-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Authentication
Simon Bartlett edited this page Feb 3, 2015
·
25 revisions
We support three methods of authentication
- Local
- Kerberos
- LDAP
To configure which authentication are used, modify the auth.providers property.
The following activates only local authentication.
auth:
providers: [local]
This activates both Kerberos and local authentication:
auth:
providers: [kerberos, local]
The order in which providers are listed matters; as a user tries to authenticate, they will be autheicated against each provider in the order they're listed.
auth:
local:
enable_registration: true
password_regex: ^.{8,64}$
auth:
kerberos:
realm: example.com
use_ldap_authorization: false
ldap:
# Use same settings as LDAP authentication below.
ldap:
connect_settings:
url: ldap://example.com
# tlsOptions:
# ca: ca.pem
server_certs: []
bind_options:
bindDN:
bindCredentials:
search:
base:
opts:
scope: one
filter: (uid={{username}})
attributes: []
field_mappings:
uid: uid
firstName: givenName
lastName: sn
displayName: givenName
email: mail
auth:
login_throttling:
enable: true
login_attempts_before_throttling: 3