From 86c9af8cac9171c26e3f357656ad23184183b034 Mon Sep 17 00:00:00 2001
From: Xavier Pillons <xpillons@microsoft.com>
Date: Fri, 10 Nov 2023 11:33:01 +0100
Subject: [PATCH] Revert "Use external auth for CycleCloud Proxy. (#1754)"

This reverts commit 18e49438691731757018531329888efca70e2a5f.
---
 playbooks/ood.yml | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/playbooks/ood.yml b/playbooks/ood.yml
index 412afabb6..16793856e 100644
--- a/playbooks/ood.yml
+++ b/playbooks/ood.yml
@@ -32,10 +32,9 @@
       state: latest
       lock_timeout : 180
 
-  - name: Set up mod_authnz_external modules (for cyclecloud proxy)
-    yum:
-      name: mod_authnz_external
-      lock_timeout: 180  
+  - name: Set up PAM authentication for OOD
+    include_role:
+      name: ood_pam_auth
 
   - name: Retrieve OIDC secret
     block:
@@ -233,13 +232,12 @@
         if ! grep -q {{ccportal_name}} /opt/ood/ood-portal-generator/templates/ood-portal.conf.erb; then
           cd /root
           cat << EOF > cyclecloud_proxy
-          DefineExternalAuth pwauth pipe /usr/bin/pwauth
           SetEnv OOD_CC_URI "/cyclecloud"
           <Location "/cyclecloud">
             AuthType Basic
             AuthName "Open OnDemand"
-            AuthBasicProvider external
-            AuthExternal pwauth
+            AuthBasicProvider PAM
+            AuthPAMService ood
             Require valid-user
 
             ProxyPass http://{{ccportal_name}}:80/cyclecloud