Newer
Older
<VirtualHost *:80>
ServerAdmin adamhl@.stanford.edu
ServerName <%= @vhost %>
# Redirect _all_ port 80 traffic to the secure side
Redirect / https://<%= @vhost %>/
</VirtualHost>
<VirtualHost *:443>
ServerAdmin adamhl@.stanford.edu
ServerName <%= @vhost %>
DocumentRoot /usr/share/secure-afs-request/
AddHandler cgi-script .cgi .pl
## SSL
SSLEngine On
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:!MEDIUM:!LOW:!SSLv2:!EXP
SSLCertificateFile /etc/ssl/certs/<%= @vhost %>.pem
SSLCertificateKeyFile /etc/ssl/private/<%= @vhost %>.key
### Shibboleth (SAML) section
<Location /Shibboleth.sso>
SetHandler shib
</Location>
# Allow cgi scripts here.
ScriptAlias "/cgi-bin/" "/usr/share/secure-afs-request/cgi-bin/"
<Location /cgi-bin>
SetHandler cgi-script
Options ExecCGI IncludesNoExec
SetOutputFilter INCLUDES
AuthType shibboleth
require valid-user
</Location>