Last change
on this file since 1252 was
888,
checked in by nanardon, 12 years ago
|
- allow ssl login, match user using email address, this still allow basic authentication
|
-
Property svn:keywords set to
Id
|
File size:
1.2 KB
|
Line | |
---|
1 | <IfModule mod_proxy.c> |
---|
2 | <Proxy *> |
---|
3 | Order deny,allow |
---|
4 | Allow from all |
---|
5 | </Proxy> |
---|
6 | |
---|
7 | # ReverseProxy |
---|
8 | ProxyRequests Off |
---|
9 | ProxyPass /phpldapadmin ! |
---|
10 | ProxyPass / http://localhost:4000/ |
---|
11 | ProxyPassReverse / http://localhost:4000/ |
---|
12 | |
---|
13 | RequestHeader set REMOTE_USER %{REMOTE_USER}e env=REMOTE_USER |
---|
14 | RequestHeader set SSL_CLIENT_S_DN %{SSL_CLIENT_S_DN}s |
---|
15 | RequestHeader set SSL_CLIENT_S_DN_Email %{SSL_CLIENT_S_DN_Email}s |
---|
16 | </IfModule> |
---|
17 | |
---|
18 | <IfModule mod_cache.c> |
---|
19 | CacheDisable / |
---|
20 | </IfModule> |
---|
21 | |
---|
22 | <Location /> |
---|
23 | Satisfy any |
---|
24 | |
---|
25 | SSLVerifyClient optional |
---|
26 | SSLVerifyDepth 2 |
---|
27 | SSLOptions +FakeBasicAuth +StdEnvVars |
---|
28 | #SSLOptions +FakeBasicAuth +StrictRequire +StdEnvVars |
---|
29 | #SSLRequire %{SSL_CLIENT_S_DN_OU} == "UMR8190" and %{SSL_CLIENT_S_DN_O} == "CNRS" |
---|
30 | |
---|
31 | #AuthType basic |
---|
32 | #AuthName "Protected Intranet Area" |
---|
33 | #AuthzLDAPMethod ldap |
---|
34 | #AuthzLDAPServer "ldap.aero.jussieu.fr" |
---|
35 | #AuthzLDAPMapBase dc=latmos,dc=ipsl,dc=fr |
---|
36 | #AuthzLDAPUserScope subtree |
---|
37 | #AuthzLDAPUserBase dc=latmos,dc=ipsl,dc=fr |
---|
38 | #AuthzLDAPUserKey uid |
---|
39 | #AuthzLDAPRoleAttributeName uid |
---|
40 | #AuthzLDAPMapUserToAttr uid |
---|
41 | #AuthzLDAPSetGroupAuth map |
---|
42 | #AuthzLDAPMemberKey memberUid |
---|
43 | #Require valid-user |
---|
44 | |
---|
45 | Allow from all |
---|
46 | </Location> |
---|
Note: See
TracBrowser
for help on using the repository browser.