diff options
author | Simo Sorce <simo@redhat.com> | 2016-12-16 09:43:25 -0500 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2017-01-03 11:42:52 -0500 |
commit | e2a50ad80f55bf2a933ef177914caa5c7ac6f4a9 (patch) | |
tree | 849be9f97ca026229f38ee68e8bc0dd1d0658d3d /README | |
parent | 0d6a1a390a578ab8be5bc0d6225e3e0b07dc7eba (diff) | |
download | mod_auth_gssapi-e2a50ad80f55bf2a933ef177914caa5c7ac6f4a9.tar.gz mod_auth_gssapi-e2a50ad80f55bf2a933ef177914caa5c7ac6f4a9.tar.xz mod_auth_gssapi-e2a50ad80f55bf2a933ef177914caa5c7ac6f4a9.zip |
Add option to store the session encryption key.
With the new 'file:' sytnax a session key can be automatically generated
the first time mod_auth_gssapi runs and stored on the filesystem.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Robbie Harwood <rharwood@redhat.com>
Closes #117
Diffstat (limited to 'README')
-rw-r--r-- | README | 15 |
1 files changed, 13 insertions, 2 deletions
@@ -144,10 +144,21 @@ admin can choose to install a permanent key in the configuration so that session data remain accessible after a restart or by multiple servers sharing the same key. -The key must be a base64 encoded raw key of 32 bytes of length. +Two schemes to read persistent keys are provided, 'key' and 'file'. -#### Example +- 'key' + A key is read from the configuration directive. + The key must be a base64 encoded raw key of 32 bytes of length. + +- 'file' + A file on the file system is used to store the key. If the file does not + exists one is created with a randomly generated key during the first + execution. + + +#### Examples GssapiSessionKey key:VGhpcyBpcyBhIDMyIGJ5dGUgbG9uZyBzZWNyZXQhISE= + GssapiSessionKey file:/var/lib/httpd/secrets/session.key ### GssapiCredStore |