FIX SASL configuration example
This commit is contained in:
parent
afa4a95b37
commit
446faf78fb
@ -340,19 +340,19 @@ $servers->setValue('server','name','My LDAP Server');
|
|||||||
// $servers->setValue('login','auth_type','sasl');
|
// $servers->setValue('login','auth_type','sasl');
|
||||||
|
|
||||||
/* SASL auth mechanism */
|
/* SASL auth mechanism */
|
||||||
// $servers->setValue('server','sasl_mech','PLAIN');
|
// $servers->setValue('sasl','mech','GSSAPI');
|
||||||
|
|
||||||
/* SASL authentication realm name */
|
/* SASL authentication realm name */
|
||||||
// $servers->setValue('server','sasl_realm','');
|
// $servers->setValue('sasl','realm','');
|
||||||
# $servers->setValue('server','sasl_realm','example.com');
|
# $servers->setValue('sasl','realm','EXAMPLE.COM');
|
||||||
|
|
||||||
/* SASL authorization ID name
|
/* SASL authorization ID name
|
||||||
If this option is undefined, authorization id will be computed from bind DN,
|
If this option is undefined, authorization id will be computed from bind DN,
|
||||||
using sasl_authz_id_regex and sasl_authz_id_replacement. */
|
using authz_id_regex and authz_id_replacement. */
|
||||||
// $servers->setValue('server','sasl_authz_id', null);
|
// $servers->setValue('sasl','authz_id', null);
|
||||||
|
|
||||||
/* SASL authorization id regex and replacement
|
/* SASL authorization id regex and replacement
|
||||||
When sasl_authz_id property is not set (default), phpLDAPAdmin will try to
|
When authz_id property is not set (default), phpLDAPAdmin will try to
|
||||||
figure out authorization id by itself from bind distinguished name (DN).
|
figure out authorization id by itself from bind distinguished name (DN).
|
||||||
|
|
||||||
This procedure is done by calling preg_replace() php function in the
|
This procedure is done by calling preg_replace() php function in the
|
||||||
@ -364,14 +364,14 @@ $servers->setValue('server','name','My LDAP Server');
|
|||||||
For info about pcre regexes, see:
|
For info about pcre regexes, see:
|
||||||
- pcre(3), perlre(3)
|
- pcre(3), perlre(3)
|
||||||
- http://www.php.net/preg_replace */
|
- http://www.php.net/preg_replace */
|
||||||
// $servers->setValue('server','sasl_authz_id_regex',null);
|
// $servers->setValue('sasl','authz_id_regex',null);
|
||||||
// $servers->setValue('server','sasl_authz_id_replacement',null);
|
// $servers->setValue('sasl','authz_id_replacement',null);
|
||||||
# $servers->setValue('server','sasl_authz_id_regex','/^uid=([^,]+)(.+)/i');
|
# $servers->setValue('sasl','authz_id_regex','/^uid=([^,]+)(.+)/i');
|
||||||
# $servers->setValue('server','sasl_authz_id_replacement','$1');
|
# $servers->setValue('sasl','authz_id_replacement','$1');
|
||||||
|
|
||||||
/* SASL auth security props.
|
/* SASL auth security props.
|
||||||
See http://beepcore-tcl.sourceforge.net/tclsasl.html#anchor5 for explanation. */
|
See http://beepcore-tcl.sourceforge.net/tclsasl.html#anchor5 for explanation. */
|
||||||
// $servers->setValue('server','sasl_props',null);
|
// $servers->setValue('sasl','props',null);
|
||||||
|
|
||||||
/* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
|
/* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
|
||||||
blowfish, crypt or leave blank for now default algorithm. */
|
blowfish, crypt or leave blank for now default algorithm. */
|
||||||
@ -532,12 +532,12 @@ $servers->setValue('server','tls',false);
|
|||||||
|
|
||||||
# SASL auth
|
# SASL auth
|
||||||
$servers->setValue('login','auth_type','sasl');
|
$servers->setValue('login','auth_type','sasl');
|
||||||
$servers->setValue('server','sasl_mech','GSSAPI');
|
$servers->setValue('sasl','mech','GSSAPI');
|
||||||
$servers->setValue('server','sasl_realm','EXAMPLE.COM');
|
$servers->setValue('sasl','realm','EXAMPLE.COM');
|
||||||
$servers->setValue('server','sasl_authz_id',null);
|
$servers->setValue('sasl','authz_id',null);
|
||||||
$servers->setValue('server','sasl_authz_id_regex','/^uid=([^,]+)(.+)/i');
|
$servers->setValue('sasl','authz_id_regex','/^uid=([^,]+)(.+)/i');
|
||||||
$servers->setValue('server','sasl_authz_id_replacement','$1');
|
$servers->setValue('sasl','authz_id_replacement','$1');
|
||||||
$servers->setValue('server','sasl_props',null);
|
$servers->setValue('sasl','props',null);
|
||||||
|
|
||||||
$servers->setValue('appearance','password_hash','md5');
|
$servers->setValue('appearance','password_hash','md5');
|
||||||
$servers->setValue('login','attr','dn');
|
$servers->setValue('login','attr','dn');
|
||||||
|
@ -623,6 +623,8 @@ class ldap extends DS {
|
|||||||
if (! isset($CACHE['login_dn']))
|
if (! isset($CACHE['login_dn']))
|
||||||
$CACHE['login_dn'] = is_null($this->getLogin($method)) ? $this->getLogin('user') : $this->getLogin($method);
|
$CACHE['login_dn'] = is_null($this->getLogin($method)) ? $this->getLogin('user') : $this->getLogin($method);
|
||||||
|
|
||||||
|
$CACHE['authz_id'] = '';
|
||||||
|
|
||||||
/*
|
/*
|
||||||
# Do we need to rewrite authz_id?
|
# Do we need to rewrite authz_id?
|
||||||
if (! isset($CACHE['authz_id']))
|
if (! isset($CACHE['authz_id']))
|
||||||
|
Loading…
Reference in New Issue
Block a user