diff options
Diffstat (limited to 'install/conf')
| -rw-r--r-- | install/conf/ipa.conf | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/install/conf/ipa.conf b/install/conf/ipa.conf index f256dab4d..676086a90 100644 --- a/install/conf/ipa.conf +++ b/install/conf/ipa.conf @@ -44,8 +44,23 @@ WSGIScriptReloading Off KrbConstrainedDelegationLock ipa -# Protect /ipa with Kerberos -<Location "/ipa"> +# Protect UI login url with Kerberos +<Location "/ipa/login"> + AuthType Kerberos + AuthName "Kerberos Login" + KrbMethodNegotiate on + KrbMethodK5Passwd off + KrbServiceName HTTP + KrbAuthRealms $REALM + Krb5KeyTab /etc/httpd/conf/ipa.keytab + KrbSaveCredentials on + KrbConstrainedDelegation on + Require valid-user + ErrorDocument 401 /ipa/errors/unauthorized.html +</Location> + +# Protect xmlrpc url with Kerberos +<Location "/ipa/xml"> AuthType Kerberos AuthName "Kerberos Login" KrbMethodNegotiate on |