summaryrefslogtreecommitdiffstats
path: root/install/conf/ipa-kdc-proxy.conf.template
diff options
context:
space:
mode:
Diffstat (limited to 'install/conf/ipa-kdc-proxy.conf.template')
-rw-r--r--install/conf/ipa-kdc-proxy.conf.template30
1 files changed, 30 insertions, 0 deletions
diff --git a/install/conf/ipa-kdc-proxy.conf.template b/install/conf/ipa-kdc-proxy.conf.template
new file mode 100644
index 000000000..9290cebba
--- /dev/null
+++ b/install/conf/ipa-kdc-proxy.conf.template
@@ -0,0 +1,30 @@
+# Kerberos over HTTP / MS-KKDCP support (Kerberos KDC Proxy)
+#
+# The symlink from /etc/ipa/kdcproxy/ to /etc/httpd/conf.d/ is maintained
+# by the ExecStartPre script /usr/libexec/ipa/ipa-httpd-kdcproxy in
+# httpd.service. The service also sets the environment variable
+# KDCPROXY_CONFIG to $KDCPROXY_CONFIG.
+#
+# Disable KDC Proxy on the current host:
+# # ipa-ldap-updater /usr/share/ipa/kdcproxy-disable.uldif
+# # systemctl restart httpd.service
+#
+# Enable KDC Proxy on the current host:
+# # ipa-ldap-updater /usr/share/ipa/kdcproxy-enable.uldif
+# # systemctl restart httpd.service
+#
+
+WSGIDaemonProcess kdcproxy processes=2 threads=15 maximum-requests=5000 \
+ user=kdcproxy group=kdcproxy display-name=%{GROUP}
+WSGIImportScript /usr/lib/python2.7/site-packages/kdcproxy/__init__.py \
+ process-group=kdcproxy application-group=kdcproxy
+WSGIScriptAlias /KdcProxy /usr/lib/python2.7/site-packages/kdcproxy/__init__.py
+WSGIScriptReloading Off
+
+<Location "/KdcProxy">
+ Satisfy Any
+ Order Deny,Allow
+ Allow from all
+ WSGIProcessGroup kdcproxy
+ WSGIApplicationGroup kdcproxy
+</Location>
generated by cgit (git 2.34.1) at 2024-06-19 16:01:51 +0000