Commits on Jun 7, 2022

1. Add support for LDAP Active Directory authentication. …

   Multiple LDAP authorization services can be configured, in which case, when
   doing HTTP Basic auth and Form login, each **enabled** LDAP service will be
   probed for the authentication credentials in the order they appear in the
   configuration, and the first successful authentication will be used.
   
   If no `georchestra.security.ldap.[name].enabled` is `true`, the log-in page won't
   even show the username/password form inputs, and HTTP Basic authentication won't be
   enabled.
   
   At application startup, the enabled configurations are validated. The application
   will fail to start if there's a validation error.
   
   Each LDAP authentication provider can be one of:
   
   * A **standard** LDAP provider, which provides provides basic authorization
   credentials in the form of a list of role names.
   * An **extended** LDAP provider, as traditionally used by geOrchestra's
   internal OpenLDAP database, which enriches the authentication principal
   object with additional user identity properties.
   * An **Active Directory** LDAP provider, which provides basicauthorization
   credentials in the form of a list of role names.

   

   groldan committed Jun 7, 2022
   Configuration menu

   • View commit details
   • Copy full SHA for f4ccf41
   • Browse repository at this point

   Copy the full SHA

   f4ccf41 View commit details

   Browse the repository at this point in the history