| 123456789101112131415161718192021222324252627282930313233343536373839 |
- [httpd_global_handlers]
- _session = {ldap_auth, handle_session_req}
- [httpd]
- authentication_handlers = {couch_httpd_auth, cookie_authentication_handler}, {ldap_auth, handle_basic_auth_req}, {ldap_auth, handle_admin_role}
- [ldap_auth]
- ; NOTE: for all of the following configurations, if the key is suffixed in "DN", ldap_auth
- ; will expect you to provide a real LDAP Distinguished Name.
- ; Enable SSL to the LDAP server.
- UseSsl = false
- ; The LDAP server to use for searches and authentication.
- LdapServer = ldap.example.com
- ; The DN to narrow the scope of searches for users and groups.
- BaseDN = DC=example,DC=com
- ; ldap_auth will use this user DN and password to search for users trying to authenticate.
- ; if you have anonymous LDAP queries enabled (not reccomended) you may simply provide the
- ; `anon` CN and a blank password.
- SearchUserDN = CN=ldapsearch,CN=Users,DC=example,DC=com
- SearchUserPassword = ldapsearch_password_here
- ; On ActiveDirectory, you might choose from:
- ; - sAMAccountName, e.g. jsmith
- ; - userPrincipalName, e.g. jsmith@example.com
- ; NOTE: if you use userPrincipalName, be sure to URL-encode the username when using basic auth.
- ; e.g. http://jsmith%40example.com:password@example.com:5984
- UserDNMapAttr = sAMAccountName
- ; The LDAP attribute of the group to use as the role name.
- GroupDNMapAttr = name
- ; The role to grant system administrative privileges to.
- ; If you include {ldap_auth, handle_admin_role} in your authentication_handlers, it will
- ; grant the system admin role to anyone who has this role assigned. BE CAREFUL.
- SystemAdminRoleName = admin
|
