Changeset 1235
- Timestamp:
- Oct 24, 2008, 2:24:12 PM (16 years ago)
- Location:
- trunk/packages/sipb-xen-www
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/packages/sipb-xen-www/debian/changelog
r1215 r1235 1 sipb-xen-www (3.17) unstable; urgency=low 2 3 * Add Kerberos-authenticated web interface on port 442 4 5 -- Quentin Smith <quentin@mit.edu> Fri, 24 Oct 14:22:21 -0400 6 1 7 sipb-xen-www (3.16) unstable; urgency=low 2 8 -
trunk/packages/sipb-xen-www/debian/control
r1215 r1235 9 9 Architecture: all 10 10 Depends: ${misc:Depends}, libapache2-mod-fcgid, python-flup, python-cheetah, python-simplejson, sipb-xen-database-common, sipb-xen-vnc-client, kstart, debathena-afs-config, sipb-xen-base, 11 libapache2-svn, postfix, subversion, zephyr-clients11 libapache2-svn, libapache2-mod-auth-kerb, postfix, subversion, zephyr-clients 12 12 Description: Install the sipb-xen-dev website -
trunk/packages/sipb-xen-www/files/etc/apache2/sites-available/ssl.mako
r1028 r1235 5 5 tracuri = cfg.trac.uri 6 6 %> 7 Listen 442 7 8 Listen 446 8 9 9 <VirtualHost *:443> 10 ServerAdmin ${errmail} 11 ServerName ${hostname}:443 12 10 <%def name="invirt_webinterface()"> 13 11 DocumentRoot /var/www/sipb-xen-www 14 12 <Directory /var/www/sipb-xen-www> … … 19 17 </Directory> 20 18 <Location /> 21 Require valid-user 22 AuthType SSLCert 23 AuthSSLCertVar SSL_CLIENT_S_DN_Email 24 AuthSSLCertStripSuffix "@MIT.EDU" 19 ${caller.body()} 25 20 </Location> 26 21 … … 57 52 58 53 SSLCACertificateFile ssl/mitCAclient.pem 59 SSLVerifyClient require60 54 SSLVerifyDepth 10 61 55 … … 65 59 66 60 Redirect /wiki ${tracuri} 61 </%def> 62 <VirtualHost *:443> 63 ServerAdmin ${errmail} 64 ServerName ${hostname}:443 65 <%call expr="invirt_webinterface()"> 66 Require valid-user 67 AuthType SSLCert 68 AuthSSLCertVar SSL_CLIENT_S_DN_Email 69 AuthSSLCertStripSuffix "@MIT.EDU" 70 </%call> 71 SSLVerifyClient require 72 </VirtualHost> 73 <VirtualHost *:442> 74 ServerAdmin ${errmail} 75 ServerName ${hostname}:442 76 <%call expr="invirt_webinterface()"> 77 Require valid-user 78 AuthType Kerberos 79 KrbMethodNegotiate on 80 KrbMethodK5Passwd off 81 KrbAuthoritative off 82 KrbAuthRealms ${cfg.authn[0].realm} 83 Krb5Keytab /etc/invirt/keytab 84 KrbSaveCredentials off 85 </%call> 86 SSLVerifyClient optional 67 87 </VirtualHost> 68 88
Note: See TracChangeset
for help on using the changeset viewer.