[Freeipa-devel] [PATCH] make testing easier
Rob Crittenden
rcritten at redhat.com
Thu Sep 27 14:06:12 UTC 2007
Karl MacMillan wrote:
> On Tue, 2007-09-25 at 09:12 -0400, Rob Crittenden wrote:
>> Simo is having problems with his Apache server seemingly not doing
>> ticket forwarding but only for mod_python. In trying to help him
>> diagnose this it became very apparent that even this low-level testing
>> was difficult to setup.
>>
>> I've redone ipa.conf to not require Kerberos for the / but instead just
>> target it for the things we use (plus /cgi-bin for good measure).
>>
>
> Is this the right approach or should we have specific urls for testing /
> error. I don't think I understand the changes well enough to assess the
> risks.
I don't understand. Isn't /ipatest a specific url for testing? I was
thinking this would be disabled by default.
We need a specific url for errors because it needs to be unauthenticated
(so the user has a place to go on the same machine if their auth fails).
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20070927/f2ee2eff/attachment.bin>
More information about the Freeipa-devel
mailing list