-
Notifications
You must be signed in to change notification settings - Fork 0
/
02.ssl.conf
37 lines (30 loc) · 1.32 KB
/
02.ssl.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
SSLProtocol All -SSLv2 -SSLv3
RewriteEngine on
RewriteRule ^/callback - [END]
RewriteRule ^/logout https://auth.dataporten.no/logout [R,END]
RewriteRule ^/static/style/(.*) /home/galaxy/galaxy/static/june_2007_style/blue/$1 [L]
RewriteRule ^/static/scripts/(.*) /home/galaxy/galaxy/static/scripts/packed/$1 [L]
RewriteRule ^/static/(.*) /home/galaxy/galaxy/static/$1 [L]
RewriteRule ^/favicon.ico /home/galaxy/galaxy/static/favicon.ico [L]
RewriteRule ^/robots.txt /home/galaxy/galaxy/static/robots.txt [L]
RewriteRule ^(.*) http://127.0.0.1:8080$1 [P]
# Authentication demanded for everything except /logout
<LocationMatch "^/(?!logout)">
AuthType openid-connect
Require valid-user
# LogLevel debug
</LocationMatch>
RewriteEngine on
RewriteMap dpidtoemail prg:/usr/local/bin/galaxyemailusers.py
<If "true">
RewriteEngine on
RequestHeader set REMOTE_USER %{DPID_e}e
RewriteCond %{HTTP:OIDC_CLAIM_email};%{HTTP:OIDC_CLAIM_sub};%{HTTP:Referer} ^(.*)$
RewriteRule . - [E=DPIDE:${dpidtoemail:%1|apache_auth_error}]
RequestHeader set REMOTE_USER %{DPIDE}e
# Maintenance status is set in /etc/galaxy_email_config.cfg
RewriteCond %{ENV:DPIDE} "^(.*maintenance.*)$"
RewriteRule ^(.*)$ MAINTENANCE_PAGE [R=307,END]
RewriteCond %{ENV:DPIDE} "^(.*none.*)$"
RewriteRule ^(.*) http://galaxy-register01.usit.uio.no/?service=GALAXYSERVICENAME [L,R=307]
</If>