X-Git-Url: https://git.hcoop.net/hcoop/zz_old/modwaklog.git/blobdiff_plain/cc810c131796c272058c3b047143ca1e89c888c1..HEAD:/README diff --git a/README b/README index b044f62..b74c4e8 100644 --- a/README +++ b/README @@ -1,3 +1,4 @@ +______________________________________________________________________________ INTRO mod_waklog is an Apache module that provides aklog-like semantics @@ -17,6 +18,44 @@ mod_waklog often is used with mod_cosign, and uses the cosign-provided krbtgt to acquire an AFS credential; this extends single signon to AFS via the web. +______________________________________________________________________________ +CONFIGURATION + +Mod_waklog understands these directives. Of these, only WaklogAFSCell +is mandatory: + +WaklogAFSCell + + Use the supplied AFS cell (required) + +WaklogEnabled + + Enable waklog on a server, location, or directory basis + +WaklogDefaultPrincipal + + Set the default principal that the server runs as; this principal + must have "l" access to every path that is served, regardless of + user credentials or WaklogLocationPrincipal directives. + +WaklogLocationPrincipal + + Set the principal on a -specific basis + +WaklogDisableTokenCache (NOT YET IMPLEMENTED) + + Ignore the token cache (-specific). This is useful for + scripts that need kerberos tickets; for example, a perl script that + uses kerberos authentication to contact a database. By supplying a + WaklogLocationPrincipal directive, mod_waklog can obtain the tickets + and tokens for the principal, but by not using the token cache the + script is assured that it will have tickets when it runs. + +WaklogUseUserTokens + + Use the requesting user tokens (from webauth) + +______________________________________________________________________________ PHASES Apache processes a request in multiple phases. @@ -38,3 +77,32 @@ acquires an afs credential for a principal in the pts group umweb:servers at phase 0, and removes this credential at phase 2; directories permitted "umweb:servers rl" will allow the stat() call to succeed. + +______________________________________________________________________________ +BUILD + +make + +Be sure the paths to apxs, include files, and libraries are correct. + +If you compiled Apache 2 with large file support, be sure to have: + + #define _LARGEFILE64_SOURCE + +in mod_waklog.c. If you run make and receive many errors about apr_off_t +being undefined, you may need to add or comment out the above line. + + +______________________________________________________________________________ +INSTALL + +Copy the ./.libs/mod_waklog.so to somewhere Apache can read and execute it. + +Add the following lines to your httpd.conf file: + + LoadModule waklog_module /path/to/mod_waklog.so + + + WaklogProtected On + +