Skip to content
Snippets Groups Projects

Add LDAP auth role

Merged Mike Davis requested to merge feature/ldap-auth into master
All threads resolved!

Adds a new role that enables LDAP auth for Greenlight. It uses OpenLDAP for credential storage.

It still needs work, would appreciate some comments.

Edited by Neil Muller

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Neil Muller
  • Neil Muller
  • Overall, this looks pretty good.

    I'm not sure we need the greenlight-users ou here - we're only using this for greenlight, and it doesn't actually care about the hierarchy, just the names. I would just create ou's for the roles we want - Admin, Speakers and Users/Guest and leave it at that.

  • Mike Davis added 1 commit

    added 1 commit

    • 96b7a21e - Split LDAP client and server into separate roles + Disable PHPLDAPADMIN + Parameterise DNs

    Compare with previous version

  • Mike Davis added 1 commit

    added 1 commit

    • ae093c84 - Fix docker vs ufw issue + parameterise ldap server hostname

    Compare with previous version

  • Mike Davis added 1 commit

    added 1 commit

    • 4bc7e7b6 - Re-enable PHP LDAP admin + allow LDAP from local ranges

    Compare with previous version

  • Mike Davis added 1 commit

    added 1 commit

    • 6f37796d - Switch Greenlight registration mode to 'open' because LDAP mode doesn't allow invites etc

    Compare with previous version

  • Mike Davis added 1 commit

    added 1 commit

    • 6c7988ba - User lowercase ou entries because Greenlight needs an exact match + replace...

    Compare with previous version

  • Neil Muller approved this merge request

    approved this merge request

  • Mike Davis added 5 commits

    added 5 commits

    • 28e21b63 - Change to za.pycon.org domain
    • f7e21674 - Use API_BASE_URL instead of BASE_URL in bbb exporter secrets env file
    • f93614af - Use LDAP businessCategory attribute instead of ou attribute, for role mapping
    • 28146213 - Use hostvars hostname for the respective /etc/hosts entries instead of the...
    • 63ca369c - Add /api/ to the end of the API_BASE_URL for bbb exporter

    Compare with previous version

  • Mike Davis added 3 commits

    added 3 commits

    Compare with previous version

  • Neil Muller resolved all threads

    resolved all threads

  • Neil Muller unmarked as a Work In Progress

    unmarked as a Work In Progress

  • Neil Muller mentioned in commit 87d9e775

    mentioned in commit 87d9e775

  • merged

  • Please register or sign in to reply
    Loading