Add list of directives

simo5 · frozencemetery · commit 7bfe7ff06bed · 2017-11-08T17:06:58.000-05:00
This allows to consult the whole list in one place and then jump to the desired section as needed. Also fix some minor formatting discrepancies. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Robbie Harwood <rharwood@redhat.com> Merges: #160
diff --git a/README b/README
@@ -67,9 +67,55 @@ extensions you can also simply set the KRB5_KTNAME environment variable in the
 Apache init script and skip the GssapiCredStore option completely.
 
 
+Environment Variables
+---------------------
+
+(Note: these are not process environment variables, but rather Apache
+environment variables, as described
+[in the apache docs](https://httpd.apache.org/docs/2.4/env.html).)
+
+### gssapi-no-negotiate
+
+This environment variable is used to suppress setting Negotiate headers.  Not
+sending these headers is useful to work around browsers that do not handle
+them properly (and incorrectly show authentication popups to users).
+
+#### Example
+
+For instance, to suppress negotiation on Windows browsers, one could set:
+
+    BrowserMatch Windows gssapi-no-negotiate
+
+
+
 Configuration Directives
 ------------------------
 
+### Alphabetic List of Directives
+
+[GssapiAcceptorName](#gssapiacceptorname)<br>
+[GssapiAllowedMech](#gssapiallowedmech)<br>
+[GssapiBasicAuth](#gssapibasicauth)<br>
+[GssapiBasicAuthMech](#gssapibasicauthmech)<br>
+[GssapiConnectionBound](#gssapiconnectionbound)<br>
+[GssapiCredStore](#gssapicredstore)<br>
+[GssapiDelegCcacheDir](#gssapidelegccachedir)<br>
+[GssapiDelegCcacheEnvVar](#gssapidelegccacheenvvar)<br>
+[GssapiDelegCcachePerms](#gssapidelegccacheperms)<br>
+[GssapiDelegCcacheUnique](#gssapidelegccacheunique)<br>
+[GssapiImpersonate](#gssapiimpersonate)<br>
+[GssapiLocalName](#gssapilocalname)<br>
+[GssapiNameAttributes](#gssapinameattributes)<br>
+[GssapiNegotiateOnce](#gssapinegotiateonce)<br>
+[GssapiPublishErrors](#gssapipublisherrors)<br>
+[GssapiRequiredNameAttributes](#gssapirequirednameattributes)<br>
+[GssapiSessionKey](#gssapisessionkey)<br>
+[GssapiSignalPersistentAuth](#gssapisignalpersistentauth)<br>
+[GssapiSSLonly](#gssapisslonly)<br>
+[GssapiUseS4U2Proxy](#gssapiuses4u2proxy)<br>
+[GssapiUseSessions](#gssapiusesessions)<br>
+
+
 ### GssapiSSLonly
 
 Forces the authentication attempt to fail if the connection is not being
@@ -108,6 +154,7 @@ request for continuation.
 
 
 ### GssapiSignalPersistentAuth
+
 For clients that make use of Persistent-Auth header, send the header according
 to GssapiConnectionBound setting.
 
@@ -237,6 +284,7 @@ keytab and store a ccache in the configured ccache file.
 
 
 ### GssapiBasicAuth
+
 Allows the use of Basic Auth in conjunction with Negotiate.
 If the browser fails to use Negotiate it will instead fallback to Basic and
 the username and password will be used to try to acquire credentials in the
@@ -307,6 +355,7 @@ underscores for environment variable names.
     GssapiNameAttributes json
     GssapiNameAttributes RADIUS_NAME urn:ietf:params:gss:radius-attribute_1
 
+
 ### GssapiRequiredNameAttributes
 
 This option allows specifying one or more Name Attributes that the client must
@@ -336,6 +385,7 @@ expression, or no Name Attributes are present, a 403 response is returned.
     GssapiRequiredNameAttributes "auth-indicators=high or other-attr=foo"
     GssapiRequiredNameAttributes "((auth-indicators=low and auth-indicators=med) or auth-indicators=high)"
 
+
 ### GssapiNegotiateOnce
 
 When this option is enabled the Negotiate header will not be resent if
@@ -360,6 +410,7 @@ Auth mechanism. Enable GssapiNegotiateOnce to avoid this situation.
 - **Enable with:** GssapiNegotiateOnce On
 - **Default:** GssapiNegotiateOnce Off
 
+
 ### GssapiImpersonate
 
 This option can be used even if AuthType GSSAPI is not used for given
@@ -451,21 +502,4 @@ Note: The GSS_C_NT_HOSTBASED_SERVICE format is used for names (see example).
 #### Example
     GssapiAcceptorName HTTP@www.example.com
 
-Environment Variables
----------------------
-
-(Note: these are not process environment variables, but rather Apache
-environment variables, as described
-[in the apache docs](https://httpd.apache.org/docs/2.4/env.html).)
-
-### gssapi-no-negotiate
-
-This environment variable is used to suppress setting Negotiate headers.  Not
-sending these headers is useful to work around browsers that do not handle
-them properly (and incorrectly show authentication popups to users).
 
-#### Example
-
-For instance, to suppress negotiation on Windows browsers, one could set:
-
-    BrowserMatch Windows gssapi-no-negotiate
