| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Closes #121
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Internal redirects are a special case of subrequest - they
have no req->main but req->prev instead, so we should check
for that too in case the request is not initial.
Also, make sure to export MAG environment variables to
subrequests and internal redirects.
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Reported-by: scopev24
Closes #119
|
|
|
|
|
|
|
|
|
|
| |
With the new 'file:' sytnax a session key can be automatically generated
the first time mod_auth_gssapi runs and stored on the filesystem.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Robbie Harwood <rharwood@redhat.com>
Closes #117
|
|
|
|
|
|
|
|
|
|
|
| |
This is mostly gunk around how the webserver is called and what is
built-in versus a module. I have mostly added templating logic for
commenting pieces of the conf file.
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
Reviewed-by: Isaac Boukris <iboukris@gmail.com>
Closes #118
|
|
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Robbie Harwood <rharwood@redhat.com>
Closes #112
|
|
|
|
|
|
|
|
| |
Fallout from #98
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Closes #100
|
|
|
|
|
|
| |
Signed-off-by: Robbie Harwood <rharwood@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Merges #99
|
|
|
|
|
|
|
| |
Useful when running tests on VM with low entropy
Reviewed-by: Simo Sorce <simo@redhat.com>
Closexs #77
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If negotiation was attempted but failed do not send a new Negotiate header.
Useful when only one single sign on mechanism is allowed and to avoid
misleading login prompts in some browsers.
Added a test of the GssapiDontReauth option to the test suite.
Also added SPNEGO no auth test.
[SS: reworded and fixed commit subject/comment]
[SS: fixed whitespace errors and 80 column wrappings]
Reviewed-by: Simo Sorce <simo@redhat.com>
Close #65
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add appropairate authorization headers to test with SPNEGO too as
discussed in #48
Requires recent version of python-gssapi module, see:
https://github.com/pythongssapi/python-gssapi/pull/74
Simo: Squashed original patches in one, removed trailing whitespaces
and reworded the commit message.
Reviewed-by: Simo Sorce <simo@redhat.com>
Closes #49
|
|
|
|
|
|
|
|
| |
Add test for second user on the same connection with the password
of the first user and without auth at all.
Reviewed-by: Simo Sorce <simo@redhat.com>
Closes #48
|
|
|
|
| |
Reviewed-by: Simo Sorce <simo@redhat.com>
|
|
|
|
|
|
|
| |
Make sure each request is authenticated according to given credentials
even when GssapiConnectionBound is set.
Reviewed-by: Simo Sorce <simo@redhat.com>
|
|
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
Requires various python packages nd the cwrap project's scoket_wrapper
and nss_wrapper tools, as well as the krb5kdc and the httpd server and
related modules (like mod_session).
Signed-off-by: Simo Sorce <simo@redhat.com>
|