From c5abfa216d18d374e493fd309a1f4748af094e50 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Mon, 24 Sep 2012 23:40:27 +0200 Subject: Use GSSAPI authentication for the WebPanel service. --- config.in | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) (limited to 'config.in') diff --git a/config.in b/config.in index c2011d1..da19ad1 100644 --- a/config.in +++ b/config.in @@ -1,9 +1,7 @@ # This is the custom configuration for the Fripost Administration Panel, # which takes precedence over the default configuration in 'default.in'. - -# TODO: The secure flag should be left on on HTTPS connections. -secure_cookie = 0 +secure_cookie = 1 # Where the error reports should be sent to. report_email = admin@fripost.org @@ -14,9 +12,14 @@ default_realm = fripost.org # The LDAP suffix that will be appended to bind and search DN:s. ldap_suffix = ou=virtual,o=mailHosting,dc=fripost,dc=dev -# TODO: This should be replaced with a Keberos ticket. -ldap_authcID = AdminWebPanel@fripost.org -ldap_authcPW = panel +# The authentication ID for SASL binds. This has to be a kerberos +# principal, and a ticket has to be cached for the user running the +# program. +krb5_principal = AdminWebPanel/fripost.org@FRIPOST.ORG + +# The hostname associated with the 'ldap/...' principal. (Probably the +# fqdn of the machine running slapd). +krb5_host = gnu.friprogramvarusyndikatet.se # The minimum password length. password_min_length = 12 @@ -26,5 +29,5 @@ gpg_private_key_id = ECFA6E43 gpg_private_key_passphrase = xxxxxxxxxxxx # URL prefixes of the admin web interface for the list managers. -listurl_mailman = http://smtp.fripost.org/cgi-bin/mailman/admin/ -listurl_schleuder = http://smtp.fripost.org/ +listurl_mailman = https://lists.fripost.org/mailman/admin/ +listurl_schleuder = https://lists.fripost.org/schleuder/ -- cgit v1.2.3