Mercurial > kallithea
comparison docs/setup.rst @ 6331:949c843bb535
auth: refactor ldap parameter handling - make it clear that port is optional
| author | Mads Kiilerich <madski@unity3d.com> |
|---|---|
| date | Tue, 15 Nov 2016 22:53:41 +0100 |
| parents | 7ce3897bacd0 |
| children | 9c6f717823e1 |
comparison
equal
deleted
inserted
replaced
| 6330:7ce3897bacd0 | 6331:949c843bb535 |
|---|---|
| 159 Here's a typical LDAP setup:: | 159 Here's a typical LDAP setup:: |
| 160 | 160 |
| 161 Connection settings | 161 Connection settings |
| 162 Enable LDAP = checked | 162 Enable LDAP = checked |
| 163 Host = host.example.com | 163 Host = host.example.com |
| 164 Port = 389 | |
| 165 Account = <account> | 164 Account = <account> |
| 166 Password = <password> | 165 Password = <password> |
| 167 Connection Security = LDAPS connection | 166 Connection Security = LDAPS connection |
| 168 Certificate Checks = DEMAND | 167 Certificate Checks = DEMAND |
| 169 | 168 |
| 196 LDAP server hostname or IP address. Can be also a comma separated | 195 LDAP server hostname or IP address. Can be also a comma separated |
| 197 list of servers to support LDAP fail-over. | 196 list of servers to support LDAP fail-over. |
| 198 | 197 |
| 199 .. _Port: | 198 .. _Port: |
| 200 | 199 |
| 201 Port : required | 200 Port : optional |
| 202 389 for un-encrypted LDAP, 636 for SSL-encrypted LDAP. | 201 Defaults to 389 for PLAIN un-encrypted LDAP and START_TLS. |
| 202 Defaults to 636 for LDAPS. | |
| 203 | 203 |
| 204 .. _ldap_account: | 204 .. _ldap_account: |
| 205 | 205 |
| 206 Account : optional | 206 Account : optional |
| 207 Only required if the LDAP server does not allow anonymous browsing of | 207 Only required if the LDAP server does not allow anonymous browsing of |
| 217 .. _Enable LDAPS: | 217 .. _Enable LDAPS: |
| 218 | 218 |
| 219 Connection Security : required | 219 Connection Security : required |
| 220 Defines the connection to LDAP server | 220 Defines the connection to LDAP server |
| 221 | 221 |
| 222 No encryption | 222 PLAIN |
| 223 Plain non encrypted connection | 223 Plain unencrypted LDAP connection. |
| 224 | 224 This will by default use `Port`_ 389. |
| 225 LDAPS connection | 225 |
| 226 Enable LDAPS connections. It will likely require `Port`_ to be set to | 226 LDAPS |
| 227 a different value (standard LDAPS port is 636). When LDAPS is enabled | 227 Use secure LDAPS connections according to `Certificate |
| 228 then `Certificate Checks`_ is required. | 228 Checks`_ configuration. |
| 229 | 229 This will by default use `Port`_ 636. |
| 230 START_TLS on LDAP connection | 230 |
| 231 START TLS connection | 231 START_TLS |
| 232 Use START TLS according to `Certificate Checks`_ configuration on an | |
| 233 apparently "plain" LDAP connection. | |
| 234 This will by default use `Port`_ 389. | |
| 232 | 235 |
| 233 .. _Certificate Checks: | 236 .. _Certificate Checks: |
| 234 | 237 |
| 235 Certificate Checks : optional | 238 Certificate Checks : optional |
| 236 How SSL certificates verification is handled -- this is only useful when | 239 How SSL certificates verification is handled -- this is only useful when |