mod_securid: Installation documentation

Table of Contents

• Download
• Requirements
• Build as a static module
• Build as a dynamic module
• Notes for proxy
• Copyright

Download

Last release, which has proven through general use to be stable, is 1.8.8 (10/2004).

Please also read the CHANGES.

Requirements

To build mod_securid, you need an ACE/library. Three main releases exist:

• v-2
  the old one, named sdiclient.a and identified: ACE/Agent v 2.3 for ...;
• v-4
  the not so old one, named libaceclnt.a and identified: ACE/Agent v 4.1 for ...;
• v-5
  the brand new one, also named libaceclnt.a and identified: ACE/Agent Version 5.2 ...;

If you just wish to test mod_securid without any ACE/Server, please see ace_simul/, included with the distribution.

Else, to use mod_securid you also need an ACE/Server... The module has been successfully tested with:

• ACE/Server 3
  identified as: ACE/Server v 3.3.1;
• ACE/Server 4
  identified as: ACE/Server v 4.1;
• ACE/Server 5
  identified as: ACE/Server v 5.0, you then need to configure an "Acting Server", see mod_securid: Reference documentation, Usage;

Build as a static module

Extract apache:

% tar zxf apache_1.x.y.tar.gz

If you are using Apache as a standard proxy or a reverse proxy, please see notes for proxy problems.

Extract mod_securid:

% tar zxf mod_securid-x.y.tar.gz

Configure apache with mod_securid:

ACE/Client must have been installed. For standard installation (under /usr/ace, with /usr/ace/examples directory for ACE includes and library), use:

% cd apache_1.x.y % ACE=/usr/ace ./configure --add-module=../mod_securid-x.y/mod_securid.c ...

If you do not have a standard ACE/Client installation, you may use:

% cd apache_1.x.y % ACE_INC=...dir... ACE_LIB=...dir... ./configure --add-module=../mod_securid-x.y/mod_securid.c ...

Compile:

% make

If you want to use real gdbm support (and not dbm, which is the default), use the SECURID_USE_GDBM variable:

% make EXTRA_CFLAGS=-DSECURID_USE_GDBM EXTRA_LIBS=-lgdbm

If you want to include debug messages (which is not the default), use the SECURID_DEBUG variable:

% make EXTRA_CFLAGS=-DSECURID_DEBUG

Build as a dynamic module

Extract mod_securid:

% tar zxf mod_securid-x.y.tar.gz

Compile the module:

As for static module, ACE/Client must have been installed. For standard installation, use:

% cd mod_securid-x.y % apxs -I/usr/ace/examples -c mod_securid.c /usr/ace/examples/sdiclient.a

Perhaps you will need to include a dbm library; nbdm is the default:

% apxs -c mod_securid.c -lndbm

If you want real gdbm support, use:

% apxs -c -DSECURID_USE_GDBM mod_securid.c -lgdbm

If you want to include debug messages (which is not the default), use:

% apxs -c -DSECURID_DEBUG mod_securid.c

Install the module:

% apxs -i mod_securid.so

You may add the -a option to activate the module in your httpd.conf:

% apxs -i -a mod_securid.so

Notes for proxy

When using mod_securid with Apache running as a standard or reverse proxy, you need to apply the following patch:

• proxy_headers-1.3.31.diff, for Apache-1.3.31;
• proxy_headers-1.3.29.diff, for Apache-1.3.29;
• proxy_headers-1.3.27.diff, for Apache-1.3.27;
• proxy_headers-1.3.26.diff, for Apache-1.3.26;
• proxy_headers-1.3.23.diff, for Apache-1.3.23;
• proxy_headers-1.3.22.diff, for Apache-1.3.22;
• proxy_headers-1.3.20.diff, for Apache-1.3.20;

Copyright

This module is free software; you can redistribute it and/or modify it under the same terms as Apache itself. This module is distributed in the hope that it will be useful, but without any warranty; without even the implied warranty of merchantability or fitness for a particular purpose. The copyright holder of this module can not be held liable for any general, special, incidental or consequential damages arising out of the use of the module.

Security Dynamics, the Security Dynamics logo, ACE, ACE/Server, SecurID, SoftID and WebID are registered trademarks of Security Dynamics Technologies, Inc.

All other products or services mentioned in this document are covered by the trademarks, service marks, or product names as designated by the companies who own or market them.

Apache HTTP Server Version 1.3