From 5629ff59a02054c87df640eccbf2539eb04faed8 Mon Sep 17 00:00:00 2001
From: Yu Ming Zhu <yzhu@redhat.com>
Date: Thu, 10 Oct 2019 12:54:26 +0000
Subject: [PATCH] doc: GssapiLocalName should be off

---
 docs/source/server_howto.rst | 19 -------------------
 hub/httpd.conf               |  2 +-
 2 files changed, 1 insertion(+), 20 deletions(-)

diff --git a/docs/source/server_howto.rst b/docs/source/server_howto.rst
index a897959d..b070b946 100644
--- a/docs/source/server_howto.rst
+++ b/docs/source/server_howto.rst
@@ -588,7 +588,6 @@ Configuration Files
 * ``/etc/httpd/conf/httpd.conf``
 * ``/etc/httpd/conf.d/kojihub.conf``
 * ``/etc/httpd/conf.d/ssl.conf`` (when using ssl auth)
-* ``/etc/krb5.conf`` (when using GSSAPI auth)
 
 Install koji-hub
 ----------------
@@ -653,24 +652,6 @@ options should point to where the certificates are located on the hub.
     #  https://bugs.python.org/issue34670
     SSLProtocol TLSv1.2
 
-/etc/krb5.conf
-^^^^^^^^^^^^^^
-
-If Apache's mod_auth_gssapi is enabled on hub, ``auth_to_local`` rules should
-be configured as below.
-
-::
-
-    [realms]
-      EXAMPLE.COM = {
-        ...
-        auth_to_local = RULE:[1:$1@$0](.*@OTHER\.COM)s/@.*/@EXAMPLE.COM/
-        auth_to_local = RULE:[1:$1@$0](.*@EXAMPLE\.COM)
-        auth_to_local = RULE:[2:$1/$2@$0](.*@OTHER\.COM)s/@.*/@EXAMPLE.COM/
-        auth_to_local = RULE:[2:$1/$2@$0](.*@EXAMPLE\.COM)
-        ...
-      }
-
 /etc/koji-hub/hub.conf
 ^^^^^^^^^^^^^^^^^^^^^^
 
diff --git a/hub/httpd.conf b/hub/httpd.conf
index 9df9dd45..208a29c9 100644
--- a/hub/httpd.conf
+++ b/hub/httpd.conf
@@ -60,7 +60,7 @@ Alias /kojifiles "/mnt/koji/"
 # <Location /kojihub/ssllogin>
 #         AuthType GSSAPI
 #         GssapiSSLonly Off
-#         GssapiLocalName On
+#         GssapiLocalName Off
 #         AuthName "GSSAPI Single Sign On Login"
 #         GssapiCredStore keytab:/etc/koji.keytab
 #         Require valid-user