prosody-modules: mod_auth_ldap/README.markdown annotate

annotate mod_auth_ldap/README.markdown @ 2670:6e01878103c0

mod_smacks: Ignore user when writing or reading session_cache on prosody 0.9 At least under some circumstances it seems that session.username is nil when a user tries to resume his session in prosody 0.9. The username is not relevant when no limiting is done (limiting the number of entries in the session cache is only possible in prosody 0.10), so this commit removes the usage of the username when accessing the prosody 0.9 session cache.

author	tmolitor <thilo@eightysoft.de>
date	Thu, 06 Apr 2017 02:12:14 +0200
parents	e16593e7d482
children	ea6b5321db50

rev	line source
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	1 ---
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	2 labels:
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	3 - 'Stage-Alpha'
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	4 - 'Type-Auth'
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	5 summary: LDAP authentication module
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	6 ...
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	7
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	8 Introduction
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	9 ============
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	10
29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	11 This is a Prosody authentication plugin which uses LDAP as the backend.
29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	12
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	13 Dependecies
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	14 ===========
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	15
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	16 This module depends on [LuaLDAP](http://www.keplerproject.org/lualdap/)
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	17 for connecting to an LDAP server.
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	18
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	19 Configuration
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	20 =============
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	21
29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	22 Copy the module to the prosody modules/plugins directory.
29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	23
29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	24 In Prosody's configuration file, under the desired host section, add:
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	25
1823 50d3383a2e08 mod_auth_ldap/README: Minor tweaks Kim Alvefur <zash@zash.se> parents: 1822 diff changeset	26 ``` {.lua}
50d3383a2e08 mod_auth_ldap/README: Minor tweaks Kim Alvefur <zash@zash.se> parents: 1822 diff changeset	27 authentication = "ldap"
50d3383a2e08 mod_auth_ldap/README: Minor tweaks Kim Alvefur <zash@zash.se> parents: 1822 diff changeset	28 ldap_base = "ou=people,dc=example,dc=com"
50d3383a2e08 mod_auth_ldap/README: Minor tweaks Kim Alvefur <zash@zash.se> parents: 1822 diff changeset	29 ```
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	30
1823 50d3383a2e08 mod_auth_ldap/README: Minor tweaks Kim Alvefur <zash@zash.se> parents: 1822 diff changeset	31 Further LDAP options are:
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	32
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	33 Name Description Default value
1823 50d3383a2e08 mod_auth_ldap/README: Minor tweaks Kim Alvefur <zash@zash.se> parents: 1822 diff changeset	34 ---------------- ---------------------------------------------------------------------------------------------------------------------- --------------------
50d3383a2e08 mod_auth_ldap/README: Minor tweaks Kim Alvefur <zash@zash.se> parents: 1822 diff changeset	35 ldap\_base LDAP base directory which stores user accounts Required field
50d3383a2e08 mod_auth_ldap/README: Minor tweaks Kim Alvefur <zash@zash.se> parents: 1822 diff changeset	36 ldap\_server Space-separated list of hostnames or IPs, optionally with port numbers (e.g. "localhost:8389") `"localhost"`
2055 2c6d84fb82d9 mod_auth_ldap/README: Move hint out of code span Kim Alvefur <zash@zash.se> parents: 1987 diff changeset	37 ldap\_rootdn The distinguished name to auth against `""` (anonymous)
1823 50d3383a2e08 mod_auth_ldap/README: Minor tweaks Kim Alvefur <zash@zash.se> parents: 1822 diff changeset	38 ldap\_password Password for rootdn `""`
50d3383a2e08 mod_auth_ldap/README: Minor tweaks Kim Alvefur <zash@zash.se> parents: 1822 diff changeset	39 ldap\_filter Search filter, with `$user` and `$host` substituded for user- and hostname `"(uid=$user)"`
1987 6d7699eda594 mod_auth_ldap: Change default of ldap_scope from onelevel to subtree which seems to match many deployments Kim Alvefur <zash@zash.se> parents: 1824 diff changeset	40 ldap\_scope Search scope. other values: "base" and "onelevel" `"subtree"`
1823 50d3383a2e08 mod_auth_ldap/README: Minor tweaks Kim Alvefur <zash@zash.se> parents: 1822 diff changeset	41 ldap\_tls Enable TLS (StartTLS) to connect to LDAP (can be true or false). The non-standard 'LDAPS' protocol is not supported. `false`
50d3383a2e08 mod_auth_ldap/README: Minor tweaks Kim Alvefur <zash@zash.se> parents: 1822 diff changeset	42 ldap\_mode How passwords are validated. `"bind"`
2056 e16593e7d482 mod_auth_ldap: Add support for having admin status indicated in LDAP Kim Alvefur <zash@zash.se> parents: 2055 diff changeset	43 ldap\_admins Search filter to match admins, works like ldap\_scope
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	44
1824 8435e1766054 mod_auth_ldap/README: Fix missing word and more markdown syntax tweaks Kim Alvefur <zash@zash.se> parents: 1823 diff changeset	45 Note: lua-ldap reads from `/etc/ldap/ldap.conf` and other files like
1823 50d3383a2e08 mod_auth_ldap/README: Minor tweaks Kim Alvefur <zash@zash.se> parents: 1822 diff changeset	46 `~prosody/.ldaprc` if they exist. Users wanting to use a particular TLS
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	47 root certificate can specify it in the normal way using TLS\_CACERT in
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	48 the OpenLDAP config file.
29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	49
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	50 Modes
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	51 =====
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	52
1824 8435e1766054 mod_auth_ldap/README: Fix missing word and more markdown syntax tweaks Kim Alvefur <zash@zash.se> parents: 1823 diff changeset	53 The `"getpasswd"` mode requires plain text access to passwords in LDAP
8435e1766054 mod_auth_ldap/README: Fix missing word and more markdown syntax tweaks Kim Alvefur <zash@zash.se> parents: 1823 diff changeset	54 and feeds them into Prosodys authentication system. This enables more
8435e1766054 mod_auth_ldap/README: Fix missing word and more markdown syntax tweaks Kim Alvefur <zash@zash.se> parents: 1823 diff changeset	55 secure authentication mechanisms but does not work for all deployments.
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	56
1824 8435e1766054 mod_auth_ldap/README: Fix missing word and more markdown syntax tweaks Kim Alvefur <zash@zash.se> parents: 1823 diff changeset	57 The `"bind"` mode performs an LDAP bind, does not require plain text
8435e1766054 mod_auth_ldap/README: Fix missing word and more markdown syntax tweaks Kim Alvefur <zash@zash.se> parents: 1823 diff changeset	58 access to passwords but limits you to the PLAIN authentication
8435e1766054 mod_auth_ldap/README: Fix missing word and more markdown syntax tweaks Kim Alvefur <zash@zash.se> parents: 1823 diff changeset	59 mechanism.
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	60
1803 4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	61 Compatibility
4d73a1a6ba68 Convert all wiki pages to Markdown Kim Alvefur <zash@zash.se> parents: 1782 diff changeset	62 =============
1782 29f3d6b7ad16 Import wiki pages Kim Alvefur <zash@zash.se> parents: diff changeset	63
1823 50d3383a2e08 mod_auth_ldap/README: Minor tweaks Kim Alvefur <zash@zash.se> parents: 1822 diff changeset	64 Works with 0.8 and later.

Mercurial > prosody-modules

annotate mod_auth_ldap/README.markdown @ 2670:6e01878103c0