wordpress.mydomain.com/private02
http://wordpress.mydomain.com/public01
http://wordpress.mydomain.com/public02
etc.....

and I needed to have only the 2 public01 & public02 sites be open with no password protection but all the other sites needed to be password protected against our internal Active Directory servers. I also needed to make sure that our local subnets were not prompted for passwords.

Here are the relevant apache 2.4 config entries

# These 2 url paths are public, no password required
SetEnvIfNoCase REQUEST_URI /public01 NOAUTH
SetEnvIfNoCase REQUEST_URI /public02 NOAUTH

# These 3 subnets are local, no passwords are required
# We use X-Forwarded-For since we use proxy servers behind load balance systems
SetEnvIf X-Forwarded-For ^10\.1\. NOAUTH
SetEnvIf X-Forwarded-For ^10\.2\. NOAUTH
SetEnvIf X-Forwarded-For ^10\.3\. NOAUTH

Require env NOAUTH
Require env REDIRECT_NOAUTH
Require valid-user



The most important line of all of this for me was

Require env REDIRECT_NOAUTH

This is what made it work with Wordpress but this line by itself is not enough, you need both of the Require env NOAUTH  lines to make it all work.

Here is the complete apache 2.4 conf file for reference

 <VirtualHost *:80>  
     ServerAdmin webmaster@mydomain.com  
     ServerName mydomain.com  
     ServerAlias blogs.mydomain.com  
     DocumentRoot /www/wordpress  
     # These 2 url paths are public, no password required  
     SetEnvIfNoCase REQUEST_URI /public01 NOAUTH  
     SetEnvIfNoCase REQUEST_URI /public02 NOAUTH  
     # These 3 subnets are local, no passwords are required  
     SetEnvIf X-Forwarded-For ^10\.1\. NOAUTH  
     SetEnvIf X-Forwarded-For ^10\.2\. NOAUTH  
     SetEnvIf X-Forwarded-For ^10\.3\. NOAUTH  
     <Directory /www/wordpress/ >  
       AllowOverride All  
       AuthName "Please enter your name & password"  
       AuthType Basic  
       AuthBasicProvider ldap  
       AuthUserFile /dev/null  
       AuthLDAPURL "ldap://adserver.mydomain.com/OU=Users,DC=mydomain,DC=com?sAMAccountName?sub?(objectClass=user)"  
       AuthLDAPBindDN "CN=LDAP User Account,OU=Users,DC=mydomain,DC=com"  
       AuthLDAPBindPassword "ldapuserpassword"  
       <RequireAny>  
        Require env NOAUTH  
        Require env REDIRECT_NOAUTH  
        Require valid-user  
       </RequireAny>  
     </Directory>  
 </VirtualHost>  


This stumped me for 2 days so I hope somebody else will find this useful and save them some time searching for an answer to this problem.

--















Thursday, September 29, 2016

Mt Langley / Miter Basin / Cottonwood Lakes 4 Day Backpack Trip

4 Day Backpack Trip with Tom, about 34 miles total. We started in Horseshoe Meadows, spent the 1'st night at Cottonwood Lakes 4/5. Next day headed up Old Army Pass to summit Mt Langley and then down to Upper Soldier Lake for night 2. On the 3rd day we explored Miter Basin, Sky Blue Lake and then headed down Rock Creek to spend night 3 at Lower Soldier Lake. Day 4 we hiked out via the PCT and Chicken Spring Lake.

All photos were taken with my old Canon S95 point'n shoot camera in jpg format. Panorama's created with Autopano Giga software.


GPS Track Log


Cottonwood Lakes area


Cottonwood Lake #3


Cottonwood Lakes 4 & 5. This is looking down from Old Army Pass


Saw quite a few Bighorn Sheep around the 12,000' range as we summited Mt Langley






Bighorn Sheep heading down towards Upper Soldier Lake


One of the new large cairn's built to summit Mt Langley


Looking straight down from the top of Mt Langley, what is that, about 1,000' straight down? Not for those afraid of heights!


Looking at Mt Whitney from the top of Mt Langley


Tom coming down the ravine to Upper Soldier Lake


Upper Soldier Lake


Is this a baby marmot?? Totally wrong time of year if so, maybe one of you reading this knows? Please let me know if you can identify this little baby creature


Lodgepole Chipmunk


The Mighty Miter Basin area


Looking down at Lower Soldier Lake


Very pretty unnamed lake in Miter Basin


Tom in Miter Basin (The Miter in the left background)


Sky Blue Lake


Sky Blue Lake panorama


Miter Basin


Marmot Scat


Still some pretty flowers in Miter Basin


This is heading down Rock Creek


Beautiful Rock Creek


Sierra Tree Frog


Rock Creek area looking back at the Miter Basin area


Looking out over Big Whitney Meadow and Kern Peak in the far distance







Monday, July 4, 2016

Bighorn Sheep Census Count 2016 ABDSP

Annual ABDSP Bighorn Sheep Census Count happened this July 1'st - 3rd. I counted at Rattlesnake Spring again with a total of 40 unique sheep, thatis about 50% of our normal count numbers. Temperatures were much lower this year so the sheep seemed to just not be very thirsty. I opted out of bringing my digital camera and 600mm lens this year and instead took a trail camera. Here is my lame attempt at making a video from the hundreds of movie clips and photos it captured over the course of 3 days in triple digit temps....enjoy!

BTW, Total Mylar balloons this trip - 1 right at our count site!










--

Saturday, June 18, 2016

Rocky Basin Lakes & Big Whitney Meadow 7 Day Backpack

Gary and I had another great 7 day backpack trip in the Golden Trout Wilderness. This year we looped thru Rocky Basin Lakes again but also made it to Johnson Peak, Big Whitney Meadow, Volcano Meadow & Cold Meadow. We did see one bear in Volcano Meadow, it was early morning and hew was scratching his back on a pine tree..he took off running after he got wind of us though. This was also the first time we took bear canisters, normally we double hang our food but last year we felt hindered by camp site locations since we were always looking for that perfect tree. Can't say I liked the size or weight of the canisters but we were able to camp anywhere we wanted this time. We had good timing this year, there was plenty of water, green meadows and the cowboys were bringing in the cows on the last day we were leaving. I had 6 rolls of 120 Fuji Velvia 50 film in the refrigerator that was getting kinda old so took that and shoot all of them (Film scanned on an Epson v750). We stopped off at a few rock arts sites on the way to the trailhead, some petroglyphs and pictograph sites. Taker a look at the map, it was a great route and I would recommend it to anybody thinking about where to go.





Guzzler out near Squaw Spring


Petroglyphs at Squaw Spring





We camped out near the Golden Valley Wilderness area to check out more petroglyphs in the morning before heading off to Blackrock Trailhead



Steam Well Petroglyphs













Here are a few pictographs we found after looking at some old BLM maps









Here is the same shot with Gary for size comparison, I took this with my phone and the amazing DStretch app


Johnson Creek / Meadow at the bottom of Johnson Peak


Johnson Lake


Gary on top of Johnson Peak


Peak register box..only a few entries per year, mostly June-August. Can't believe Bob Burd's entry was only as recent as 2015..


Cold Meadows which is just below Kern Peak and not often visited is my guess, beautiful meadow


Redrock Meadows & Indian Head, I way over exposed this by accident and lost all the beautiful color on Indian Head. It was deep lava red with lots of yellow & orange lichen


This is somewhere near Long Canyon & Redrock Meadows junction


Big Whitney Meadow and part of Cirque Peak in the background, water was cold and some snow was still up on the peaks and ridges


We had Big Whitney meadow to ourselves, in fact we only saw a few people the whole trip




Casa Vieja was green and there were several folks out there fishing




Somewhere along the Golden Trout Creek headoing towards Big Whitney Meadow




Moonrise over Templeton Mountain, we had a full moon almost every night and I don't think we really used our headlamps at all


Wildlife along the way




Found a nice biface at one of our campsites


Total Mylar Balloons this trip - 2


--