Fixes with auth..
This commit is contained in:
parent
4d4311f4f2
commit
6cf7a3d590
GPG key ID:
5E8401339C7F5037
3 changed files with 15 additions and 10 deletions
|
|
@ -4,6 +4,7 @@ class soc::intelmq(
|
|||
Optional[String] $tls_key = undef,
|
||||
String $servername = $facts['networking']['fqdn'],
|
||||
Boolean $use_snakeoil = false,
|
||||
String $apache_group = 'sunet-cert',
|
||||
) {
|
||||
include sunet::systemd_reload
|
||||
|
||||
|
|
|
|||
|
|
@ -31,9 +31,9 @@
|
|||
# Default set to value of proxy.
|
||||
|
||||
class soc::sso(
|
||||
String $ssotype = "docker",
|
||||
Optional[String] $hostname = undef,
|
||||
String $email = "cert@cert.sunet.se",
|
||||
String $ssotype = 'docker',
|
||||
String $hostname = $facts['networking']['fqdn'],
|
||||
String $email = 'cert@cert.sunet.se',
|
||||
Optional[String] $service_endpoint = undef,
|
||||
Array $groups = ['PLACEHOLDER'],
|
||||
Array $passthrough = [],
|
||||
|
|
|
|||
|
|
@ -33,6 +33,17 @@
|
|||
SSLSessionTickets off
|
||||
Header always set Strict-Transport-Security "max-age=63072000"
|
||||
|
||||
<IfModule mod_shib.c>
|
||||
<Location />
|
||||
AuthType shibboleth
|
||||
ShibRequestSetting requireSession On
|
||||
ShibUseHeaders On
|
||||
|
||||
AuthGroupFile /etc/apache2/groups.txt
|
||||
Require group <%= @apache_group %>
|
||||
</Location>
|
||||
</IfModule>
|
||||
|
||||
<IfModule mod_proxy.c>
|
||||
ProxyRequests Off
|
||||
<Location "/api">
|
||||
|
|
@ -58,13 +69,6 @@
|
|||
|
||||
Alias /intelmq-manager /opt/intelmq/www/intelmq-manager
|
||||
<Directory /opt/intelmq/www/intelmq-manager>
|
||||
# AuthType Basic
|
||||
# AuthName "IntelMQ"
|
||||
# AuthBasicProvider file
|
||||
# AuthUserFile /etc/apache2/htpasswd
|
||||
# Require user sunetcert
|
||||
Require all granted
|
||||
|
||||
<IfModule mod_headers.c>
|
||||
Header set Content-Security-Policy "script-src 'self'"
|
||||
Header set X-Content-Security-Policy "script-src 'self'"
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue