modules/dacs/files/common/dacs.conf

   1 <Configuration xmlns="http://dss.ca/dacs/v1.4">
   2
   3  <Default>
   4    FEDERATION_DOMAIN "debian.org"
   5    FEDERATION_NAME "DEBIANORG"
   6    EVAL ${Conf::JURISDICTION_AUTHSERVER}="sso.debian.org"
   7    LOG_LEVEL "info"
   8  </Default>
   9  <Jurisdiction uri="*.debian.org">
  10    JURISDICTION_NAME "DEBIAN"
  11    ADMIN_IDENTITY "DEBIAN:zobel"
  12    <Auth id="guest-apache-htpasswd">
  13      URL "https://sso.debian.org/cgi-bin/dacs/local_apache_authenticate"
  14      STYLE "pass"
  15      CONTROL "sufficient"
  16      OPTION "AUTH_FILE=/etc/apache2/dsa-guest-web-passwords"
  17      OPTION "AUTH_MODULE=mod_auth"
  18    </Auth>
  19    <Auth id="debian-apache-htpasswd">
  20      URL "https://sso.debian.org/cgi-bin/dacs/local_apache_authenticate"
  21      STYLE "pass"
  22      CONTROL "required"
  23      OPTION "AUTH_FILE=/var/lib/misc/thishost/web-passwords"
  24      OPTION "AUTH_MODULE=mod_auth"
  25    </Auth>
  26
  27    <!-- Authenticate using an LDAP bind
  28    <Auth id="ldap">
  29      URL "https://sso.debian.org/cgi-bin/dacs/local_ldap_authenticate"
  30      STYLE "password"
  31      CONTROL "required"
  32      LDAP_BIND_METHOD "direct"
  33      LDAP_USERNAME_URL* '"ldap://127.0.0.1/uid=" \
  34         . encode(url, ${Args::USERNAME}) . ",ou=users,dc=debian,dc=org"'
  35      LDAP_USERNAME_EXPR* '"${LDAP::uid}"'
  36      LDAP_ROLES_SELECTOR* '"${LDAP::attrname}" eq "supplementaryGid" \
  37        ? strtr(ldap(rdn_attrvalue, \
  38            ldap(dn_index, "${LDAP::attrvalue}", 1)), " ", "_") \
  39        : 0'
  40    </Auth>
  41         -->
  42  </Jurisdiction>
  43 </Configuration>