IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Change session handling

Browse Source 
Stop using memcache, use mod_auth_gssapi filesystem based ccaches.
Remove custom session handling, use mod_auth_gssapi and mod_session to
establish and keep a session cookie.
Add loopback to mod_auth_gssapi to do form absed auth and pass back a
valid session cookie.
And now that we do not remove ccaches files to move them to the
memcache, we can avoid the risk of pollutting the filesystem by keeping
a common ccache file for all instances of the same user.

https://fedorahosted.org/freeipa/ticket/5959

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
This commit is contained in:
Simo Sorce
2016-08-19 09:23:55 -04:00
committed by Jan Cholasta
parent 11ef2cacbf
commit c894ebefc5
25 changed files with 172 additions and 1572 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
init/Makefile.am
View File

@@ -8,13 +8,7 @@ dist_sysconfenv_DATA = \
ipa-dnskeysyncd \
ipa-ods-exporter
nodist_sysconfenv_DATA = \
ipa_memcached
CLEANFILES = $(nodist_sysconfenv_DATA)
dist_noinst_DATA = \
ipa_memcached.in
%: %.in Makefile
sed -e 's|@localstatedir[@]|$(localstatedir)|g' '$(srcdir)/$@.in' >$@

5
init/ipa_memcached.in
View File

@@ -1,5 +0,0 @@
SOCKET_PATH=@localstatedir@/run/ipa_memcached/ipa_memcached
USER=apache
MAXCONN=1024
CACHESIZE=64
OPTIONS=

2
init/systemd/Makefile.am
View File

@@ -4,12 +4,10 @@ AUTOMAKE_OPTIONS = 1.7
dist_noinst_DATA = \
ipa-custodia.service.in \
ipa_memcached.service.in \
ipa.service.in
systemdsystemunit_DATA = \
ipa-custodia.service \
ipa_memcached.service \
ipa.service
CLEANFILES = $(systemdsystemunit_DATA)

12
init/systemd/ipa_memcached.service.in
View File

@@ -1,12 +0,0 @@
[Unit]
Description=IPA memcached daemon, increases IPA server performance
After=network.target
[Service]
Type=forking
EnvironmentFile=@sysconfenvdir@/ipa_memcached
PIDFile=@localstatedir@/run/ipa_memcached/ipa_memcached.pid
ExecStart=@bindir@/memcached -d -s $SOCKET_PATH -u $USER -m $CACHESIZE -c $MAXCONN -P @localstatedir@/run/ipa_memcached/ipa_memcached.pid $OPTIONS
[Install]
WantedBy=multi-user.target

1
init/tmpfilesd/ipa.conf.in
View File

@@ -1,4 +1,3 @@
d @localstatedir@/run/ipa_memcached 0700 apache apache
d @localstatedir@/run/ipa 0700 root root
d @localstatedir@/run/httpd/ipa 0700 apache apache
d @localstatedir@/run/httpd/ipa/clientcaches 0700 apache apache