Merge branch '2.4.1/7421-connexion_ldap/master'
This commit is contained in:
commit
401edf3743
|
@ -3,6 +3,7 @@
|
|||
<files>
|
||||
<service type='service'>opennebula-sunstone</service>
|
||||
<file filelist='onefrontend' name='/etc/one/sunstone-server.conf' rm='True' mkdir='True'/>
|
||||
<file filelist='onefrontend' name='/etc/one/auth/ldap_auth.conf' source='sunstone-ldap_auth.conf' rm='True' mkdir='True'/>
|
||||
<service_access service='sunstone'>
|
||||
<port port_type="SymLinkOption">port_sunstone</port>
|
||||
<port port_type="SymLinkOption">vnc_proxy_port_sunstone</port>
|
||||
|
@ -26,9 +27,7 @@
|
|||
<variable name='langue_sunstone' type='string' description="Langue par défaut de l'interface" mode='expert'>
|
||||
<value>fr_FR</value>
|
||||
</variable>
|
||||
<variable name='sunstone_auth' type='string' description="Mode d'authentification des utilisateurs" mode='expert'>
|
||||
<value>sunstone</value>
|
||||
</variable>
|
||||
<variable name='sunstone_auth_modes' type='string' description="Modes supplémentaires d'authentification des utilisateurs" mode='expert' multi='True' />
|
||||
</family>
|
||||
</variables>
|
||||
|
||||
|
@ -36,6 +35,9 @@
|
|||
<fill name='calc_val' target='ip_sunstone'>
|
||||
<param type='eole' name='valeur'>adresse_ip_eth0</param>
|
||||
</fill>
|
||||
<check name='valid_enum' target='sunstone_auth_modes'>
|
||||
<param>['ldap']</param>
|
||||
</check>
|
||||
<condition name='disabled_if_in' source='activer_onefrontend'>
|
||||
<param>non</param>
|
||||
<!--target type='filelist'>onefrontend</target-->
|
||||
|
|
|
@ -0,0 +1,36 @@
|
|||
%if 'ldap' in %%getVar('sunstone_auth_modes')
|
||||
server 1:
|
||||
# Ldap user able to query, if not set connects as anonymous. For
|
||||
# Active Directory append the domain name. Example:
|
||||
# Administrator@my.domain.com
|
||||
#:user: 'admin'
|
||||
#:password: 'password'
|
||||
|
||||
# Ldap authentication method
|
||||
|
||||
# Ldap server
|
||||
:host: %%adresse_ip_ldap
|
||||
%if %%getVar('ldap_tls', 'non') == 'oui'
|
||||
:auth_method: :simple_tls
|
||||
:port: 636
|
||||
%else
|
||||
:auth_method: :simple
|
||||
:port: 389
|
||||
%end if
|
||||
|
||||
# base hierarchy where to search for users and groups
|
||||
:base: %%ldap_base_dn
|
||||
|
||||
# group the users need to belong to. If not set any user will do
|
||||
#:group: 'cn=cloud,ou=groups,dc=domain'
|
||||
|
||||
# field that holds the user name, if not set 'cn' will be used
|
||||
:user_field: 'uid'
|
||||
|
||||
# for Active Directory use this user_field instead
|
||||
#:user_field: 'sAMAccountName'
|
||||
|
||||
# List the order the servers are queried
|
||||
:order:
|
||||
- server 1
|
||||
%end if
|
|
@ -65,7 +65,11 @@
|
|||
# driver defined for the user
|
||||
#
|
||||
#:auth: sunstone
|
||||
:auth: %%sunstone_auth
|
||||
%if %%getVar('sunstone_auth_modes', []) == []
|
||||
:auth: sunstone
|
||||
%else
|
||||
:auth: opennebula
|
||||
%end if
|
||||
|
||||
# Authentication driver to communicate with OpenNebula core
|
||||
# cipher, for symmetric cipher encryption of tokens
|
||||
|
|
Loading…
Reference in New Issue