Created
May 2, 2014 08:36
-
-
Save zaccone/b729b85f305996dfa867 to your computer and use it in GitHub Desktop.
Sample federated-keystone vhost configuration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
WSGISocketPrefix /var/run/apache2 | |
<VirtualHost *:443> | |
WSGIScriptAliasMatch ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ /var/www/keystone/main/$1 | |
WSGIScriptAlias / /var/www/keystone/main | |
WSGIDaemonProcess keystone-public user=stack group=stack processes=3 threads=10 home=/opt/stack/keystone | |
WSGIApplicationGroup %{GLOBAL} | |
WSGIProcessGRoup keystone-public | |
ErrorLog /var/log/apache2/keystone | |
LogLevel debug | |
CustomLog /var/log/apache2/access.log combined | |
SSLEngine on | |
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem | |
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key | |
</VirtualHost> | |
Listen 35357 | |
<VirtualHost *:35357> | |
WSGIScriptAlias / /var/www/keystone/admin | |
WSGIDaemonProcess keystone-admin user=stack group=stack processes=3 threads=10 home=/opt/stack/keystone | |
WSGIApplicationGroup %{GLOBAL} | |
WSGIProcessGRoup keystone-admin | |
ErrorLog /var/log/apache2/keystone | |
LogLevel debug | |
CustomLog /var/log/apache2/access.log combined | |
</VirtualHost> | |
<Location /Shibboleth.sso> | |
SetHandler shib | |
</Location> | |
<LocationMatch /v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth> | |
ShibRequestSetting requireSession 1 | |
########################################################## | |
#SSLRequireSSL # The modules only work using HTTPS | |
AuthType shibboleth | |
ShibRequireSession On | |
ShibRequireAll On | |
ShibExportAssertion Off | |
Require valid-user | |
#Require ADFS_GROUP "Some Users Group" "Some Other Users Group" | |
########################################################## | |
</LocationMatch> | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment