diff options
Diffstat (limited to 'odl-aaa-moon/aaa/commons/federation/my_app.conf.example')
-rw-r--r-- | odl-aaa-moon/aaa/commons/federation/my_app.conf.example | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/odl-aaa-moon/aaa/commons/federation/my_app.conf.example b/odl-aaa-moon/aaa/commons/federation/my_app.conf.example new file mode 100644 index 00000000..71c8ad87 --- /dev/null +++ b/odl-aaa-moon/aaa/commons/federation/my_app.conf.example @@ -0,0 +1,31 @@ +LoadModule lookup_identity_module modules/mod_lookup_identity.so + +<Location "/*"> + AuthType Kerberos + AuthName "Kerberos Login" + KrbMethodNegotiate On + KrbMethodK5Passwd on + KrbAuthRealms EXAMPLE.COM + Krb5KeyTab /etc/krb5.keytab + require valid-user +</Location> + + +<LocationMatch "/*"> + + RequestHeader set X-SSSD-REMOTE_USER expr=%{REMOTE_USER} + RequestHeader set X-SSSD-AUTH_TYPE expr=%{AUTH_TYPE} + RequestHeader set X-SSSD-REMOTE_HOST expr=%{REMOTE_HOST} + RequestHeader set X-SSSD-REMOTE_ADDR expr=%{REMOTE_ADDR} + LookupUserAttr mail REMOTE_USER_EMAIL + RequestHeader set X-SSSD-REMOTE_USER_EMAIL %{REMOTE_USER_EMAIL}e + LookupUserAttr givenname REMOTE_USER_FIRSTNAME + RequestHeader set X-SSSD-REMOTE_USER_FIRSTNAME %{REMOTE_USER_FIRSTNAME}e + LookupUserAttr sn REMOTE_USER_LASTNAME + RequestHeader set X-SSSD-REMOTE_USER_LASTNAME %{REMOTE_USER_LASTNAME}e + LookupUserGroups REMOTE_USER_GROUPS ":" + RequestHeader set X-SSSD-REMOTE_USER_GROUPS %{REMOTE_USER_GROUPS}e +</LocationMatch> + +ProxyPass / http://localhost:8383/ +ProxyPassReverse / http://localhost:8383/ |