FEDERATION_DOMAIN "debian.org"
FEDERATION_NAME "DEBIANORG"
EVAL ${Conf::JURISDICTION_AUTHSERVER}="sso.debian.org"
LOG_LEVEL "info"
JURISDICTION_NAME "DEBIAN"
ADMIN_IDENTITY "DEBIAN:zobel"
URL "https://sso.debian.org/cgi-bin/dacs/local_apache_authenticate"
STYLE "pass"
CONTROL "sufficient"
OPTION "AUTH_FILE=/etc/apache2/dsa-guest-web-passwords"
OPTION "AUTH_MODULE=mod_auth"
URL "https://sso.debian.org/cgi-bin/dacs/local_ldap_authenticate"
STYLE "password"
CONTROL "required"
LDAP_BIND_METHOD "direct"
LDAP_USERNAME_URL* '"ldap://127.0.0.1/uid=" \
. encode(url, ${Args::USERNAME}) . ",ou=users,dc=debian,dc=org"'
LDAP_USERNAME_EXPR* '"${LDAP::uid}"'
LDAP_ROLES_SELECTOR* '"${LDAP::attrname}" eq "supplementaryGid" \
? strtr(ldap(rdn_attrvalue, \
ldap(dn_index, "${LDAP::attrvalue}", 1)), " ", "_") \
: 0'