[brooklyn-docs] branch master updated: Adding user_name_regex config key doc

Fri, 03 Sep 2021 11:26:49 -0700 

This is an automated email from the ASF dual-hosted git repository.

iuliana pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/brooklyn-docs.git


The following commit(s) were added to refs/heads/master by this push:
     new 9ca0cee  Adding user_name_regex config key doc
     new b580427  Merge pull request #337 from 
jcabrerizo/feature/ladp/userName-regex
9ca0cee is described below

commit 9ca0ceec1c2929a9c9101f2335e78e81d26b15bc
Author: Juan Cabrerizo <[email protected]>
AuthorDate: Fri Sep 3 15:43:34 2021 +0100

    Adding user_name_regex config key doc
---
 guide/ops/configuration/brooklyn_cfg.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/guide/ops/configuration/brooklyn_cfg.md 
b/guide/ops/configuration/brooklyn_cfg.md
index f4510f5..dd97a71 100644
--- a/guide/ops/configuration/brooklyn_cfg.md
+++ b/guide/ops/configuration/brooklyn_cfg.md
@@ -135,6 +135,8 @@ will cause Brooklyn to call to an LDAP server to 
authenticate users;
 The other things you need to set in `brooklyn.cfg` are:
 
 * `brooklyn.webconsole.security.ldap.url` - ldap connection url
+* `brooklyn.webconsole.security.ldap.user_name_regex` *optional* none by 
default- regex pattern for usernames. If it's 
+  configured, non-matching usernames will be rejected without checking the 
credentials in the LDAP server  
 * `brooklyn.webconsole.security.ldap.realm` - ldap dc parameter (domain)
 * `brooklyn.webconsole.security.ldap.allowed_realms_regex` - allows multiple 
realms (domains) that match regex - username must 
   be of form domain\user
@@ -152,6 +154,8 @@ The other things you need to set in `brooklyn.cfg` are:
 
brooklyn.webconsole.security.provider=org.apache.brooklyn.rest.security.provider.LdapSecurityProvider
 
brooklyn.webconsole.security.ldap.url=ldap://localhost:10389/????X-BIND-USER=uid=admin%2cou=system,X-BIND-PASSWORD=secret,X-COUNT-LIMIT=1000
 brooklyn.webconsole.security.ldap.realm=example.com
+# username regext pattern for <DOMAIN>\<USERNAME>
+brooklyn.webconsole.security.ldap.user_name_regex=.*\\.*
 ~~~
 
 After you setup the brooklyn connection to your LDAP server, you can 
authenticate in brooklyn using your cn (e.g. John Smith) and your password.

Reply via email to