diff options
| author | James Moger <james.moger@gitblit.com> | 2013-11-24 23:18:50 -0500 |
|---|---|---|
| committer | James Moger <james.moger@gitblit.com> | 2013-11-29 11:05:51 -0500 |
| commit | 04a98505a4ab8f48aee22800fcac193d9367d0ae (patch) | |
| tree | eb05bc77eeafda1c5b7af9d7b5b27012065f7a98 /src/main/distrib | |
| parent | f8f6aa4d07cdfaaf23e24bf9eaf0a5fb9b437dda (diff) | |
| download | gitblit-04a98505a4ab8f48aee22800fcac193d9367d0ae.tar.gz gitblit-04a98505a4ab8f48aee22800fcac193d9367d0ae.zip | |
Refactor user services and separate authentication (issue-281)
Change-Id: I336e005e02623fc5e11a4f8b4408bea5465a43fd
Diffstat (limited to 'src/main/distrib')
| -rw-r--r-- | src/main/distrib/data/gitblit.properties | 98 |
1 files changed, 20 insertions, 78 deletions
diff --git a/src/main/distrib/data/gitblit.properties b/src/main/distrib/data/gitblit.properties index 92427e51..edfa1c4c 100644 --- a/src/main/distrib/data/gitblit.properties +++ b/src/main/distrib/data/gitblit.properties @@ -562,17 +562,8 @@ web.allowCookieAuthentication = true web.projectsFile = ${baseFolder}/projects.conf
# Either the full path to a user config file (users.conf)
-# OR the full path to a simple user properties file (users.properties)
# OR a fully qualified class name that implements the IUserService interface.
#
-# Alternative user services:
-# com.gitblit.LdapUserService
-# com.gitblit.RedmineUserService
-# com.gitblit.SalesforceUserService
-# com.gitblit.WindowsUserService
-# com.gitblit.PAMUserService
-# com.gitblit.HtpasswdUserService
-#
# Any custom user service implementation must have a public default constructor.
#
# SINCE 0.5.0
@@ -580,6 +571,25 @@ web.projectsFile = ${baseFolder}/projects.conf # BASEFOLDER
realm.userService = ${baseFolder}/users.conf
+# Ordered list of external authentication providers which will be used if
+# authentication against the local user service fails.
+#
+# Valid providers are:
+#
+# htpasswd
+# ldap
+# pam
+# redmine
+# salesforce
+# windows
+
+# e.g. realm.authenticationProviders = htpasswd windows
+#
+# SINCE 1.4.0
+# RESTART REQUIRED
+# SPACE-DELIMITED
+realm.authenticationProviders =
+
# How to store passwords.
# Valid values are plain, md5, or combined-md5. md5 is the hash of password.
# combined-md5 is the hash of username.toLowerCase()+password.
@@ -1331,15 +1341,6 @@ federation.sets = # SINCE 1.3.0
realm.container.autoCreateAccounts = false
-# The WindowsUserService must be backed by another user service for standard user
-# and team management.
-# default: users.conf
-#
-# RESTART REQUIRED
-# BASEFOLDER
-# SINCE 1.3.0
-realm.windows.backingUserService = ${baseFolder}/users.conf
-
# Allow or prohibit Windows guest account logins
#
# SINCE 1.3.0
@@ -1357,30 +1358,12 @@ realm.windows.allowGuests = false # SINCE 1.3.0
realm.windows.defaultDomain =
-# The PAMUserService must be backed by another user service for standard user
-# and team management.
-# default: users.conf
-#
-# RESTART REQUIRED
-# BASEFOLDER
-# SINCE 1.3.1
-realm.pam.backingUserService = ${baseFolder}/users.conf
-
# The PAM service name for authentication.
# default: system-auth
#
# SINCE 1.3.1
realm.pam.serviceName = system-auth
-# The HtpasswdUserService must be backed by another user service for standard user
-# and team management and attributes. This can be one of the local Gitblit user services.
-# default: users.conf
-#
-# RESTART REQUIRED
-# BASEFOLDER
-# SINCE 1.3.2
-realm.htpasswd.backingUserService = ${baseFolder}/users.conf
-
# The Apache htpasswd file that contains the users and passwords.
# default: ${baseFolder}/htpasswd
#
@@ -1389,30 +1372,6 @@ realm.htpasswd.backingUserService = ${baseFolder}/users.conf # SINCE 1.3.2
realm.htpasswd.userfile = ${baseFolder}/htpasswd
-# Determines how accounts are looked up upon login.
-#
-# If set to false, then authentication for local accounts is done against
-# the backing user service.
-# If set to true, then authentication will first be checked against the
-# htpasswd store, even if the account appears as a local account in the
-# backing user service. If the user is found in the htpasswd store, then
-# an already existing local account will be turned into an external account.
-# In this case an initial local password is never used and gets overwritten
-# by the externally stored password upon login.
-# default: false
-#
-# SINCE 1.3.2
-realm.htpasswd.overrideLocalAuthentication = false
-
-# The SalesforceUserService must be backed by another user service for standard user
-# and team management.
-# default: users.conf
-#
-# RESTART REQUIRED
-# BASEFOLDER
-# SINCE 1.3.0
-realm.salesforce.backingUserService = ${baseFolder}/users.conf
-
# Restrict the Salesforce user to members of this org.
# default: 0 (i.e. do not check the Org ID)
#
@@ -1439,15 +1398,6 @@ realm.ldap.username = cn=Directory Manager # SINCE 1.0.0
realm.ldap.password = password
-# The LdapUserService must be backed by another user service for standard user
-# and team management.
-# default: users.conf
-#
-# SINCE 1.0.0
-# RESTART REQUIRED
-# BASEFOLDER
-realm.ldap.backingUserService = ${baseFolder}/users.conf
-
# Delegate team membership control to LDAP.
#
# If true, team user memberships will be specified by LDAP groups. This will
@@ -1565,14 +1515,6 @@ realm.ldap.synchronizeUsers.removeDeleted = true # For MS Active Directory this may be sAMAccountName
realm.ldap.uid = uid
-# The RedmineUserService must be backed by another user service for standard user
-# and team management.
-# default: users.conf
-#
-# RESTART REQUIRED
-# BASEFOLDER
-realm.redmine.backingUserService = ${baseFolder}/users.conf
-
# URL of the Redmine.
realm.redmine.url = http://example.com/redmine
@@ -1638,7 +1580,7 @@ server.ajpPort = 0 #
# SINCE 1.4.0
# RESTART REQUIRED
-server.redirectToHttpsPort = true
+server.redirectToHttpsPort = false
# Specify the interface for Jetty to bind the standard connector.
# You may specify an ip or an empty value to bind to all interfaces.
|