diff options
Diffstat (limited to 'examples/apache.conf')
-rw-r--r-- | examples/apache.conf | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/examples/apache.conf b/examples/apache.conf index 19ebb0d..cacbf70 100644 --- a/examples/apache.conf +++ b/examples/apache.conf @@ -3,20 +3,16 @@ WSGIScriptAlias /idp /usr/libexec/ipsilon.py WSGIDaemonProcess idp maximum-requests=2 user=ipsilon group=ipsilon WSGIProcessGroup idp -<Location /idp/login/krb/negotiate> - AuthType Kerberos - AuthName "Kerberos Login" - KrbMethodNegotiate on - KrbMethodK5Passwd off - KrbServiceName HTTP - KrbAuthRealms IPA.DEV.LAN - Krb5KeyTab /etc/httpd/conf/http.keytab - KrbSaveCredentials off - KrbConstrainedDelegation off - KrbLocalUserMapping On +<Location /idp/login/gssapi/negotiate> + AuthType GSSAPI + AuthName "GSSAPI Single Sign On Login" + GssapiCredStore /etc/httpd/conf/http.keytab + GssapiSSLonly On + GssapiLocalName on Require valid-user - ErrorDocument 401 /idp/login/krb/unauthorized + ErrorDocument 401 /idp/login/gssapi/unauthorized + ErrorDocument 500 /idp/login/gssapi/failed </Location> <Directory /usr/libexec> |