[Freeipa-devel] Trying to add an apache authentication endpoint to freeipa web ui
Marc Boorshtein
marc.boorshtein at tremolosecurity.com
Mon Oct 26 01:17:01 UTC 2015
All,
I'm trying to build a new login endpoint that will create a session if
apache has already authenticated the user. I've got
ipa-server-4.1.0-18.el7.centos.4.x86_64
Installed. To add the endpoint I:
1. Added a class to
/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py with:
content_type = 'text/plain'
key = '/session/login_apache'
2. /etc/httpd/conf.d/ipa.conf adding:
<Location "/ipa/session/login_apache">
AuthType TremoloLastMile
TremoloHeaderName tremoloHeader
TremoloUidAttributeName uid
TremoloEncodedKey xxxxxxxxxxxxxxxxx
TremoloCreateHeaders On
Require valid-user
</Location>
3. Set apache's loglevel to debug
4. Restart Apache
This is on CentOS Linux release 7.1.1503 (Core). When I try to hit
/ipa/service/login_apache I get a 401. None of the debug log messages
appear in /var/log/httpd/error_log. I have a few questions:
1. Where are the debug logs? I see references to self.debug(...) but
I don't know where they go.
2. Am I on the right direction? I'm new to python w/wsgi so forgive
me if I'm missing something obvious.
Thanks
Marc Boorshtein
CTO Tremolo Security
marc.boorshtein at tremolosecurity.com
More information about the Freeipa-devel
mailing list