rpms / ipa

Clone
Source Code
GIT

Blame SOURCES/0078-WebUI-cert-login-Configure-name-of-parameter-used-to.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   ac7d03c67af81669700da761908f3f0de3d23372
  2.   SOURCES
  3.   0078-WebUI-cert-login-Configure-name-of-parameter-used-to.patch
Blob History Raw
ac7d03 
From 5ac1c55462297d4458d07a6ff9941170056216ef Mon Sep 17 00:00:00 2001
ac7d03 
From: David Kupka <dkupka@redhat.com>
ac7d03 
Date: Mon, 10 Apr 2017 13:11:13 +0200
ac7d03 
Subject: [PATCH] WebUI: cert login: Configure name of parameter used to pass
ac7d03 
 username
ac7d03
ac7d03 
Directive LookupUserByCertificateParamName tells mod_lookup_identity module the
ac7d03 
name of GET parameter that is used to provide username in case certificate is
ac7d03 
mapped to multiple user accounts.
ac7d03 
Without this directive login with certificate that's mapped to multiple users
ac7d03 
doesn't work.
ac7d03
ac7d03 
https://pagure.io/freeipa/issue/6860
ac7d03
ac7d03 
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
ac7d03 
---
ac7d03 
 install/conf/ipa.conf | 1 +
ac7d03 
 1 file changed, 1 insertion(+)
ac7d03
ac7d03 
diff --git a/install/conf/ipa.conf b/install/conf/ipa.conf
ac7d03 
index e1f1a581b4e8a91b899bcf165ca81f266fa9e516..75c122e6c94b941c278d724add84315753082531 100644
ac7d03 
--- a/install/conf/ipa.conf
ac7d03 
+++ b/install/conf/ipa.conf
ac7d03 
@@ -117,6 +117,7 @@ Alias /ipa/session/cookie "/usr/share/ipa/gssapi.login"
ac7d03 
   NSSVerifyClient require
ac7d03 
   NSSUserName SSL_CLIENT_CERT
ac7d03 
   LookupUserByCertificate On
ac7d03 
+  LookupUserByCertificateParamName "username"
ac7d03 
   WSGIProcessGroup ipa
ac7d03 
   WSGIApplicationGroup ipa
ac7d03 
   GssapiImpersonate On
ac7d03 
--
ac7d03 
2.9.3
ac7d03

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation