Philippe Caseiro
200c9c41e9
Moving to Active Directory the actual auth LDAP server The password is updated in the Samba4 directory so we need to use this one and not the OpenLDAP one
79 lines
2.7 KiB
Plaintext
79 lines
2.7 KiB
Plaintext
#========================================================================
|
|
# Apache configuration for LemonLDAP::NG Handler
|
|
#========================================================================
|
|
# This file implements the reload virtualhost that permits to reload
|
|
# configuration without restarting server, and some common instructions.
|
|
# You need then to declare this vhost in reloadUrls (in the manager
|
|
# interface if this server doesn't host the manager itself):
|
|
#
|
|
# KEY : VALUE
|
|
# host-or-IP:port : http://reload.domscribe.ac-test.fr/reload
|
|
#
|
|
# IMPORTANT:
|
|
# To protect applications, see test-apache.conf template in example files
|
|
|
|
# Uncomment this if no previous NameVirtualHost declaration
|
|
#NameVirtualHost "*:80"
|
|
|
|
# Load LemonLDAP::NG Handler
|
|
PerlOptions +GlobalRequest
|
|
PerlModule Lemonldap::NG::Handler::ApacheMP2
|
|
|
|
# Common error page and security parameters
|
|
ErrorDocument 403 https://%%authWebName/lmerror/403
|
|
ErrorDocument 404 https://%%authWebName/lmerror/404
|
|
ErrorDocument 500 https://%%authWebName/lmerror/500
|
|
ErrorDocument 502 https://%%authWebName/lmerror/502
|
|
ErrorDocument 503 https://%%authWebName/lmerror/503
|
|
|
|
<VirtualHost %%adresse_ip_eth0:443>
|
|
ServerName %%reloadWebName
|
|
|
|
SSLEngine on
|
|
SSLCertificateFile %%server_cert
|
|
SSLCertificateKeyFile %%server_key
|
|
SSLCertificateChainFile /etc/ssl/certs/ca_local.crt
|
|
SSLProtocol all -SSLv3 -SSLv2
|
|
SSLProxyEngine on
|
|
|
|
LogLevel %%lm_loglevel
|
|
|
|
ErrorLog /var/log/apache2/handler_error.log
|
|
CustomLog /var/log/apache2/handler_access.log common
|
|
# Configuration reload mechanism (only 1 per physical server is
|
|
# needed): choose your URL to avoid restarting Apache when
|
|
# configuration change
|
|
<Location /reload>
|
|
<IfVersion >= 2.3>
|
|
Require ip 127 ::1
|
|
</IfVersion>
|
|
<IfVersion < 2.3>
|
|
Order Deny,Allow
|
|
Deny from all
|
|
Allow from 127.0.0.0/8 ::1
|
|
</IfVersion>
|
|
SetHandler perl-script
|
|
PerlResponseHandler Lemonldap::NG::Handler::ApacheMP2->reload
|
|
</Location>
|
|
|
|
# Uncomment this to activate status module
|
|
#<Location /status>
|
|
# <IfVersion >= 2.3>
|
|
# Require ip 127 ::1
|
|
# </IfVersion>
|
|
# <IfVersion < 2.3>
|
|
# Order Deny,Allow
|
|
# Deny from all
|
|
# Allow from 127.0.0.0/8 ::1
|
|
# </IfVersion>
|
|
# SetHandler perl-script
|
|
# PerlResponseHandler Lemonldap::NG::Handler::ApacheMP2->status
|
|
# # You may have to uncomment the next directive to skip
|
|
# # an upper PerlHeaderParserHandler directive
|
|
# #PerlHeaderParserHandler Apache2::Const::DECLINED
|
|
#</Location>
|
|
|
|
# Uncomment this if site if you use SSL only
|
|
#Header set Strict-Transport-Security "max-age=15768000"
|
|
</VirtualHost>
|