diff options
| author | Adrien Bustany <adrien@bustany.org> | 2012-10-10 10:04:18 +0300 |
|---|---|---|
| committer | attilamolnar <attilamolnar@hush.com> | 2012-10-19 20:40:16 +0200 |
| commit | 9451b734fff2fa908747fe26d01e87f81c94292c (patch) | |
| tree | 20102d61f229156ef9b9712ee2161043be342144 /docs | |
| parent | a4ea01a767870574403690b0abd04b1dae85d6b5 (diff) | |
m_ldapauth Allow filtering on arbitrary LDAP attributes
This commit implements filtering on LDAP attributes, in a similar way
to what Apache Httpd does with "Require ldap-attribute".
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/conf/modules.conf.example | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/docs/conf/modules.conf.example b/docs/conf/modules.conf.example index 32217138a..e20769373 100644 --- a/docs/conf/modules.conf.example +++ b/docs/conf/modules.conf.example @@ -991,6 +991,8 @@ # # # <ldapwhitelist cidr="10.42.0.0/16"> # # # +# <ldaprequire attribute="attr" value="val"> # +# # # The baserdn indicates the base DN to search in for users. Usually # # this is 'ou=People,dc=yourdomain,dc=yourtld'. # # # @@ -1022,6 +1024,12 @@ # ldapwhitelist indicates that clients connecting from an IP in the # # provided CIDR do not need to authenticate against LDAP. It can be # # repeated to whitelist multiple CIDRs. # +# # +# ldaprequire allows further filtering on the LDAP user, by requiring # +# certain LDAP attibutes to have a given value. It can be repeated, # +# in which case the list will act as an OR list, that is, the # +# authentication will succeed if any of the requirements in the list # +# is satisfied. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # LDAP oper configuration module: Adds the ability to authenticate # |