Univention Bugzilla – Bug 48348
Allow inclusion of additional configuration files for SSO virtualhost
Last modified: 2019-03-30 07:54:27 CET
The UCS default apache configuration can be extended by placing files in /etc/apache2/ucs-sites.conf.d/, these get included with an IncludeOptional statement in/etc/apache2/sites-available/000-default.conf and default-ssl.conf. There is currently no way to extend the single sign on VirtualHost configuration in a similar way. Additional software should have an easy way to be added to the VirtualHost, e.g. the OpenID Connect provider. An IncludeOptional Statement will be added to univention-saml.conf
fc58260b Include additional configuration files from /etc/apache2/sso-vhost.conf.d in saml virtualhost config Package: univention-saml Version: 5.0.4-30A~4.3.0.201812131559 Branch: ucs_4.3-0 Scope: errata4.3-3 9138d5a2 yaml
4a2cd9dbbc Bug #48348: univention-saml 5.0.4-30A~4.3.0.201812131559--- doc/errata/staging/univention-saml.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) This update addresses the following [-issue(s):-]{+issue:+} * The univention-saml [-apache2-]{+Apache2+} VirtualHost configuration can now be extended by placing .conf files in the directory /etc/apache2/sso-vhost.conf.d/
Including sso-vhost.conf.d/*.conf into the non vhost config (the fqdn instead of ucs-sso is used for saml) might be a problem for some options. But I don't see an easy solution for that nor is it a problem at the moment. Config used for testing: ''' <Location "/secure"> AuthType basic AuthName "private area" AuthUserFile "/etc/apache2/test" Require valid-user </Location> ''' What I tested: Added config to /etc/apache2/sso-vhost.conf.d and restart apache -> OK "curl http://ucs-sso.univention.intranet/secure" asks for creds -> OK "curl https://ucs-sso.univention.intranet/secure" asks for creds -> OK ucs-test/82_saml/04_saml_login -> OK Removed config and restart apache -> OK ucs-test/82_saml/04_saml_login -> OK YAML -> OK Code in 4.4-0 -> OK
<http://errata.software-univention.de/ucs/4.3/406.html>