-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add support for LDAP Active Directory authentication.
iMultiple LDAP authorization services can be configured, in which case, when doing HTTP Basic auth and Form login, each **enabled** LDAP service will be probed for the authentication credentials in the order they appear in the configuration, and the first successful authentication will be used. If no `georchestra.security.ldap.[name].enabled` is `true`, the log-in page won't even show the username/password form inputs, and HTTP Basic authentication won't be enabled. At application startup, the enabled configurations are validated. The application will fail to start if there's a validation error. Each LDAP authentication provider can be one of: * A **standard** LDAP provider, which provides provides basic authorization credentials in the form of a list of role names. * An **extended** LDAP provider, as traditionally used by geOrchestra's internal OpenLDAP database, which enriches the authentication principal object with additional user identity properties. * An **Active Directory** LDAP provider, which provides basicauthorization credentials in the form of a list of role names.
- Loading branch information
Showing
31 changed files
with
2,244 additions
and
620 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.