Ok...
My python skills are almost non-existing.. so that will probably not be me...
When doing the kerberos implementation.. do you have the commands for generating the
keytab file??
----- Original meddelelse -----
Fra: "Pavel Raiskup" <praiskup(a)redhat.com>
Til: "copr-devel" <copr-devel(a)lists.fedorahosted.org>
Cc: "mj" <mj(a)casalogic.dk>
Sendt: onsdag, 16. november 2016 11:40:27
Emne: | Re: Kerberos authentication example
On Wednesday, November 16, 2016 11:20:48 AM CET Martin Juhl wrote:
Hi Pavel
Thanks a lot, I'll try to get it working...
Is there any plan to add basic LDAP/AD support.. maybe SSSD enabled??..
or maybe just a hack?
I have some customers where the Kerberos solution doesn't really fit...
That is probably something we don't urgently need ATM, so there's been no
motivation to implement that so far.
But OTOH, if someone motivated enough implemented this (an non-intrusive
way) - I don't think there would be a problem to review and include
(correct me if I'm wrong) such patch.
Pavel
/Martin
----- Original meddelelse -----
Fra: "Pavel Raiskup" <praiskup(a)redhat.com>
Til: "copr-devel" <copr-devel(a)lists.fedorahosted.org>
Cc: "mj" <mj(a)casalogic.dk>
Sendt: onsdag, 16. november 2016 10:56:49
Emne: | Re: Kerberos authentication example
Hi Martin,
On Wednesday, November 16, 2016 10:08:14 AM CET Martin Juhl wrote:
> Miroslav has told me that Pavel Raiskup is using Kerberos authentication
> on his Copr installation..
yes
> Is it possible to see the configuration for the kerberos
> authentication.. both in copr.conf and for apache??
For copr conf we use:
https://pagure.io/copr/copr/blob/0308c229a6b41c26a28ddda1664918d4fc22f148...
And for Apache:
<Location "/krb5_login/redhat/">
AuthType Kerberos
AuthName "Red Hat Kerberos Credentials"
KrbMethodNegotiate on
KrbMethodK5Passwd on
KrbServiceName HTTP
KrbAuthRealms
REDHAT.COM
Krb5Keytab /etc/httpd/conf/httpd.keytab
KrbSaveCredentials off
Require valid-user
</Location>
There's a plan to have the configuration public, but we are not yet there.
Pavel
_______________________________________________
copr-devel mailing list -- copr-devel(a)lists.fedorahosted.org
To unsubscribe send an email to copr-devel-leave(a)lists.fedorahosted.org
_______________________________________________
copr-devel mailing list -- copr-devel(a)lists.fedorahosted.org
To unsubscribe send an email to copr-devel-leave(a)lists.fedorahosted.org
_______________________________________________
copr-devel mailing list -- copr-devel(a)lists.fedorahosted.org
To unsubscribe send an email to copr-devel-leave(a)lists.fedorahosted.org