Create database upgrade framework

[cascardo/ipsilon.git] / examples / apache.conf

diff --git a/examples/apache.conf b/examples/apache.conf
index 1347916..cacbf70 100644 (file)
--- a/examples/apache.conf
+++ b/examples/apache.conf
@@ -1,26 +1,23 @@
-Alias /idp/ui /var/www/idp/ipsilon/ui
-WSGIScriptAlias /idp /var/www/idp/ipsilon/ipsilon/idpserver.py
-WSGIDaemonProcess idp python-path=/var/www/idp/ipsilon/ipsilon home=/var/www/idp/ipsilon/ipsilon maximum-requests=2 user=ipsilon group=ipsilon
+Alias /idp/ui /usr/share/ipsilon/ui
+WSGIScriptAlias /idp /usr/libexec/ipsilon.py
+WSGIDaemonProcess idp maximum-requests=2 user=ipsilon group=ipsilon
 WSGIProcessGroup idp
 
-<Location /idp/login/krb/negotiate>
-  AuthType Kerberos
-  AuthName "Kerberos Login"
-  KrbMethodNegotiate on
-  KrbMethodK5Passwd off
-  KrbServiceName HTTP
-  KrbAuthRealms IPA.DEV.LAN
-  Krb5KeyTab /etc/httpd/conf/http.keytab
-  KrbSaveCredentials off
-  KrbConstrainedDelegation off
-  KrbLocalUserMapping On
+<Location /idp/login/gssapi/negotiate>
+  AuthType GSSAPI
+  AuthName "GSSAPI Single Sign On Login"
+  GssapiCredStore /etc/httpd/conf/http.keytab
+  GssapiSSLonly On
+  GssapiLocalName on
   Require valid-user
 
-  ErrorDocument 401 /idp/login/krb/unauthorized
+  ErrorDocument 401 /idp/login/gssapi/unauthorized
+  ErrorDocument 500 /idp/login/gssapi/failed
 </Location>
 
-<Directory /idp>
+<Directory /usr/libexec>
     Order allow,deny
     Allow from all
+    Require all granted
 </Directory>