1 <Configuration xmlns="http://dss.ca/dacs/v1.4">
4 FEDERATION_DOMAIN "debian.org"
5 FEDERATION_NAME "DEBIANORG"
6 EVAL ${Conf::JURISDICTION_AUTHSERVER}="sso.debian.org"
9 <Jurisdiction uri="*.debian.org">
10 JURISDICTION_NAME "DEBIAN"
11 ADMIN_IDENTITY "DEBIAN:zobel"
12 <Auth id="guest-apache-htpasswd">
13 URL "https://sso.debian.org/cgi-bin/dacs/local_apache_authenticate"
16 OPTION "AUTH_FILE=/etc/apache2/dsa-guest-web-passwords"
17 OPTION "AUTH_MODULE=mod_auth"
19 <Auth id="debian-apache-htpasswd">
20 URL "https://sso.debian.org/cgi-bin/dacs/local_apache_authenticate"
23 OPTION "AUTH_FILE=/var/lib/misc/thishost/web-passwords"
24 OPTION "AUTH_MODULE=mod_auth"
27 <!-- Authenticate using an LDAP bind
29 URL "https://sso.debian.org/cgi-bin/dacs/local_ldap_authenticate"
32 LDAP_BIND_METHOD "direct"
33 LDAP_USERNAME_URL* '"ldap://127.0.0.1/uid=" \
34 . encode(url, ${Args::USERNAME}) . ",ou=users,dc=debian,dc=org"'
35 LDAP_USERNAME_EXPR* '"${LDAP::uid}"'
36 LDAP_ROLES_SELECTOR* '"${LDAP::attrname}" eq "supplementaryGid" \
37 ? strtr(ldap(rdn_attrvalue, \
38 ldap(dn_index, "${LDAP::attrvalue}", 1)), " ", "_") \