From 14b38b7704778b4000a7b1b31d78fbb6b45e647b Mon Sep 17 00:00:00 2001
From: Nathaniel McCallum <npmccallum@redhat.com>
Date: Wed, 28 May 2014 11:38:40 -0400
Subject: Add /session/token_sync POST support

This HTTP call takes the following parameters:
 * user
 * password
 * first_code
 * second_code
 * token (optional)

Using this information, the server will perform token synchronization.
If the token is not specified, all tokens will be searched for synchronization.
Otherwise, only the token specified will be searched.

https://fedorahosted.org/freeipa/ticket/4218

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
---
 install/conf/ipa.conf | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'install/conf')

diff --git a/install/conf/ipa.conf b/install/conf/ipa.conf
index f4dac9827..7eede73ef 100644
--- a/install/conf/ipa.conf
+++ b/install/conf/ipa.conf
@@ -1,5 +1,5 @@
 #
-# VERSION 15 - DO NOT REMOVE THIS LINE
+# VERSION 16 - DO NOT REMOVE THIS LINE
 #
 # This file may be overwritten on upgrades.
 #
@@ -103,6 +103,12 @@ KrbConstrainedDelegationLock ipa
   Allow from all
 </Location>
 
+<Location "/ipa/session/sync_token">
+  Satisfy Any
+  Order Deny,Allow
+  Allow from all
+</Location>
+
 # This is where we redirect on failed auth
 Alias /ipa/errors "/usr/share/ipa/html"
 
-- 
cgit