Mercurial > kallithea
comparison docs/setup.rst @ 6331:949c843bb535
auth: refactor ldap parameter handling - make it clear that port is optional
author | Mads Kiilerich <madski@unity3d.com> |
---|---|
date | Tue, 15 Nov 2016 22:53:41 +0100 |
parents | 7ce3897bacd0 |
children | 9c6f717823e1 |
comparison
equal
deleted
inserted
replaced
6330:7ce3897bacd0 | 6331:949c843bb535 |
---|---|
159 Here's a typical LDAP setup:: | 159 Here's a typical LDAP setup:: |
160 | 160 |
161 Connection settings | 161 Connection settings |
162 Enable LDAP = checked | 162 Enable LDAP = checked |
163 Host = host.example.com | 163 Host = host.example.com |
164 Port = 389 | |
165 Account = <account> | 164 Account = <account> |
166 Password = <password> | 165 Password = <password> |
167 Connection Security = LDAPS connection | 166 Connection Security = LDAPS connection |
168 Certificate Checks = DEMAND | 167 Certificate Checks = DEMAND |
169 | 168 |
196 LDAP server hostname or IP address. Can be also a comma separated | 195 LDAP server hostname or IP address. Can be also a comma separated |
197 list of servers to support LDAP fail-over. | 196 list of servers to support LDAP fail-over. |
198 | 197 |
199 .. _Port: | 198 .. _Port: |
200 | 199 |
201 Port : required | 200 Port : optional |
202 389 for un-encrypted LDAP, 636 for SSL-encrypted LDAP. | 201 Defaults to 389 for PLAIN un-encrypted LDAP and START_TLS. |
202 Defaults to 636 for LDAPS. | |
203 | 203 |
204 .. _ldap_account: | 204 .. _ldap_account: |
205 | 205 |
206 Account : optional | 206 Account : optional |
207 Only required if the LDAP server does not allow anonymous browsing of | 207 Only required if the LDAP server does not allow anonymous browsing of |
217 .. _Enable LDAPS: | 217 .. _Enable LDAPS: |
218 | 218 |
219 Connection Security : required | 219 Connection Security : required |
220 Defines the connection to LDAP server | 220 Defines the connection to LDAP server |
221 | 221 |
222 No encryption | 222 PLAIN |
223 Plain non encrypted connection | 223 Plain unencrypted LDAP connection. |
224 | 224 This will by default use `Port`_ 389. |
225 LDAPS connection | 225 |
226 Enable LDAPS connections. It will likely require `Port`_ to be set to | 226 LDAPS |
227 a different value (standard LDAPS port is 636). When LDAPS is enabled | 227 Use secure LDAPS connections according to `Certificate |
228 then `Certificate Checks`_ is required. | 228 Checks`_ configuration. |
229 | 229 This will by default use `Port`_ 636. |
230 START_TLS on LDAP connection | 230 |
231 START TLS connection | 231 START_TLS |
232 Use START TLS according to `Certificate Checks`_ configuration on an | |
233 apparently "plain" LDAP connection. | |
234 This will by default use `Port`_ 389. | |
232 | 235 |
233 .. _Certificate Checks: | 236 .. _Certificate Checks: |
234 | 237 |
235 Certificate Checks : optional | 238 Certificate Checks : optional |
236 How SSL certificates verification is handled -- this is only useful when | 239 How SSL certificates verification is handled -- this is only useful when |