doc: GssapiLocalName should be off

2019-10-10 12:54:26 +00:00 · 2019-10-10 12:54:26 +00:00 · 5629ff59a0
commit 5629ff59a0
parent 7b60e0e7eb
2 changed files with 1 additions and 20 deletions
--- a/docs/source/server_howto.rst
+++ b/docs/source/server_howto.rst
@ -588,7 +588,6 @@ Configuration Files
 * ``/etc/httpd/conf/httpd.conf``
 * ``/etc/httpd/conf.d/kojihub.conf``
 * ``/etc/httpd/conf.d/ssl.conf`` (when using ssl auth)
-* ``/etc/krb5.conf`` (when using GSSAPI auth)

 Install koji-hub
 ----------------
@ -653,24 +652,6 @@ options should point to where the certificates are located on the hub.
    #  https://bugs.python.org/issue34670
    SSLProtocol TLSv1.2

-/etc/krb5.conf
-^^^^^^^^^^^^^^
-
-If Apache's mod_auth_gssapi is enabled on hub, ``auth_to_local`` rules should
-be configured as below.
-
-::
-
-    [realms]
-      EXAMPLE.COM = {
-        ...
-        auth_to_local = RULE:[1:$1@$0](.*@OTHER\.COM)s/@.*/@EXAMPLE.COM/
-        auth_to_local = RULE:[1:$1@$0](.*@EXAMPLE\.COM)
-        auth_to_local = RULE:[2:$1/$2@$0](.*@OTHER\.COM)s/@.*/@EXAMPLE.COM/
-        auth_to_local = RULE:[2:$1/$2@$0](.*@EXAMPLE\.COM)
-        ...
-      }
-
 /etc/koji-hub/hub.conf
 ^^^^^^^^^^^^^^^^^^^^^^

--- a/hub/httpd.conf
+++ b/hub/httpd.conf
@ -60,7 +60,7 @@ Alias /kojifiles "/mnt/koji/"
 # <Location /kojihub/ssllogin>
 #         AuthType GSSAPI
 #         GssapiSSLonly Off
-#         GssapiLocalName On
+#         GssapiLocalName Off
 #         AuthName "GSSAPI Single Sign On Login"
 #         GssapiCredStore keytab:/etc/koji.keytab
 #         Require valid-user