Add ldap

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2018-06-16 11:40:00 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-01-23 19:57:28 +0100
commit: 3b68f6ca727f52f9dc84fa1a134c092b44c49103 (patch)
tree: 2dd38ff1453ad3a0a4620a408cdb67a482ae2fc6 /app/config
parent: 3f7a28de8473db53b3de9e19d5e8e58b4e21090d (diff)
download: wallabag-3b68f6ca727f52f9dc84fa1a134c092b44c49103.tar.gz
wallabag-3b68f6ca727f52f9dc84fa1a134c092b44c49103.tar.zst
wallabag-3b68f6ca727f52f9dc84fa1a134c092b44c49103.zip
2 files changed, 22 insertions, 0 deletions
diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist
index 6b0cb8e8..cfd41b69 100644
--- a/app/config/parameters.yml.dist
+++ b/app/config/parameters.yml.dist
@@ -62,3 +62,23 @@ parameters:
    redis_port: 6379
    redis_path: null
    redis_password: null
+    # ldap configuration
+    # To enable, you need to require fr3d/ldap-bundle
+    ldap_enabled: false
+    ldap_host: localhost
+    ldap_port: 389
+    ldap_tls:  false
+    ldap_ssl:  false
+    ldap_bind_requires_dn: true
+    ldap_base: dc=example,dc=com
+    ldap_manager_dn: ou=Manager,dc=example,dc=com
+    ldap_manager_pw: password
+    ldap_filter: (&(ObjectClass=Person))
+    # optional (if null: no ldap user is admin)
+    ldap_admin_filter: (&(memberOf=ou=admins,dc=example,dc=com)(uid=%s))
+    ldap_username_attribute: uid
+    ldap_email_attribute: mail
+    ldap_name_attribute: cn
+    # optional (default sets user as enabled unconditionally)
+    ldap_enabled_attribute: ~
diff --git a/app/config/security.yml b/app/config/security.yml
index 02afc9ea..48fbb553 100644
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -6,6 +6,7 @@ security:
        ROLE_ADMIN: ROLE_USER
        ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
+    # /!\ This list is modified in WallabagUserBundle when LDAP is enabled
    providers:
        administrators:
            entity:
@@ -36,6 +37,7 @@ security:
            pattern: ^/login$
            anonymous:  ~
+        # /!\ This section is modified in WallabagUserBundle when LDAP is enabled
        secured_area:
            pattern: ^/
            form_login:
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2018-06-16 11:40:00 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-01-23 19:57:28 +0100
commit	3b68f6ca727f52f9dc84fa1a134c092b44c49103 (patch)
tree	2dd38ff1453ad3a0a4620a408cdb67a482ae2fc6 /app/config
parent	3f7a28de8473db53b3de9e19d5e8e58b4e21090d (diff)
download	wallabag-3b68f6ca727f52f9dc84fa1a134c092b44c49103.tar.gz wallabag-3b68f6ca727f52f9dc84fa1a134c092b44c49103.tar.zst wallabag-3b68f6ca727f52f9dc84fa1a134c092b44c49103.zip

diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist index 6b0cb8e8..cfd41b69 100644 --- a/app/config/parameters.yml.dist +++ b/app/config/parameters.yml.dist
@@ -62,3 +62,23 @@ parameters:
62	redis_port: 6379	62	redis_port: 6379
63	redis_path: null	63	redis_path: null
64	redis_password: null	64	redis_password: null
		65
		66	# ldap configuration
		67	# To enable, you need to require fr3d/ldap-bundle
		68	ldap_enabled: false
		69	ldap_host: localhost
		70	ldap_port: 389
		71	ldap_tls: false
		72	ldap_ssl: false
		73	ldap_bind_requires_dn: true
		74	ldap_base: dc=example,dc=com
		75	ldap_manager_dn: ou=Manager,dc=example,dc=com
		76	ldap_manager_pw: password
		77	ldap_filter: (&(ObjectClass=Person))
		78	# optional (if null: no ldap user is admin)
		79	ldap_admin_filter: (&(memberOf=ou=admins,dc=example,dc=com)(uid=%s))
		80	ldap_username_attribute: uid
		81	ldap_email_attribute: mail
		82	ldap_name_attribute: cn
		83	# optional (default sets user as enabled unconditionally)
		84	ldap_enabled_attribute: ~


diff --git a/app/config/security.yml b/app/config/security.yml index 02afc9ea..48fbb553 100644 --- a/app/config/security.yml +++ b/app/config/security.yml
@@ -6,6 +6,7 @@ security:
6	ROLE_ADMIN: ROLE_USER	6	ROLE_ADMIN: ROLE_USER
7	ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]	7	ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
8		8
		9	# /!\ This list is modified in WallabagUserBundle when LDAP is enabled
9	providers:	10	providers:
10	administrators:	11	administrators:
11	entity:	12	entity:
@@ -36,6 +37,7 @@ security:
36	pattern: ^/login$	37	pattern: ^/login$
37	anonymous: ~	38	anonymous: ~
38		39
		40	# /!\ This section is modified in WallabagUserBundle when LDAP is enabled
39	secured_area:	41	secured_area:
40	pattern: ^/	42	pattern: ^/
41	form_login:	43	form_login: