<ahref="http://drupal.org"class="urlextern"title="http://drupal.org"rel="nofollow">Drupal</a> is a <abbrtitle="Content Management System">CMS</abbr> written in PHP. It can works with external modules to extends its functionalities. One of this module can be used to delegate authentication server to the web server: <ahref="http://drupal.org/project/Webserver_auth"class="urlextern"title="http://drupal.org/project/Webserver_auth"rel="nofollow">Webserver Auth</a>.
Install <ahref="http://drupal.org/project/Webserver_auth"class="urlextern"title="http://drupal.org/project/Webserver_auth"rel="nofollow">Webserver Auth</a> module, by downloading it, and unarchive it in the drupal modules/ directory.
Configure Drupal virtual host like other <ahref="../configvhost.html"class="wikilink1"title="documentation:2.0:configvhost">protected virtual host</a>.
</p>
<divclass="noteimportant">If you are protecting Drupal with <abbrtitle="LemonLDAP::NG">LL::NG</abbr> as reverse proxy, <ahref="../header_remote_user_conversion.html"class="wikilink1"title="documentation:2.0:header_remote_user_conversion">convert header into REMOTE_USER environment variable</a>.
</div><ul>
<liclass="level1"><divclass="li"> For Apache:</div>
<h3class="sectionedit7"id="drupal_virtual_host_in_manager">Drupal virtual host in Manager</h3>
<divclass="level3">
<p>
Go to the Manager and <ahref="../configvhost.html#lemonldapng_configuration"class="wikilink1"title="documentation:2.0:configvhost">create a new virtual host</a> for Drupal.
</p>
<p>
Just configure the <ahref="../writingrulesand_headers.html#rules"class="wikilink1"title="documentation:2.0:writingrulesand_headers">access rules</a>.
</p>
<p>
If using <abbrtitle="LemonLDAP::NG">LL::NG</abbr> as reverse proxy, configure the <code>Auth-User</code><ahref="../writingrulesand_headers.html#headers"class="wikilink1"title="documentation:2.0:writingrulesand_headers">header</a>, else no headers are needed.
</p>
</div>
<!-- EDIT7 SECTION "Drupal virtual host in Manager" [2093-2446] -->
<h3class="sectionedit8"id="protect_only_the_administration_pages">Protect only the administration pages</h3>
<divclass="level3">
<p>
With the above solution, all the Drupal site will be protected, so no anonymous access will be allowed.
</p>
<divclass="noteimportant">You cannot use the <code>unprotect</code> rule because Drupal navigation is based on query strings (?q=admin, ?q=user, etc.), and unprotect rule only works on <abbrtitle="Uniform Resource Locator">URL</abbr> patterns.
</div>
<p>
You can create a special virtual host and use <ahref="http://httpd.apache.org/docs/current/mod/mod_rewrite.html"class="urlextern"title="http://httpd.apache.org/docs/current/mod/mod_rewrite.html"rel="nofollow">Apache rewrite module</a> to switch between open and protected hosts: