1 files changed, 9 insertions, 18 deletions

diff --git a/ipa-server/xmlrpc-server/ipa.conf b/ipa-server/xmlrpc-server/ipa.conf
index 10c9b5ec2..c08282e3b 100644
--- a/ipa-server/xmlrpc-server/ipa.conf
+++ b/ipa-server/xmlrpc-server/ipa.conf
@@ -22,36 +22,27 @@ AddType application/java-archive        jar
   Order deny,allow
   Allow from all
 
-  # We create a subrequest to find REMOTE_USER. Don't do this for every
-  # subrequest too (slow and huge logs result)
-  RewriteCond %{IS_SUBREQ}% false
-  RewriteRule .* - [E=RU:%{LA-U:REMOTE_USER}]
-  RequestHeader set X-Forwarded-User %{RU}e
   RequestHeader set X-Forwarded-Keytab %{KRB5CCNAME}e
 
   # RequestHeader unset Authorization
 </Proxy>
 
 # The URI's with a trailing ! are those that aren't handled by the proxy
-ProxyPass /cgi-bin !
-ProxyPass /errors !
-ProxyPass /config !
-ProxyPass /ipa !
-#ProxyPass /ipatest !
-ProxyPass / http://localhost:8080/
-ProxyPassReverse /cgi-bin !
-ProxyPassReverse /errors !
-ProxyPassReverse /config !
-ProxyPassReverse /ipa !
-#ProxyPassReverse /ipatest !
-ProxyPassReverse / http://localhost:8080/
+ProxyPass /ipa http://localhost:8080/ipa
+ProxyPassReverse /ipa http://localhost:8080/ipa
 
 # Configure the XML-RPC service
+Alias /ipaxml "/usr/share/ipa/ipaserver/XMLRPC"
 
-Alias /ipa "/usr/share/ipa/ipaserver/XMLRPC"
+# This is where we redirect on failed auth
 Alias /errors "/usr/share/ipa/html"
+
+# For the MIT Windows config files
 Alias /config "/usr/share/ipa/html"
 
+# So we don't have to hardcode a path into the CSS
+Alias /static "/usr/share/ipa/ipagui/static"
+
 <Directory "/usr/share/ipa/ipaserver">
   AuthType Kerberos
   AuthName "Kerberos Login"