4edb611792
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1428194 13f79535-47bb-0310-9956-ffa450edef68
92 lines
2.7 KiB
Bash
Executable file
92 lines
2.7 KiB
Bash
Executable file
#!/bin/sh
|
|
|
|
# Licensed to the Apache Software Foundation (ASF) under one
|
|
# or more contributor license agreements. See the NOTICE file
|
|
# distributed with this work for additional information
|
|
# regarding copyright ownership. The ASF licenses this file
|
|
# to you under the Apache License, Version 2.0 (the
|
|
# "License"); you may not use this file except in compliance
|
|
# with the License. You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing,
|
|
# software distributed under the License is distributed on an
|
|
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
# KIND, either express or implied. See the License for the
|
|
# specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
# Generate an OpenID server conf
|
|
here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here`
|
|
mkdir -p $1
|
|
root=`echo "import os; print os.path.realpath('$1')" | python`
|
|
|
|
conf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-conf"`
|
|
host=`echo $conf | awk '{ print $6 }'`
|
|
openid_prefix=`cat $here/openid.prefix`
|
|
|
|
sslconf=`cat $root/conf/httpd.conf | grep "# Generated by: httpd-ssl-conf"`
|
|
if [ "$sslconf" = "" ]; then
|
|
sslsuffix=""
|
|
else
|
|
sslsuffix="-ssl"
|
|
fi
|
|
|
|
if [ "$2" = "" ]; then
|
|
providers="file"
|
|
else
|
|
providers="file $2"
|
|
fi
|
|
|
|
# Configure HTTPD mod_auth_openid module
|
|
cat >>$root/conf/modules.conf <<EOF
|
|
# Generated by: openid-conf $*
|
|
# Load support for OpenID authentication
|
|
LoadModule authopenid_module $openid_prefix/modules/mod_auth_openid.so
|
|
|
|
EOF
|
|
|
|
# Disallow public access to server resources
|
|
cat >$root/conf/noauth$sslsuffix.conf <<EOF
|
|
# Generated by: openid-auth-conf $*
|
|
# Disallow public access to server resources
|
|
|
|
EOF
|
|
|
|
# Configure OpenID authentication
|
|
cat >>$root/conf/locauth$sslsuffix.conf <<EOF
|
|
# Generated by: openid-conf $*
|
|
# Enable OpenID authentication
|
|
<Location />
|
|
AuthType Open
|
|
AuthName "$host"
|
|
#AuthOpenIDProvider socache $providers
|
|
#AuthnCacheProvideFor $providers
|
|
#AuthnCacheContext /
|
|
Require valid-user
|
|
AuthOpenIDEnabled On
|
|
AuthOpenIDCookiePath /
|
|
AuthOpenIDCookieName TuscanyOpenIDAuth
|
|
AuthOpenIDLoginPage /login/
|
|
AuthOpenIDAXAdd REMOTE_USER http://axschema.org/contact/email
|
|
AuthOpenIDAXAdd EMAIL http://axschema.org/contact/email
|
|
AuthOpenIDAXAdd FULLNAME http://axschema.org/namePerson
|
|
AuthOpenIDAXAdd NICKNAME http://axschema.org/namePerson/friendly
|
|
AuthOpenIDAXAdd FIRSTNAME http://axschema.org/namePerson/first
|
|
AuthOpenIDAXAdd LASTNAME http://axschema.org/namePerson/last
|
|
</Location>
|
|
|
|
EOF
|
|
|
|
cat >>$root/conf/pubauth$sslsuffix.conf <<EOF
|
|
# Generated by: openid-conf $*
|
|
# Allow public access to /openid location
|
|
<Location /openid>
|
|
AuthType None
|
|
Session Off
|
|
Require all granted
|
|
</Location>
|
|
|
|
EOF
|
|
|