/[soft]/identity/CatDap/trunk/catdap.yml
ViewVC logotype

Contents of /identity/CatDap/trunk/catdap.yml

Parent Directory Parent Directory | Revision Log Revision Log


Revision 232 - (show annotations) (download)
Thu Jan 6 20:03:09 2011 UTC (13 years, 2 months ago) by misc
File size: 4965 byte(s)
merge r124 from live
1 # This is the default configuration for CatDap. You should not need to
2 # modify it, unless you actually want to fix some default behaviour
3 # that is configured below
4 #
5 # For site-specific configuration, copy this file (catdap.yml) to
6 # have a _local suffix (catdap_local.yml) and make your changes there.
7 # Note that you only need to keep configuration sections that differ,
8 # the rest will be inherited
9
10 name: CatDap
11 default_view: Web
12
13 organisation: Mageia
14 project_url: http://www.mageia.org/
15 apptitle: Mageia Identity Management
16 emailfrom: noreply@mageia.org
17
18 Model::Proxy:
19 base: ou=People,dc=mageia,dc=org
20 dn: cn=catdap,ou=System Accounts,dc=mageia,dc=org
21 password: FIXME
22 host: ldap.mageia.org
23 start_tls: 1
24 options:
25 inet6: 1
26
27 # dn and password should not be required here, we rebind with credentials
28 # from the authenticated user using Model::LDAP::FromAuthentication
29 Model::User:
30 base: dc=mageia,dc=org
31 host: ldap.mageia.org
32 start_tls: 1
33
34 register:
35 login_blacklist:
36 - apache
37
38 authentication:
39 default_realm: ldap
40 realms:
41 ldap:
42 credential:
43 class: Password
44 password_field: password
45 password_type: self_check
46 store:
47 class: LDAP
48 ldap_server: 'ldap.mageia.org'
49 ldap_server_options:
50 inet6: 1
51 start_tls: 1
52 binddn: cn=catdap,ou=System Accounts,dc=mageia,dc=org
53 bindpw: FIXME
54 user_basedn: "ou=people,dc=mageia,dc=org"
55 user_filter: '(&(objectClass=inetOrgPerson)(uid=%s))'
56 user_scope: 'one'
57 user_field: 'uid'
58 use_roles: 1
59 role_basedn: 'dc=mageia,dc=org'
60 role_scope: 'sub'
61 role_field: 'cn'
62 role_value: 'dn'
63 role_filter: '(member=%s)'
64 role_search_as_user: 1
65
66 Controller::User:
67 # Attributes that the user can edit. Attributes present but not listed here
68 # will be show (if not in skip_attrs), but the form will not allow editing.
69 # Note that the actual access contols should be implemented on the LDAP side,
70 # that is where they belong, or you are being inconsistent if users have other
71 # means to access LDAP
72 editable_attrs:
73 - cn
74 - sn
75 - givenName
76 - mail
77 - mobile
78 - roomNumber
79 - secretary
80 - mailForwardingAddress
81 - sshPublicKey
82
83 # Currently not used, we only respect editable_attrs
84 uneditable_attrs:
85 - uid
86 # - uidNumber
87 # - gidNumber
88 # - homeDirectory
89 # - host
90 # - manager
91 # - krb5PrincipalName
92 # List of attributes which are not displayed at all in the user view
93 skip_attrs:
94 - objectClass
95 - krb5Key
96 - sambaMungedDial
97 - sambaPasswordHistory
98 - userPassword
99 - sambaLMPassword
100 - sambaNTPassword
101 - sambaPwdMustChange
102 - sambaSID
103 - sambaPrimaryGroupSID
104 - sambaAcctFlags
105 - sambaPwdCanChange
106 - sambaPwdLastSet
107 - sambaKickOffTime
108 - sambaUserWorkstations
109 - sambaLogonTime
110 - krb5KeyVersionNumber
111 - krb5PasswordEnd
112 - krb5MaxLife
113 - krb5MaxRenew
114 - krb5KDCFlags
115 - shadowLastChange
116 - shadowWarning
117 - shadowMax
118 - shadowMin
119 - shadowInactive
120 - shadowExpire
121 - shadowFlag
122
123 Plugin::Captcha:
124 new:
125 gd_font: giant
126 width: 100
127 height: 40
128 lines: 7
129
130 create:
131 - normal
132 - rect
133
134 particle:
135 - 100
136
137 gd_font: giant
138
139 Plugin::Session:
140 expires: 600
141

  ViewVC Help
Powered by ViewVC 1.1.30