On Friday, October 14, 2011 3:39:07 PM UTC+2, Wiz of Id wrote: > > On Fri, Oct 14, 2011 at 3:32 PM, Marius Mårnes Mathiesen > <[email protected]> wrote: > > On Fri, Oct 14, 2011 at 3:10 PM, Wiz of Id <[email protected]> wrote: > >> > >> Hello, > >> is there any plan to have authenticated bind? > >> I was really excited about the oh-so-wanted feature about LDAP > integration > >> in Gitorious... just to found nowhere in the configuration file any > hints of > >> binding other than anonymous... :( > > > > Hi, > > Did you try it? I'm no LDAP expert, but the current implementation will > use > > the supplied credentials to bind. > > Theese are sweet news to me, but I'm not sure of which configuration > property I have to use for that purpose... >
Wait, did you mean that the current implementation will use the credentials supplied by an user trying log in in Gitorious, to authenticate Gitorious on the LDAP server? I guess that won't work in a real environment... I'd expect some dedicated configuration properties like the "auth" portion in the script by IronMania, and then Gitorious should bind to the LDAP server using a user like "simpleUserThatAuthenticatesButDoesntEdit" just like in this configuration sample from my installation of Trac + LDAP plugin: enable = true use_tls = false host = localhost port = 10389 basedn = dc=mycompany,dc=intranet bind_user = cn=userWhoCanBind,dc=mycompany,dc=intranet bind_passwd = thePasswdThatCanBind global_perms = false group_bind = true group_rdn = ou=MyGroup groupattr = cn groupmember = memberUid groupmemberisdn = false groupname = posixGroup manage_groups = true permattr = tracperm permfilter = (tracperm=*) store_bind = true uidattr = uid user_rdn = ou=Developers name = cn email = email -- To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected]
