https://fedorahosted.org/freeipa/ticket/1570

The help message might need some tweaking.

Honza

--
Jan Cholasta
>From 3fbc14df8bf28d4b8a37f75c005576df133224b2 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Tue, 16 Aug 2011 19:34:04 +0200
Subject: [PATCH] Add option to ipa-server-install to disable the automatic
 redirect to the Web UI.

ticket 1570
---
 install/conf/ipa-rewrite.conf          |    2 +-
 install/tools/ipa-server-install       |    6 ++++--
 install/tools/man/ipa-server-install.1 |    3 +++
 ipaserver/install/httpinstance.py      |    4 ++--
 4 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/install/conf/ipa-rewrite.conf b/install/conf/ipa-rewrite.conf
index ec9912c..5385f9d 100644
--- a/install/conf/ipa-rewrite.conf
+++ b/install/conf/ipa-rewrite.conf
@@ -7,7 +7,7 @@ RewriteLogLevel 0
 
 # By default forward all requests to /ipa. If you don't want IPA
 # to be the default on your web server comment this line out.
-RewriteRule ^/$$ https://$FQDN/ipa/ui [L,NC,R=301]
+${AUTOREDIR}RewriteRule ^/$$ https://$FQDN/ipa/ui [L,NC,R=301]
 
 # Redirect to the fully-qualified hostname. Not redirecting to secure
 # port so configuration files can be retrieved without requiring SSL.
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install
index 3605b03..c6057dc 100755
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@@ -172,6 +172,8 @@ def parse_options():
     parser.add_option("--no_hbac_allow", dest="hbac_allow", default=False,
                       action="store_true",
                       help="Don't install allow_all HBAC rule")
+    parser.add_option("--no-ui-redirect", dest="ui_redirect", action="store_false",
+                      default=True, help="Do not automatically redirect to the Web UI")
     options, args = parser.parse_args()
     safe_options = parser.get_safe_opts(options)
 
@@ -903,10 +905,10 @@ def main():
     http = httpinstance.HTTPInstance(fstore)
     if options.http_pkcs12:
         pkcs12_info = (options.http_pkcs12, pw_name)
-        http.create_instance(realm_name, host_name, domain_name, dm_password, autoconfig=False, pkcs12_info=pkcs12_info, subject_base=options.subject)
+        http.create_instance(realm_name, host_name, domain_name, dm_password, autoconfig=False, pkcs12_info=pkcs12_info, subject_base=options.subject, auto_redirect=options.ui_redirect)
         os.remove(pw_name)
     else:
-        http.create_instance(realm_name, host_name, domain_name, dm_password, autoconfig=True, self_signed_ca=options.selfsign, subject_base=options.subject)
+        http.create_instance(realm_name, host_name, domain_name, dm_password, autoconfig=True, self_signed_ca=options.selfsign, subject_base=options.subject, auto_redirect=options.ui_redirect)
     ipautil.run(["/sbin/restorecon", "/var/cache/ipa/sessions"])
 
     set_subject_in_config(realm_name, dm_password, util.realm_to_suffix(realm_name), options.subject)
diff --git a/install/tools/man/ipa-server-install.1 b/install/tools/man/ipa-server-install.1
index 7450ab9..a247c19 100644
--- a/install/tools/man/ipa-server-install.1
+++ b/install/tools/man/ipa-server-install.1
@@ -133,6 +133,9 @@ The maximum user and group id number (default: idstart+199999). If set to zero,
 \fB\-\-no_hbac_allow\fR
 Don't install allow_all HBAC rule. This rule lets any user from any host access any service on any other host. It is expected that users will remove this rule before moving to production.
 .TP
+\fB\-\-no\-ui\-redirect\fR
+Do not automatically redirect to the Web UI.
+.TP
 .SH "EXIT STATUS"
 0 if the installation was successful
 
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
index d2eb27c..fe5f7aa 100644
--- a/ipaserver/install/httpinstance.py
+++ b/ipaserver/install/httpinstance.py
@@ -55,7 +55,7 @@ class HTTPInstance(service.Service):
         else:
             self.fstore = sysrestore.FileStore('/var/lib/ipa/sysrestore')
 
-    def create_instance(self, realm, fqdn, domain_name, dm_password=None, autoconfig=True, pkcs12_info=None, self_signed_ca=False, subject_base=None):
+    def create_instance(self, realm, fqdn, domain_name, dm_password=None, autoconfig=True, pkcs12_info=None, self_signed_ca=False, subject_base=None, auto_redirect=True):
         self.fqdn = fqdn
         self.realm = realm
         self.domain = domain_name
@@ -66,7 +66,7 @@ class HTTPInstance(service.Service):
         self.principal = "HTTP/%s@%s" % (self.fqdn, self.realm)
         self.dercert = None
         self.subject_base = subject_base
-        self.sub_dict = { "REALM" : realm, "FQDN": fqdn, "DOMAIN" : self.domain }
+        self.sub_dict = {"REALM": realm, "FQDN": fqdn, "DOMAIN": self.domain, "AUTOREDIR": '' if auto_redirect else '#'}
 
         # get a connection to the DS
         self.ldap_connect()
-- 
1.7.6

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to