"mod_auth_sspi is included in the XAMPP package."
but im not sure if this is the correct one and its rather confusing it install
mod_auth_sspi readme wrote:Basic installation instructions:
1. Add the module to the server's config file.
Typically you'll do this by adding something like the following to your
httpd.conf:
LoadModule sspi_auth_module modules/mod_auth_sspi.so
Make it the last module loaded if you can.
2. Protect a directory or location.
You can put these directives inside the httpd.conf file, or inside .htaccess
files if AllowOverride AuthConfig is set.
<Directory "C:/SSPI">
AllowOverride None
Options None
Order allow,deny
Allow from all
AuthName "My Intranet"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
require valid-user
</Directory>
3. If you plan to use Basic authentication, set the Apache service to run as
a valid local or domain user. Failure to do so will result in clients getting
400 Bad Request or 500 Internal Server Error responses.
==========
That's about it! A brief discussion of the other options (copied verbatim from
the source):
SSPIAuth - set to 'on' to activate SSPI authentication here
SSPIOfferSSPI - set to 'off' to allow access control to be passed
along to lower modules if the UserID is not known to
this module
SSPIAuthoritative - set to 'off' to allow access control to be passed
along to lower modules if the UserID is not known to
this module
SSPIOfferBasic - set to 'on' to allow the client to authenticate
against NT with 'Basic' authentication instead of
using the NTLM protocol
SSPIPackage - set to the name of the package you want to use to
authenticate users
SSPIDomain - set to the domain you want users authenticated
against for cleartext authentication - if not
specified, the local machine, then all trusted
domains are checked
SSPIBasicPreferred - set to 'on' if you want basic authentication to be
the higher priority
SSPIMSIE3Hack - set to 'on' if you expect MSIE 3 clients to be using
this server
The require directive can take the following forms (based on the old
mod_auth):
require valid-user # any valid user will do, useful for logging
# who accessed each file, for example
require user DOMAIN\Username # require a specific user
require group DOMAIN\Groupname # require a group member
require user "NT DOMAIN\User name"
# require a user with spaces in logon id