diff options
| author | Simo Sorce <simo@redhat.com> | 2015-05-08 13:39:29 -0400 |
|---|---|---|
| committer | Jan Cholasta <jcholast@redhat.com> | 2015-10-15 14:24:33 +0200 |
| commit | 463dda30679da9ac5eea5683984002989965e2a5 (patch) | |
| tree | e1e6c421598e7586e47bb7d3377a19ae3f2d6d44 /install/conf | |
| parent | ba22999cefb57f344acdc63a553d569ab6249099 (diff) | |
| download | freeipa-463dda30679da9ac5eea5683984002989965e2a5.tar.gz freeipa-463dda30679da9ac5eea5683984002989965e2a5.tar.xz freeipa-463dda30679da9ac5eea5683984002989965e2a5.zip | |
Add ipa-custodia service
Add a customized Custodia daemon and enable it after installation.
Generates server keys and loads them in LDAP autonomously on install
or update.
Provides client code classes too.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Diffstat (limited to 'install/conf')
| -rw-r--r-- | install/conf/ipa.conf | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/install/conf/ipa.conf b/install/conf/ipa.conf index e2b602c85..af58e517b 100644 --- a/install/conf/ipa.conf +++ b/install/conf/ipa.conf @@ -1,5 +1,5 @@ # -# VERSION 18 - DO NOT REMOVE THIS LINE +# VERSION 19 - DO NOT REMOVE THIS LINE # # This file may be overwritten on upgrades. # @@ -103,6 +103,14 @@ WSGIScriptReloading Off Allow from all </Location> +# Custodia stuff is redirected to the custodia daemon +# after authentication +<Location "/ipa/keys/"> + ProxyPass "unix:/run/httpd/ipa-custodia.sock|http://localhost/keys/" + RequestHeader set GSS_NAME %{GSS_NAME}s + RequestHeader set REMOTE_USER %{REMOTE_USER}s +</Location> + # This is where we redirect on failed auth Alias /ipa/errors "/usr/share/ipa/html" |