From fd68ed866dc21d8ce558a5af4ba0c33a0099ca66 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Johan=20Bj=C3=B6rklund?= <bjorklund@sunet.se>
Date: Wed, 20 Nov 2024 14:08:29 +0100
Subject: [PATCH] Fixes with auth..

---
 .../soc/templates/intelmq/intelmq-vhost.conf.erb   | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/global/overlay/etc/puppet/modules/soc/templates/intelmq/intelmq-vhost.conf.erb b/global/overlay/etc/puppet/modules/soc/templates/intelmq/intelmq-vhost.conf.erb
index 1a27a9b..11738b7 100644
--- a/global/overlay/etc/puppet/modules/soc/templates/intelmq/intelmq-vhost.conf.erb
+++ b/global/overlay/etc/puppet/modules/soc/templates/intelmq/intelmq-vhost.conf.erb
@@ -69,6 +69,20 @@
 
         Alias /intelmq-manager /opt/intelmq/www/intelmq-manager
         <Directory /opt/intelmq/www/intelmq-manager> 
+        <IfModule mod_shib.c>
+          <Location />
+            AuthType shibboleth
+            ShibRequestSetting requireSession On
+            ShibUseHeaders On
+
+            AuthGroupFile /etc/apache2/groups.txt
+            Require group <%= @apache_group %>
+          </Location>
+        </IfModule>
+        <IfModule !mod_shib.c>
+          Require all granted
+        </IfModule>
+
             <IfModule mod_headers.c>
                     Header set Content-Security-Policy "script-src 'self'"
                     Header set X-Content-Security-Policy "script-src 'self'"