This repository has been archived by the owner on Oct 16, 2018. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauth.cfg.php.sample
54 lines (39 loc) · 2.21 KB
/
auth.cfg.php.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<?php
# copy this file to auth.cfg.php and replace the example values
# below with the appropriate authentication mode and specific values for your institution
# the default setup uses the Auth_Base class to authenticate the already defined test user (see instituion.cfg.php)
# it is VERY IMPORTANT that you extend the Auth_Base class with your institution's preferred authentication flavor (ldap, kerberos, etc.)
# we have provided the Auth_LDAP class, which extends the Auth_Base class for authenticating against an LDAP server
# feel free to write a similar extension for other authentication modes (and send it to us for inclusion in our github repository)
# ---------------------------
# authentication mode: example values (e.g. test user without specific authentication mode)
# ---------------------------
# require_once('classes/auth_base.class.php');
# define('AUTH_SERVER', '');
# $AUTH = new Auth_Base();
# ---------------------------
# authentication mode: LDAP
# ---------------------------
require_once('classes/auth_LDAP.class.php');
define('AUTH_SERVER', 'ldap.institution.edu'); // e.g. ldap.acme.edu (TODO: or https://ldap.acme.edu)
define('AUTH_PORT', '123');
define('AUTH_LDAP_SEARCH_DN', 'o=institution');
define('AUTH_LDAP_USERNAME_ATTR_LABEL', 'cn');
define('AUTH_LDAP_USER_DN_ATTR_LABEL', 'dn');
define('AUTH_LDAP_FIRSTNAME_ATTR_LABEL', 'fn');
define('AUTH_LDAP_MIDDLEINITIALS_ATTR_LABEL', 'mi');
define('AUTH_LDAP_LASTNAME_ATTR_LABEL', 'sn');
define('AUTH_LDAP_FULLNAME_ATTR_LABEL', 'fullname');
define('AUTH_LDAP_EMAIL_ATTR_LABEL', 'mail');
define('AUTH_LDAP_GROUPMEMBERSHIP_ATTR_LABEL', 'groups'); // institutional groups
// If this is TRUE, be sure to set the additional constants below
define('AUTH_LDAP_DENY_ANON_BIND', FALSE);
// These define these identifiers for non-anonymous search/bind
define('AUTH_LDAP_RDN_USER', 'rdnuser');
define('AUTH_LDAP_RDN_PASS', 'rdnpass');
$AUTH = new Auth_LDAP();
# ---------------------------
# authentication mode: Kerberos
# ---------------------------
# placeholder of class extension for another authentication mode
?>