aboutsummaryrefslogtreecommitdiffstats
path: root/upstream/odl-aaa-moon/aaa/commons/federation/my_app.conf.example
diff options
context:
space:
mode:
authorTrevor Bramwell <tbramwell@linuxfoundation.org>2016-09-12 11:06:56 -0700
committerTrevor Bramwell <tbramwell@linuxfoundation.org>2016-09-12 11:07:49 -0700
commitcf864337c13b4638c588badf3f589f9e39318c95 (patch)
treede6f96976a0e8986abd3176026790c2e33272bc5 /upstream/odl-aaa-moon/aaa/commons/federation/my_app.conf.example
parent42357cd33b44b22dbebec8cdecdb29b9d76e5f99 (diff)
Move ODL-AAA-MOON under 'upstream' Directory
Change-Id: Ie010fbe3899e151421940908dbe8675aade54e2d Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Diffstat (limited to 'upstream/odl-aaa-moon/aaa/commons/federation/my_app.conf.example')
-rw-r--r--upstream/odl-aaa-moon/aaa/commons/federation/my_app.conf.example31
1 files changed, 31 insertions, 0 deletions
diff --git a/upstream/odl-aaa-moon/aaa/commons/federation/my_app.conf.example b/upstream/odl-aaa-moon/aaa/commons/federation/my_app.conf.example
new file mode 100644
index 00000000..71c8ad87
--- /dev/null
+++ b/upstream/odl-aaa-moon/aaa/commons/federation/my_app.conf.example
@@ -0,0 +1,31 @@
+LoadModule lookup_identity_module modules/mod_lookup_identity.so
+
+<Location "/*">
+ AuthType Kerberos
+ AuthName "Kerberos Login"
+ KrbMethodNegotiate On
+ KrbMethodK5Passwd on
+ KrbAuthRealms EXAMPLE.COM
+ Krb5KeyTab /etc/krb5.keytab
+ require valid-user
+</Location>
+
+
+<LocationMatch "/*">
+
+ RequestHeader set X-SSSD-REMOTE_USER expr=%{REMOTE_USER}
+ RequestHeader set X-SSSD-AUTH_TYPE expr=%{AUTH_TYPE}
+ RequestHeader set X-SSSD-REMOTE_HOST expr=%{REMOTE_HOST}
+ RequestHeader set X-SSSD-REMOTE_ADDR expr=%{REMOTE_ADDR}
+ LookupUserAttr mail REMOTE_USER_EMAIL
+ RequestHeader set X-SSSD-REMOTE_USER_EMAIL %{REMOTE_USER_EMAIL}e
+ LookupUserAttr givenname REMOTE_USER_FIRSTNAME
+ RequestHeader set X-SSSD-REMOTE_USER_FIRSTNAME %{REMOTE_USER_FIRSTNAME}e
+ LookupUserAttr sn REMOTE_USER_LASTNAME
+ RequestHeader set X-SSSD-REMOTE_USER_LASTNAME %{REMOTE_USER_LASTNAME}e
+ LookupUserGroups REMOTE_USER_GROUPS ":"
+ RequestHeader set X-SSSD-REMOTE_USER_GROUPS %{REMOTE_USER_GROUPS}e
+</LocationMatch>
+
+ProxyPass / http://localhost:8383/
+ProxyPassReverse / http://localhost:8383/