SSOwat do we do next?

I recently found an awesome project on Github called SSOwat. It's a super-lightweight SSO application written in Lua that integrates directly with Nginx. I got extremely excited because how often do you find a cool SSO project that's not written in Enterprise Web-Scale Java or lolPHP? Interestingly enough, SSOwat was built with the intention of integrating with a neat project called YunoHost.

After checking it out and promptly getting a LDAP server set up, I started setting it up in my Nginx jail. During my setup, I made some UI mods to be less YunoHost branded and more generic-ish with a flat UI. I also added an additional setting to restrict user login to a specific login group (restrict_login_group). My changes can be found in the maiome-development github repo, here.

First things first, I had to recompile Nginx with the Lua module, which is very trivial to do on FreeBSD. On FreeBSD, the adding the Lua flag to the Nginx port automatically compiles LuaJIT 2.0.4.

SSOwat requires the lualdap module, but in ports, it is only available for Lua 5.2, but LuaJIT 2.0.4 is equivalent to Lua 5.1. The easiest way to make this work is to install the following packages:


After that, we actually need to compile the lualdap module. The latest version that is compatible with Lua 5.1 can be cloned from I recommend applying this patch and adjusting CC and other paths to fit your platform.

lualdap can easily be compiled and installed via make install. On FreeBSD, this will result in a being added to /usr/local/lib/lua/5.1/.

After all of that work, everything should be ready to go! Just follow the installation instructions in the README and you're good to go!

Sean Johnson

Software developer, music enthusiast, college student, and cat lover. Currently enthralled by the world of networking, security, and cloud technology.

San Antonio, TX

Subscribe to Land of Weird Things

Get the latest posts delivered right to your inbox.

or subscribe via RSS with Feedly!