summaryrefslogtreecommitdiffstats
path: root/examples/apache.conf
diff options
context:
space:
mode:
Diffstat (limited to 'examples/apache.conf')
-rw-r--r--examples/apache.conf20
1 files changed, 8 insertions, 12 deletions
diff --git a/examples/apache.conf b/examples/apache.conf
index 19ebb0d..cacbf70 100644
--- a/examples/apache.conf
+++ b/examples/apache.conf
@@ -3,20 +3,16 @@ WSGIScriptAlias /idp /usr/libexec/ipsilon.py
WSGIDaemonProcess idp maximum-requests=2 user=ipsilon group=ipsilon
WSGIProcessGroup idp
-<Location /idp/login/krb/negotiate>
- AuthType Kerberos
- AuthName "Kerberos Login"
- KrbMethodNegotiate on
- KrbMethodK5Passwd off
- KrbServiceName HTTP
- KrbAuthRealms IPA.DEV.LAN
- Krb5KeyTab /etc/httpd/conf/http.keytab
- KrbSaveCredentials off
- KrbConstrainedDelegation off
- KrbLocalUserMapping On
+<Location /idp/login/gssapi/negotiate>
+ AuthType GSSAPI
+ AuthName "GSSAPI Single Sign On Login"
+ GssapiCredStore /etc/httpd/conf/http.keytab
+ GssapiSSLonly On
+ GssapiLocalName on
Require valid-user
- ErrorDocument 401 /idp/login/krb/unauthorized
+ ErrorDocument 401 /idp/login/gssapi/unauthorized
+ ErrorDocument 500 /idp/login/gssapi/failed
</Location>
<Directory /usr/libexec>
generated by cgit (git 2.34.1) at 2024-05-02 02:38:23 +0000