HCoop / hcoop / domtool2.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
mod_auth_kerb: Enabled KDC Verification and Negotiate
[hcoop/domtool2.git] / src / plugins / apache.sml
diff --git a/src/plugins/apache.sml b/src/plugins/apache.sml
index 35bd070..29fdf05 100644 (file)
--- a/src/plugins/apache.sml
+++ b/src/plugins/apache.sml
@@ -874,7 +874,7 @@ val () = Env.action_one "authType"
                  write "\n";
                  case ty of
                      "kerberos" => 
-                     write "\tKrbMethodNegotiate off\n\tKrbMethodK5Passwd on\n\tKrbVerifyKDC off\n\tKrbAuthRealms HCOOP.NET\n\tKrbSaveCredentials on\n"
+                     write "\tKrbServiceName apache2\n\tKrb5Keytab /etc/keytabs/service/apache\n\tKrbMethodNegotiate on\n\tKrbMethodK5Passwd on\n\tKrbVerifyKDC on\n\tKrbAuthRealms HCOOP.NET\n\tKrbSaveCredentials on\n"
                    | _ => ())
             else
                 print "WARNING: Skipped Kerberos authType because this isn't an SSL vhost.\n")
@@ -1129,7 +1129,7 @@ val () = Env.action_one "sslCertificateChainFile"
                 print "WARNING: Skipped sslCertificateChainFile because this isn't an SSL vhost.\n")
 
 val () = Domain.registerResetLocal (fn () =>
-                                      ignore (OS.Process.system (Config.rm ^ " -rf /var/domtool/vhosts/*")))
+                                      ignore (OS.Process.system (Config.rm ^ " -rf " ^ Config.Apache.confDir ^ "/*")))
 
 val () = Domain.registerDescriber (Domain.considerAll
                                   [Domain.Extension {extension = "vhost",
Unnamed repository; edit this file to name it for gitweb.