From 9451b734fff2fa908747fe26d01e87f81c94292c Mon Sep 17 00:00:00 2001 From: Adrien Bustany Date: Wed, 10 Oct 2012 10:04:18 +0300 Subject: m_ldapauth Allow filtering on arbitrary LDAP attributes This commit implements filtering on LDAP attributes, in a similar way to what Apache Httpd does with "Require ldap-attribute". --- docs/conf/modules.conf.example | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'docs/conf') diff --git a/docs/conf/modules.conf.example b/docs/conf/modules.conf.example index 32217138a..e20769373 100644 --- a/docs/conf/modules.conf.example +++ b/docs/conf/modules.conf.example @@ -991,6 +991,8 @@ # # # # # # +# # +# # # The baserdn indicates the base DN to search in for users. Usually # # this is 'ou=People,dc=yourdomain,dc=yourtld'. # # # @@ -1022,6 +1024,12 @@ # ldapwhitelist indicates that clients connecting from an IP in the # # provided CIDR do not need to authenticate against LDAP. It can be # # repeated to whitelist multiple CIDRs. # +# # +# ldaprequire allows further filtering on the LDAP user, by requiring # +# certain LDAP attibutes to have a given value. It can be repeated, # +# in which case the list will act as an OR list, that is, the # +# authentication will succeed if any of the requirements in the list # +# is satisfied. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # LDAP oper configuration module: Adds the ability to authenticate # -- cgit v1.2.3