Loading nginx-ldap-auth.conf +23 −19 Original line number Diff line number Diff line Loading @@ -47,6 +47,7 @@ http { proxy_pass http://127.0.0.1:8888; proxy_pass_request_body off; proxy_pass_request_headers off; proxy_set_header Content-Length ""; proxy_cache auth_cache; proxy_cache_valid 200 10m; Loading Loading @@ -78,10 +79,10 @@ http { proxy_set_header X-Ldap-URL "ldap://example.com"; # (Optional) Establish a TLS-enabled LDAP session after binding to the # LDAP server. Set the value to "true: to enable. # LDAP server. # This is the 'proper' way to establish encrypted TLS connections, see # http://www.openldap.org/faq/data/cache/185.html proxy_set_header X-Ldap-Starttls ""; # Optional, do not comment #proxy_set_header X-Ldap-Starttls "true"; # (Required) Set the Base DN, by replacing the value enclosed in # double quotes. Loading @@ -96,30 +97,33 @@ http { # (Required) The following directives set the cookie name and pass # it, respectively. They are required for cookie-based # authentication. Set to empty value if using HTTP basic # authentication (do not comment). # authentication. Comment them out if using HTTP basic # authentication. proxy_set_header X-CookieName "nginxauth"; proxy_set_header Cookie nginxauth=$cookie_nginxauth; # (Optional) Uncomment if using HTTP basic authentication #proxy_set_header Authorization $http_authorization; # (Required if using Microsoft Active Directory as the LDAP server) # Set the LDAP template with "(sAMAccountName=%(username)s)" proxy_set_header X-Ldap-Template ""; # Optional, do not comment # Set the LDAP template by uncommenting the following directive. #proxy_set_header X-Ldap-Template "(sAMAccountName=%(username)s)"; # (Set to "true" if using Microsoft Active Directory and # (May be required if using Microsoft Active Directory and # getting "In order to perform this operation a successful bind # must be completed on the connection." errror) proxy_set_header X-Ldap-DisableReferrals ""; # Optional, do not comment # (Optional) # Set to "(sAMAccountName=%(username)s)" if using Microsoft Active # Directory as the LDAP server. # Set to "(cn=%(username)s)" if using OpenLDAP as the LDAP server, # which is the default set in nginx-ldap-auth-daemon.py. proxy_set_header X-Ldap-Template ""; # Optional, do not comment # (Optional) Set the realm name, e.g. "Restricted", which is the # default set in nginx-ldap-auth-daemon.py. proxy_set_header X-Ldap-Realm ""; # Optional, do not comment #proxy_set_header X-Ldap-DisableReferrals "true"; # (Optional if using OpenLDAP as the LDAP server) Set the LDAP # template by uncommenting the following directive and replacing # '(cn=%(username)s)' which is the default set in # nginx-ldap-auth-daemon.py. #proxy_set_header X-Ldap-Template "(cn=%(username)s)"; # (Optional) Set the realm name, by uncommenting the following # directive and replacing 'Restricted' which is the default set # in nginx-ldap-auth-daemon.py. #proxy_set_header X-Ldap-Realm "Restricted"; } } } Loading
nginx-ldap-auth.conf +23 −19 Original line number Diff line number Diff line Loading @@ -47,6 +47,7 @@ http { proxy_pass http://127.0.0.1:8888; proxy_pass_request_body off; proxy_pass_request_headers off; proxy_set_header Content-Length ""; proxy_cache auth_cache; proxy_cache_valid 200 10m; Loading Loading @@ -78,10 +79,10 @@ http { proxy_set_header X-Ldap-URL "ldap://example.com"; # (Optional) Establish a TLS-enabled LDAP session after binding to the # LDAP server. Set the value to "true: to enable. # LDAP server. # This is the 'proper' way to establish encrypted TLS connections, see # http://www.openldap.org/faq/data/cache/185.html proxy_set_header X-Ldap-Starttls ""; # Optional, do not comment #proxy_set_header X-Ldap-Starttls "true"; # (Required) Set the Base DN, by replacing the value enclosed in # double quotes. Loading @@ -96,30 +97,33 @@ http { # (Required) The following directives set the cookie name and pass # it, respectively. They are required for cookie-based # authentication. Set to empty value if using HTTP basic # authentication (do not comment). # authentication. Comment them out if using HTTP basic # authentication. proxy_set_header X-CookieName "nginxauth"; proxy_set_header Cookie nginxauth=$cookie_nginxauth; # (Optional) Uncomment if using HTTP basic authentication #proxy_set_header Authorization $http_authorization; # (Required if using Microsoft Active Directory as the LDAP server) # Set the LDAP template with "(sAMAccountName=%(username)s)" proxy_set_header X-Ldap-Template ""; # Optional, do not comment # Set the LDAP template by uncommenting the following directive. #proxy_set_header X-Ldap-Template "(sAMAccountName=%(username)s)"; # (Set to "true" if using Microsoft Active Directory and # (May be required if using Microsoft Active Directory and # getting "In order to perform this operation a successful bind # must be completed on the connection." errror) proxy_set_header X-Ldap-DisableReferrals ""; # Optional, do not comment # (Optional) # Set to "(sAMAccountName=%(username)s)" if using Microsoft Active # Directory as the LDAP server. # Set to "(cn=%(username)s)" if using OpenLDAP as the LDAP server, # which is the default set in nginx-ldap-auth-daemon.py. proxy_set_header X-Ldap-Template ""; # Optional, do not comment # (Optional) Set the realm name, e.g. "Restricted", which is the # default set in nginx-ldap-auth-daemon.py. proxy_set_header X-Ldap-Realm ""; # Optional, do not comment #proxy_set_header X-Ldap-DisableReferrals "true"; # (Optional if using OpenLDAP as the LDAP server) Set the LDAP # template by uncommenting the following directive and replacing # '(cn=%(username)s)' which is the default set in # nginx-ldap-auth-daemon.py. #proxy_set_header X-Ldap-Template "(cn=%(username)s)"; # (Optional) Set the realm name, by uncommenting the following # directive and replacing 'Restricted' which is the default set # in nginx-ldap-auth-daemon.py. #proxy_set_header X-Ldap-Realm "Restricted"; } } }
