From 02e99277146d8bd912f2f19af1d3e94a6181d90d Mon Sep 17 00:00:00 2001 From: alecdwm Date: Tue, 13 Dec 2016 22:31:35 +0100 Subject: Initial support for LDAP server authentication Limitations as of this commit: - tlsOptions can only be specified in config.json, not as env vars - authentication failures are not yet gracefully handled by the UI - instead the error message is shown on a blank page (/auth/ldap) - no email address is associated with the LDAP user's account - no picture/profile URL is associated with the LDAP user's account - we might have to generate our own access + refresh tokens, because we aren't using oauth. The currently generated tokens are just a placeholder. - 'LDAP Sign in' needs to be translated to each locale --- config.json.example | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'config.json.example') diff --git a/config.json.example b/config.json.example index 22fd5c92..642df4f6 100644 --- a/config.json.example +++ b/config.json.example @@ -45,6 +45,18 @@ "clientID": "change this", "clientSecret": "change this" }, + "ldap": { + "url": "ldap://change_this", + "bindDn": null, + "bindCredentials": null, + "tokenSecret": "change this", + "searchBase": "change this", + "searchFilter": "change this", + "searchAttributes": "change this", + "tlsOptions": { + "changeme": "See https://nodejs.org/api/tls.html#tls_tls_connect_options_callback" + } + }, "imgur": { "clientID": "change this" } -- cgit v1.2.3