modules/dacs/files/common/dacs.conf

   1 <Configuration xmlns="http://dss.ca/dacs/v1.4">
   2
   3  <Default>
   4    FEDERATION_DOMAIN "debian.org"
   5    FEDERATION_NAME "DEBIANORG"
   6    EVAL ${Conf::JURISDICTION_AUTHSERVER}="sso.debian.org"
   7    LOG_LEVEL "notice"
   8  </Default>
   9  <Jurisdiction uri="*.debian.org">
  10    JURISDICTION_NAME "DEBIAN"
  11    ADMIN_IDENTITY "DEBIAN:zobel"
  12    <Auth id="guest-apache-htpasswd">
  13      URL "https://sso.debian.org/cgi-bin/dacs/local_apache_authenticate"
  14      STYLE "pass"
  15      CONTROL "sufficient"
  16      OPTION "AUTH_FILE=/etc/apache2/dsa-guest-web-passwords"
  17      OPTION "AUTH_MODULE=mod_auth"
  18    </Auth>
  19
  20    <Auth id="debian-apache-htpasswd">
  21      URL "https://sso.debian.org/cgi-bin/dacs/local_apache_authenticate"
  22      STYLE "pass"
  23      CONTROL "required"
  24      OPTION "AUTH_FILE=/var/lib/misc/thishost/web-passwords"
  25      OPTION "AUTH_MODULE=mod_auth"
  26    </Auth>
  27
  28 <!--
  29    <Auth id="ldap">
  30      URL "https://sso.debian.org/cgi-bin/dacs/local_ldap_authenticate"
  31      STYLE "password"
  32      CONTROL "required"
  33      LDAP_BIND_METHOD "direct"
  34      LDAP_USERNAME_URL* '"ldap://127.0.0.1/uid=" \
  35         . encode(url, ${Args::USERNAME}) . ",ou=users,dc=debian,dc=org"'
  36      LDAP_USERNAME_EXPR* '"${LDAP::uid}"'
  37      LDAP_ROLES_SELECTOR* '"${LDAP::attrname}" eq "supplementaryGid" \
  38        ? strtr(ldap(rdn_attrvalue, \
  39            ldap(dn_index, "${LDAP::attrvalue}", 1)), " ", "_") \
  40        : 0'
  41    </Auth>
  42  -->
  43  </Jurisdiction>
  44 </Configuration>