From 3b68f6ca727f52f9dc84fa1a134c092b44c49103 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Sat, 16 Jun 2018 11:40:00 +0200
Subject: Add ldap

---
 app/config/parameters.yml.dist | 20 ++++++++++++++++++++
 app/config/security.yml        |  2 ++
 2 files changed, 22 insertions(+)

(limited to 'app/config')

diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist
index 6b0cb8e8..cfd41b69 100644
--- a/app/config/parameters.yml.dist
+++ b/app/config/parameters.yml.dist
@@ -62,3 +62,23 @@ parameters:
     redis_port: 6379
     redis_path: null
     redis_password: null
+
+    # ldap configuration
+    # To enable, you need to require fr3d/ldap-bundle
+    ldap_enabled: false
+    ldap_host: localhost
+    ldap_port: 389
+    ldap_tls:  false
+    ldap_ssl:  false
+    ldap_bind_requires_dn: true
+    ldap_base: dc=example,dc=com
+    ldap_manager_dn: ou=Manager,dc=example,dc=com
+    ldap_manager_pw: password
+    ldap_filter: (&(ObjectClass=Person))
+    # optional (if null: no ldap user is admin)
+    ldap_admin_filter: (&(memberOf=ou=admins,dc=example,dc=com)(uid=%s))
+    ldap_username_attribute: uid
+    ldap_email_attribute: mail
+    ldap_name_attribute: cn
+    # optional (default sets user as enabled unconditionally)
+    ldap_enabled_attribute: ~
diff --git a/app/config/security.yml b/app/config/security.yml
index 02afc9ea..48fbb553 100644
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -6,6 +6,7 @@ security:
         ROLE_ADMIN: ROLE_USER
         ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
 
+    # /!\ This list is modified in WallabagUserBundle when LDAP is enabled
     providers:
         administrators:
             entity:
@@ -36,6 +37,7 @@ security:
             pattern: ^/login$
             anonymous:  ~
 
+        # /!\ This section is modified in WallabagUserBundle when LDAP is enabled
         secured_area:
             pattern: ^/
             form_login:
-- 
cgit v1.2.3