#
# Apache and PHP configuration for EGroupware using NTLM authentication
#
# This version of EGroupware configuration might not be as up to date as
# the one in /usr/share/doc/rpm-build/apache.conf!
#
# Version: $Id$
#

# this makes EGroupware available for all vhosts
Alias /egroupware /usr/share/egroupware

# Enable ActiveSync protocol support via eSync app
Alias /Microsoft-Server-ActiveSync /usr/share/egroupware/activesync/index.php

RedirectMatch ^/.well-known/(caldav|carddav)$ /egroupware/groupdav.php/
# iOS 4.3+ calendar requires that to autodetect accounts
RedirectMatch ^(/principals/users/.*)$ /egroupware/groupdav.php$1

<Directory /usr/share/egroupware/api/ntlm/>
  AuthName "NTLM eGroupWare Authentication"
  NTLMAuth on
  NegotiateAuth off
  NTLMBasicRealm TEST
  NTLMBasicAuth on
  NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
  NegotiateAuthHelper "/usr/bin/ntlm_auth --helper-protocol=gss-spnego"
  PlaintextAuthHelper "/usr/bin/ntlm_auth --domain=TEST.LOCAL --helper-protocol=squid-2.5-basic"
  NTLMBasicAuthoritative on
  AuthType NTLM
  require valid-user
</Directory>

<Directory /usr/share/egroupware/>
  Options FollowSymLinks ExecCGI
  AllowOverride None
  <IfModule !mod_authz_core.c>
    # Apache 2.4
    Order allow,deny
    Allow from all
  </IfModule>
  <IfModule mod_authz_core.c>
    # Apache 2.4
    Require all granted
  </IfModule>
  DirectoryIndex index.html index.php
  AddHandler cgi-script .cgi
  AddDefaultCharset Off
  php_flag file_uploads on
  php_flag log_errors on
  php_flag magic_quotes_gpc off
  php_flag magic_quotes_runtime off
  php_flag register_globals off
  php_flag short_open_tag on
  php_flag track_vars on
  php_flag display_errors off
  # E_ALL & ~E_NOTICE & ~E_STRICT = 8191 - 8 - 2048 = 6135
  php_value error_reporting 6135
  php_value max_execution_time 90
  php_admin_value mbstring.func_overload 0
  php_value memory_limit 128M
  php_value session.gc_maxlifetime 14400
  php_value include_path .
  php_admin_value open_basedir /usr/share/egroupware:/var/lib/egroupware:/tmp:/usr/bin/zip
  php_value upload_max_filesize 64M
  php_admin_value upload_tmp_dir /tmp
  php_value post_max_size 65M
  <Files ~ "\.inc\.php$">
    <IfModule !mod_authz_core.c>
      # Apache 2.4
      Order allow,deny
      Deny from all
    </IfModule>
    <IfModule mod_authz_core.c>
     # Apache 2.4
     Require all denied
    </IfModule>
  </Files>
</Directory>