Allow additional settings for GSSAPI in Vhost

Adding config items:
- allowedmech
- authname
- authtype
- basicauth

Author: tuxmea

spec/defines/vhost_spec.rb

@@ -252,9 +252,13 @@
                   'passenger_app_log_file'                              => '/tmp/app.log',
                   'passenger_debugger'                                  => false,
                   'gssapi'                                              => {
-                    'credstore' => 'keytab:/foo/bar.keytab',
-                    'localname' => 'On',
-                    'sslonly'   => 'Off',
+                    'credstore'   => 'keytab:/foo/bar.keytab',
+                    'localname'   => 'On',
+                    'sslonly'     => 'Off',
+                    'allowedmech' => 'krb5',
+                    'authname'    => 'Kerberos 5',
+                    'authtype'    => 'GSSAPI',
+                    'basicauth'   => 'On',
                   },
                 },
                 {
@@ -958,6 +962,26 @@
               content: %r{^\s+GssapiLocalName\sOn$},
             )
           }
+          it {
+            is_expected.to contain_concat__fragment('rspec.example.com-directories').with(
+              content: %r{^\s+GssapiAllowedMech\skrb5$},
+            )
+          }
+          it {
+            is_expected.to contain_concat__fragment('rspec.example.com-directories').with(
+              content: %r{^\s+AuthName\s"Kerberos 5"$},
+            )
+          }
+          it {
+            is_expected.to contain_concat__fragment('rspec.example.com-directories').with(
+              content: %r{^\s+AuthType\sGSSAPI$},
+            )
+          }
+          it {
+            is_expected.to contain_concat__fragment('rspec.example.com-directories').with(
+              content: %r{^\s+GssapiBasicAuth\sOn$},
+            )
+          }
           it {
             is_expected.to contain_concat__fragment('rspec.example.com-directories').with(
               content: %r{^\s+SSLVerifyClient\soptional$},

templates/vhost/_gssapi.epp

@@ -1,10 +1,26 @@
 <%|
   # https://github.com/gssapi/mod_auth_gssapi
-  Optional[String[1]]        $credstore = undef,
-  Optional[Enum['On','Off']] $sslonly   = undef,
-  Optional[Enum['On','Off']] $localname = undef,
+  Optional[String[1]]        $allowedmech = undef,
+  Optional[String[1]]        $authname    = undef,
+  Optional[String[1]]        $authtype    = undef,
+  Optional[Enum['On','Off']] $basicauth   = undef,
+  Optional[String[1]]        $credstore   = undef,
+  Optional[Enum['On','Off']] $sslonly     = undef,
+  Optional[Enum['On','Off']] $localname   = undef,
 |%>
 # mod_auth_gssapi configuration
+<% if $allowedmech { -%>
+    GssapiAllowedMech <%= $allowedmech %>
+<% } -%>
+<% if $authname { -%>
+    AuthName "<%= $authname %>"
+<% } -%>
+<% if $authtype { -%>
+    AuthType <%= $authtype %>
+<% } -%>
+<% if $basicauth { -%>
+    GssapiBasicAuth <%= $basicauth %>
+<% } -%>
 <% if $sslonly { -%>
     GssapiSSLonly <%= $sslonly %>
 <% } -%>