forked from GNUsocial/gnu-social
8c0601816f
For reference (raised by rozzin in IRC): * http://foldoc.org/module * http://foldoc.org/library * http://foldoc.org/plugin As noted by XRevan86, modules are not necessarily non-essential. As we will keep the modules directory in GS root [therefore, near to plugins/], it is evidenced the difference between both. This is a simple yet fundamental structural change. It doesn't change functionality but makes clearer the way we understand GNU social's internals. |
||
---|---|---|
.. | ||
locale | ||
LdapAuthenticationPlugin.php | ||
README |
The LDAP Authentication plugin allows for StatusNet to handle authentication through LDAP. Installation ============ add "addPlugin('ldapAuthentication', array('setting'=>'value', 'setting2'=>'value2', ...);" to the bottom of your config.php Settings ======== provider_name*: This is a identifier designated to the connection. It's how StatusNet will refer to the authentication source. For the most part, any name can be used, so long as each authentication source has a different identifier. In most cases there will be only one authentication source used. authoritative (false): Set to true if LDAP's responses are authoritative (if authorative and LDAP fails, no other password checking will be done). autoregistration (false): Set to true if users should be automatically created when they attempt to login. email_changeable (true): Are users allowed to change their email address? (true or false) password_changeable (true): Are users allowed to change their passwords? (true or false) password_encoding: required if users are to be able to change their passwords Possible values are: crypt, ext_des, md5crypt, blowfish, md5, sha, ssha, smd5, ad, clear host*: LDAP server name to connect to. You can provide several hosts in an array in which case the hosts are tried from left to right. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php port: Port on the server. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php version: LDAP version. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php starttls: TLS is started after connecting. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php binddn: The distinguished name to bind as (username). See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php bindpw: Password for the binddn. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php basedn*: LDAP base name (root directory). See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php options: See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php filter: Default search filter. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php scope: Default search scope. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php schema_cachefile: File location to store ldap schema. schema_maxage: TTL for cache file. attributes: an array that relates StatusNet user attributes to LDAP ones username*: LDAP attribute value entered when authenticating to StatusNet nickname*: LDAP attribute value shown as the user's nickname email fullname homepage location password: required if users are to be able to change their passwords * required default values are in (parenthesis) For most LDAP installations, the "nickname" and "username" attributes should be the same. Example ======= Here's an example of an LDAP plugin configuration that connects to Microsoft Active Directory. addPlugin('ldapAuthentication', array( 'provider_name'=>'Example', 'authoritative'=>true, 'autoregistration'=>true, 'binddn'=>'username', 'bindpw'=>'password', 'basedn'=>'OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc', 'host'=>array('server1', 'server2'), 'password_encoding'=>'ad', 'attributes'=>array( 'username'=>'sAMAccountName', 'nickname'=>'sAMAccountName', 'email'=>'mail', 'fullname'=>'displayName', 'password'=>'unicodePwd') ));