source: trunk/LATMOS-Accounts-Web/apache/proxy.conf @ 1965

Last change on this file since 1965 was 888, checked in by nanardon, 12 years ago
  • allow ssl login, match user using email address, this still allow basic authentication
  • Property svn:keywords set to Id
File size: 1.2 KB
Line 
1<IfModule mod_proxy.c>
2        <Proxy *>
3        Order deny,allow
4        Allow from all
5        </Proxy>
6
7        # ReverseProxy
8        ProxyRequests Off
9        ProxyPass /phpldapadmin !
10        ProxyPass / http://localhost:4000/
11        ProxyPassReverse / http://localhost:4000/
12
13        RequestHeader set REMOTE_USER %{REMOTE_USER}e env=REMOTE_USER
14        RequestHeader set SSL_CLIENT_S_DN %{SSL_CLIENT_S_DN}s
15        RequestHeader set SSL_CLIENT_S_DN_Email %{SSL_CLIENT_S_DN_Email}s
16</IfModule>
17
18<IfModule mod_cache.c>
19        CacheDisable /
20</IfModule>
21
22<Location />
23Satisfy              any
24
25SSLVerifyClient      optional
26SSLVerifyDepth       2
27SSLOptions           +FakeBasicAuth +StdEnvVars
28#SSLOptions           +FakeBasicAuth +StrictRequire +StdEnvVars
29#SSLRequire           %{SSL_CLIENT_S_DN_OU} == "UMR8190" and %{SSL_CLIENT_S_DN_O} == "CNRS"
30
31#AuthType             basic
32#AuthName             "Protected Intranet Area"
33#AuthzLDAPMethod ldap
34#AuthzLDAPServer "ldap.aero.jussieu.fr"
35#AuthzLDAPMapBase dc=latmos,dc=ipsl,dc=fr
36#AuthzLDAPUserScope subtree
37#AuthzLDAPUserBase dc=latmos,dc=ipsl,dc=fr
38#AuthzLDAPUserKey uid
39#AuthzLDAPRoleAttributeName uid
40#AuthzLDAPMapUserToAttr      uid
41#AuthzLDAPSetGroupAuth       map
42#AuthzLDAPMemberKey          memberUid
43#Require valid-user
44
45Allow from all
46</Location>
Note: See TracBrowser for help on using the repository browser.