diff -Nur e-smith-manager-2.6.0.old/root/etc/e-smith/templates/etc/e-smith/web/common/cgi-bin/AuthTKT.cfg/manager_access e-smith-manager-2.6.0/root/etc/e-smith/templates/etc/e-smith/web/common/cgi-bin/AuthTKT.cfg/manager_access --- e-smith-manager-2.6.0.old/root/etc/e-smith/templates/etc/e-smith/web/common/cgi-bin/AuthTKT.cfg/manager_access 2007-01-26 20:51:30.000000000 -0500 +++ e-smith-manager-2.6.0/root/etc/e-smith/templates/etc/e-smith/web/common/cgi-bin/AuthTKT.cfg/manager_access 2016-06-13 03:22:49.254000000 -0400 @@ -1,5 +1,6 @@ { my $secret = ${'httpd-admin'}{TKTAuthSecret} || "34322500-7330-4400-423A-3A00434F5245"; $OUT .= "TKTAuthSecret $secret\n"; - $OUT .= "TKTAuthTimeoutMin 5"; + $OUT .= "TKTAuthTimeout 5m\n"; + $OUT .= "TKTAuthCookieExpires 5m"; } diff -Nur e-smith-manager-2.6.0.old/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/90e-smithAccess15common e-smith-manager-2.6.0/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/90e-smithAccess15common --- e-smith-manager-2.6.0.old/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/90e-smithAccess15common 2014-03-23 22:15:04.000000000 -0400 +++ e-smith-manager-2.6.0/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/90e-smithAccess15common 2016-06-13 03:17:30.372000000 -0400 @@ -28,6 +28,8 @@ AuthType basic TKTAuthLoginURL /server-common/cgi-bin/login + TKTAuthTimeout 5m + TKTAuthCookieExpires 5m require valid-user Satisfy all diff -Nur e-smith-manager-2.6.0.old/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/90e-smithAccess20manager e-smith-manager-2.6.0/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/90e-smithAccess20manager --- e-smith-manager-2.6.0.old/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/90e-smithAccess20manager 2014-03-23 22:15:04.000000000 -0400 +++ e-smith-manager-2.6.0/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/90e-smithAccess20manager 2016-06-13 03:16:57.027000000 -0400 @@ -11,6 +11,8 @@ allow from { $localAccess } AuthType Basic TKTAuthLoginURL /server-common/cgi-bin/login + TKTAuthTimeout 5m + TKTAuthCookieExpires 5m require user admin Satisfy all @@ -24,6 +26,8 @@ allow from { $localAccess } AuthType Basic TKTAuthLoginURL /server-common/cgi-bin/login + TKTAuthTimeout 5m + TKTAuthCookieExpires 5m require user admin Satisfy all diff -Nur e-smith-manager-2.6.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass e-smith-manager-2.6.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass --- e-smith-manager-2.6.0.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass 2016-06-13 04:18:01.130000000 -0400 +++ e-smith-manager-2.6.0/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass 2016-06-13 04:23:46.597000000 -0400 @@ -14,6 +14,11 @@ $OUT .= ' RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1$' . "\n"; $OUT .= " RewriteRule ^/$place(/.*|\$) https://%{HTTP_HOST}/$place\$1 [L,R]\n"; } + if ($port eq $sslPort) + { + # mod_auth_tkt needs to know the protocol to write 307 redirection + $OUT .= " RequestHeader set X-Forwarded-Proto "https"\n"; + } $OUT .= " ProxyPass /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n"; $OUT .= " ProxyPassReverse /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n";