rename ubc-enc2b2 to ubc-enc2bl02
[mirror/dsa-puppet.git] / modules / dacs / files / common / dacs.conf
1 <Configuration xmlns="http://dss.ca/dacs/v1.4">
2
3  <Default>
4    FEDERATION_DOMAIN "debian.org"
5    FEDERATION_NAME "DEBIANORG"
6    EVAL ${Conf::JURISDICTION_AUTHSERVER}="sso.debian.org"
7    LOG_LEVEL "notice"
8  </Default>
9  <Jurisdiction uri="*.debian.org">
10    JURISDICTION_NAME "DEBIAN"
11    ADMIN_IDENTITY "DEBIAN:zobel"
12    <Auth id="guest-apache-htpasswd">
13      URL "https://sso.debian.org/cgi-bin/dacs/local_apache_authenticate"
14      STYLE "pass"
15      CONTROL "sufficient"
16      OPTION "AUTH_FILE=/etc/apache2/dsa-guest-web-passwords"
17      OPTION "AUTH_MODULE=mod_auth"
18    </Auth>
19
20    <Auth id="debian-apache-htpasswd">
21      URL "https://sso.debian.org/cgi-bin/dacs/local_apache_authenticate"
22      STYLE "pass"
23      CONTROL "required"
24      OPTION "AUTH_FILE=/var/lib/misc/thishost/web-passwords"
25      OPTION "AUTH_MODULE=mod_auth"
26    </Auth>
27
28 <!--
29    <Auth id="ldap">
30      URL "https://sso.debian.org/cgi-bin/dacs/local_ldap_authenticate"
31      STYLE "password"
32      CONTROL "required"
33      LDAP_BIND_METHOD "direct"
34      LDAP_USERNAME_URL* '"ldap://127.0.0.1/uid=" \
35         . encode(url, ${Args::USERNAME}) . ",ou=users,dc=debian,dc=org"'
36      LDAP_USERNAME_EXPR* '"${LDAP::uid}"'
37      LDAP_ROLES_SELECTOR* '"${LDAP::attrname}" eq "supplementaryGid" \
38        ? strtr(ldap(rdn_attrvalue, \
39            ldap(dn_index, "${LDAP::attrvalue}", 1)), " ", "_") \
40        : 0'
41    </Auth>
42  -->
43  </Jurisdiction>
44 </Configuration>