Google Git
Sign in
apache / whimsy / a17b5b15321199db72d254c9aec4fe4d7001eca7 / . / docker-config / 25-authz_ldap_group_membership.conf
blob: 1ce8054ea8c117276b1c26c8af55105c1fe9f460 [file] [log] [blame]
# LDAP Authentication: check for valid user
<AuthnProviderAlias ldap ldap-people>
AuthLDAPUrl "ldaps://<%= ldaphosts %>/ou=people,dc=apache,dc=org?uid"
AuthLDAPBindDN <%= ldapbinddn %>
AuthLDAPBindPassword "<%= ldapbindpw %>"
AuthLDAPRemoteUserAttribute uid
</AuthnProviderAlias>
# LDAP alias: ASF member
<AuthzProviderAlias ldap-group ldap-alias-member cn=member,ou=groups,dc=apache,dc=org>
AuthLDAPUrl "ldaps://<%= ldaphosts %>/ou=people,dc=apache,dc=org?uid"
AuthLDAPBindDN <%= ldapbinddn %>
AuthLDAPBindPassword "<%= ldapbindpw %>"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN Off
AuthLDAPMaxSubGroupDepth 0
</AuthzProviderAlias>
# LDAP alias: ASF committer
<AuthzProviderAlias ldap-group ldap-alias-committer cn=committers,ou=role,ou=groups,dc=apache,dc=org>
AuthLDAPUrl "ldaps://<%= ldaphosts %>/ou=people,dc=apache,dc=org?uid"
AuthLDAPBindDN <%= ldapbinddn %>
AuthLDAPBindPassword "<%= ldapbindpw %>"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
AuthLDAPMaxSubGroupDepth 0
</AuthzProviderAlias>
# LDAP alias: PMC chair
<AuthzProviderAlias ldap-group ldap-alias-pmc-chair cn=pmc-chairs,ou=groups,ou=services,dc=apache,dc=org>
AuthLDAPUrl "ldaps://<%= ldaphosts %>/ou=people,dc=apache,dc=org?uid"
AuthLDAPBindDN <%= ldapbinddn %>
AuthLDAPBindPassword "<%= ldapbindpw %>"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
AuthLDAPMaxSubGroupDepth 0
</AuthzProviderAlias>
# LDAP alias: Incubator PMC
<AuthzProviderAlias ldap-group ldap-alias-incubator-pmc cn=incubator,ou=project,ou=groups,dc=apache,dc=org>
AuthLDAPUrl "ldaps://<%= ldaphosts %>/ou=people,dc=apache,dc=org?uid"
AuthLDAPBindDN <%= ldapbinddn %>
AuthLDAPBindPassword "<%= ldapbindpw %>"
AuthLDAPGroupAttribute owner
AuthLDAPGroupAttributeIsDN on
AuthLDAPMaxSubGroupDepth 0
</AuthzProviderAlias>
# LDAP alias: Secretary
<AuthzProviderAlias ldap-group ldap-alias-secretary cn=asf-secretary,ou=groups,ou=services,dc=apache,dc=org>
AuthLDAPUrl "ldaps://<%= ldaphosts %>/ou=people,dc=apache,dc=org?uid"
AuthLDAPBindDN <%= ldapbinddn %>
AuthLDAPBindPassword "<%= ldapbindpw %>"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
AuthLDAPMaxSubGroupDepth 0
</AuthzProviderAlias>
# LDAP alias: infrastructure
<AuthzProviderAlias ldap-group ldap-alias-infrastructure cn=infrastructure,ou=groups,ou=services,dc=apache,dc=org>
AuthLDAPUrl "ldaps://ldap-us.apache.org:636 ldap-eu.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPBindDN cn=nss_p6,ou=users,ou=services,dc=apache,dc=org
AuthLDAPBindPassword "exec:/usr/bin/asfldapsearch --pwd"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
AuthLDAPMaxSubGroupDepth 0
</AuthzProviderAlias>
# LDAP alias: apldap
<AuthzProviderAlias ldap-group ldap-alias-apldap cn=apldap,ou=groups,ou=services,dc=apache,dc=org>
AuthLDAPUrl "ldaps://ldap-us.apache.org:636 ldap-eu.apache.org:636/ou=people,dc=apache,dc=org?uid"
AuthLDAPBindDN cn=nss_p6,ou=users,ou=services,dc=apache,dc=org
AuthLDAPBindPassword "exec:/usr/bin/asfldapsearch --pwd"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
AuthLDAPMaxSubGroupDepth 0
</AuthzProviderAlias>