How to make an Apache protected App

I am using an openstack vm that is running a newer version of CentOs.

Using this as reference

Making the Apache App

The first thing to do is:

sudo yum install httpd perl-CGI -y

retrieve the example application for testing using curl:

curl -Lo /var/www/app.cgi ''

Make sure it is executable as a CGI script:

sudo chmod a+x /var/www/app.cgi

sudo yum install /usr/sbin/semanage -y

sudo semanage fcontext -a -t httpd_sys_script_exec_t '/var/www/app\.cgi'

restorecon -rvv /var/www/app.cgi

Next go into the the ScriptAlaias Directive in /etc/httpd/conf/httpd.conf and add the line:

ScriptAlias /application /var/www/app.cgi

Then restart httpd

To test on the command line use:

curl -i http://$( hostname )/application

When you go to to your service. I have it as sp1.keycloak.test/application, It will prompt you for a log in. The username and password is both bob for now.

Enrolling the Apache service to an IPA server

First install the tools to connect with a client:

sudo yum -y install freeipa-client

Then install the client:

sudo ipa-client-install --fixed-primary --server (server) --domain (domain) --principal admin --password (password) --unattended

I then used ipa-getcert using

sudo ipa-getcert request -f /etc/pki/tls/certs/localhost.crt -K HTTP/$( hostname ) -N CN=$( hostname ),O=KEYCLOAK.TEST -g 2048 -k /etc/pki/tls/private/localhost.key -r

Then restart httpd

Written on April 3, 2018