diff options
| author | Adam Strzelecki <ono@java.pl> | 2015-12-01 14:49:49 +0100 |
|---|---|---|
| committer | Adam Strzelecki <ono@java.pl> | 2015-12-02 00:20:14 +0100 |
| commit | 573305f3d3ac55a79639dcb4cc55694ad7a914a5 (patch) | |
| tree | b542b8a5446bcbdd5287212c390d9eb2816290b6 /routers | |
| parent | 7ccce4d1102508cf1f993bde31bf502eb142a991 (diff) | |
| download | gitea-573305f3d3ac55a79639dcb4cc55694ad7a914a5.tar.gz gitea-573305f3d3ac55a79639dcb4cc55694ad7a914a5.zip | |
LDAP: Optional user name attribute specification
Consider following LDAP search query example:
(&(objectClass=Person)(|(uid=%s)(mail=%s)))
Right now on first login attempt Gogs will use the text supplied on login form
as the newly created user name. In example query above the text matches against
both e-mail or user name. So if user puts the e-mail then the new Gogs user
name will be e-mail which may be undesired.
Using optional user name attribute setting we can explicitly say we want Gogs
user name to be certain LDAP attribute eg. `uid`, so even user will use e-mail
to login 1st time, the new account will receive correct user name.
Diffstat (limited to 'routers')
| -rw-r--r-- | routers/admin/auths.go | 31 |
1 files changed, 16 insertions, 15 deletions
diff --git a/routers/admin/auths.go b/routers/admin/auths.go index e264f7a8ba..baa5efe3d1 100644 --- a/routers/admin/auths.go +++ b/routers/admin/auths.go @@ -68,21 +68,22 @@ func NewAuthSource(ctx *middleware.Context) { func parseLDAPConfig(form auth.AuthenticationForm) *models.LDAPConfig { return &models.LDAPConfig{ Source: &ldap.Source{ - Name: form.Name, - Host: form.Host, - Port: form.Port, - UseSSL: form.TLS, - SkipVerify: form.SkipVerify, - BindDN: form.BindDN, - UserDN: form.UserDN, - BindPassword: form.BindPassword, - UserBase: form.UserBase, - AttributeName: form.AttributeName, - AttributeSurname: form.AttributeSurname, - AttributeMail: form.AttributeMail, - Filter: form.Filter, - AdminFilter: form.AdminFilter, - Enabled: true, + Name: form.Name, + Host: form.Host, + Port: form.Port, + UseSSL: form.TLS, + SkipVerify: form.SkipVerify, + BindDN: form.BindDN, + UserDN: form.UserDN, + BindPassword: form.BindPassword, + UserBase: form.UserBase, + AttributeUsername: form.AttributeUsername, + AttributeName: form.AttributeName, + AttributeSurname: form.AttributeSurname, + AttributeMail: form.AttributeMail, + Filter: form.Filter, + AdminFilter: form.AdminFilter, + Enabled: true, }, } } |