| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
With the switch to mod_auth_gssapi we aren't limited to only
negotiated Kerberos so name the plugin to reflect this.
https://fedorahosted.org/ipsilon/ticket/114
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change configuration on new installs only.
Enable GssapiLocalName so we have access to the local name in
REMOTE_USER and the full principle in GSS_NAME.
Enable GssapiSSLonly even though SSLRequireSSL is also set.
The belt and suspenders principla.
https://fedorahosted.org/ipsilon/ticket/89
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When Ipsilon is being installed with IPA, one is most likely going
to use Kerberos to login to Ipsilon as the administrator. We should
call this out, as the default of 'admin' for the Ipsilon admin user
will conflict with the IPA 'admin' user. You will be unable to
create a local 'admin' user at this point, requiring you to modify
the sqlite database directly to change the admin user to a full
principal.
I also corrected a typo and wrapped a line that was > 79 chars.
Signed-off-by: Nathan Kinder <nkinder@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
|
The HowTo cover the simplest scenarios for both the Identiry and
Service Provider applications.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
