projects / cascardo / ipsilon.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Change references to authkrb plugin to authgssapi
[cascardo/ipsilon.git] / examples / apache.conf
diff --git a/examples/apache.conf b/examples/apache.conf
index 19ebb0d..cacbf70 100644 (file)
--- a/examples/apache.conf
+++ b/examples/apache.conf
@@ -3,20 +3,16 @@ WSGIScriptAlias /idp /usr/libexec/ipsilon.py
 WSGIDaemonProcess idp maximum-requests=2 user=ipsilon group=ipsilon
 WSGIProcessGroup idp
 
-<Location /idp/login/krb/negotiate>
-  AuthType Kerberos
-  AuthName "Kerberos Login"
-  KrbMethodNegotiate on
-  KrbMethodK5Passwd off
-  KrbServiceName HTTP
-  KrbAuthRealms IPA.DEV.LAN
-  Krb5KeyTab /etc/httpd/conf/http.keytab
-  KrbSaveCredentials off
-  KrbConstrainedDelegation off
-  KrbLocalUserMapping On
+<Location /idp/login/gssapi/negotiate>
+  AuthType GSSAPI
+  AuthName "GSSAPI Single Sign On Login"
+  GssapiCredStore /etc/httpd/conf/http.keytab
+  GssapiSSLonly On
+  GssapiLocalName on
   Require valid-user
 
-  ErrorDocument 401 /idp/login/krb/unauthorized
+  ErrorDocument 401 /idp/login/gssapi/unauthorized
+  ErrorDocument 500 /idp/login/gssapi/failed
 </Location>
 
 <Directory /usr/libexec>
Unnamed repository; edit this file 'description' to name the repository.