|
2397.1.1
by Daniel Nichter
Skeleton documentation for all plugins, more complete docu for first half of plugins. |
1 |
LDAP Authentication
|
2 |
===================
|
|
3 |
||
4 |
:program:`auth_ldap` is an authentication plugin that authenticates connections |
|
5 |
using an :abbr:`LDAP (Lightweight Directory Access Protocol)` server. An |
|
6 |
LDAP server is required to provide authentication. |
|
7 |
||
8 |
.. note:: Unload the :doc:`/plugins/auth_all/index` plugin before using this plugin. |
|
9 |
.. seealso:: :doc:`/administration/authentication` |
|
10 |
||
11 |
.. _auth_ldap_loading: |
|
12 |
||
13 |
Loading
|
|
14 |
-------
|
|
15 |
||
16 |
To load this plugin, start :program:`drizzled` with:: |
|
17 |
||
18 |
--plugin-add=auth_ldap
|
|
19 |
||
20 |
Loading the plugin may not enable or configure it. See the plugin's |
|
21 |
:ref:`auth_ldap_configuration` and :ref:`auth_ldap_variables`. |
|
22 |
||
23 |
.. seealso:: :doc:`/options` for more information about adding and removing plugins. |
|
24 |
||
25 |
.. _auth_ldap_configuration: |
|
26 |
||
27 |
Configuration
|
|
28 |
-------------
|
|
29 |
||
30 |
These command line options configure the plugin when :program:`drizzled` |
|
31 |
is started. See :doc:`/configuration` for more information about specifying |
|
32 |
command line options. |
|
33 |
||
34 |
.. program:: drizzled |
|
35 |
||
36 |
.. option:: --auth-ldap.base-dn ARG |
|
37 |
||
38 |
:Default:
|
|
39 |
:Variable: :ref:`auth_ldap_base_dn <auth_ldap_base_dn>` |
|
40 |
||
41 |
DN to use when searching. |
|
42 |
||
43 |
.. option:: --auth-ldap.bind-db ARG |
|
44 |
||
45 |
:Default:
|
|
46 |
:Variable: :ref:`auth_ldap_bind_dn <auth_ldap_bind_dn>` |
|
47 |
||
48 |
DN to use when binding to the LDAP server. |
|
49 |
||
50 |
.. option:: --auth-ldap.bind-password ARG |
|
51 |
||
52 |
:Default:
|
|
53 |
:Variable: :ref:`auth_ldap_bind_password <auth_ldap_bind_password>` |
|
54 |
||
55 |
Password to use when binding the DN. |
|
56 |
||
57 |
.. option:: --auth-ldap.cache-timeout ARG |
|
58 |
||
59 |
:Default: ``0`` |
|
60 |
:Variable: :ref:`auth_ldap_cache_timeout <auth_ldap_cache_timeout>` |
|
61 |
||
62 |
How often to empty the users cache, 0 to disable. |
|
63 |
||
64 |
.. option:: --auth-ldap.mysql-password-attribute ARG |
|
65 |
||
66 |
:Default: ``mysqlUserPassword`` |
|
67 |
:Variable: :ref:`auth_ldap_mysql_password_attribute <auth_ldap_mysql_password_attribute>` |
|
68 |
||
69 |
Attribute in LDAP with MySQL hashed password. |
|
70 |
||
71 |
.. option:: --auth-ldap.password-attribute ARG |
|
72 |
||
73 |
:Default: ``userPassword`` |
|
74 |
:Variable: :ref:`auth_ldap_password_attribute <auth_ldap_password_attribute>` |
|
75 |
||
76 |
Attribute in LDAP with plain text password. |
|
77 |
||
78 |
.. option:: --auth-ldap.uri ARG |
|
79 |
||
80 |
:Default: ``ldap://127.0.0.1/`` |
|
81 |
:Variable: :ref:`auth_ldap_uri <auth_ldap_uri>` |
|
82 |
||
83 |
URI of the LDAP server to contact. |
|
84 |
||
85 |
.. _auth_ldap_variables: |
|
86 |
||
87 |
Variables
|
|
88 |
---------
|
|
89 |
||
90 |
These variables show the running configuration of the plugin. |
|
91 |
See `variables` for more information about querying and setting variables.
|
|
92 |
||
93 |
.. _auth_ldap_base_dn: |
|
94 |
||
95 |
* ``auth_ldap_base_dn`` |
|
96 |
||
97 |
:Scope: Global
|
|
98 |
:Dynamic: No
|
|
99 |
:Option: :option:`--auth-ldap.base-dn` |
|
100 |
||
101 |
DN to use when searching. |
|
102 |
||
103 |
.. _auth_ldap_bind_dn: |
|
104 |
||
105 |
* ``auth_ldap_bind_dn`` |
|
106 |
||
107 |
:Scope: Global
|
|
108 |
:Dynamic: No
|
|
109 |
:Option: :option:`--auth-ldap.bind-db` |
|
110 |
||
111 |
DN to use when binding to the LDAP server. |
|
112 |
||
113 |
.. _auth_ldap_bind_password: |
|
114 |
||
115 |
* ``auth_ldap_bind_password`` |
|
116 |
||
117 |
:Scope: Global
|
|
118 |
:Dynamic: No
|
|
119 |
:Option: :option:`--auth-ldap.bind-password` |
|
120 |
||
121 |
Password to use when binding the DN. |
|
122 |
||
123 |
.. _auth_ldap_cache_timeout: |
|
124 |
||
125 |
* ``auth_ldap_cache_timeout`` |
|
126 |
||
127 |
:Scope: Global
|
|
128 |
:Dynamic: No
|
|
129 |
:Option: :option:`--auth-ldap.cache-timeout` |
|
130 |
||
131 |
How often to empty the users cache. |
|
132 |
||
133 |
.. _auth_ldap_mysql_password_attribute: |
|
134 |
||
135 |
* ``auth_ldap_mysql_password_attribute`` |
|
136 |
||
137 |
:Scope: Global
|
|
138 |
:Dynamic: No
|
|
139 |
:Option: :option:`--auth-ldap.mysql-password-attribute` |
|
140 |
||
141 |
Attribute in LDAP with MySQL hashed password. |
|
142 |
||
143 |
.. _auth_ldap_password_attribute: |
|
144 |
||
145 |
* ``auth_ldap_password_attribute`` |
|
146 |
||
147 |
:Scope: Global
|
|
148 |
:Dynamic: No
|
|
149 |
:Option: :option:`--auth-ldap.password-attribute` |
|
150 |
||
151 |
Attribute in LDAP with plain text password. |
|
152 |
||
153 |
.. _auth_ldap_uri: |
|
154 |
||
155 |
* ``auth_ldap_uri`` |
|
156 |
||
157 |
:Scope: Global
|
|
158 |
:Dynamic: No
|
|
159 |
:Option: :option:`--auth-ldap.uri` |
|
160 |
||
161 |
URI of the LDAP server to contact. |
|
162 |
||
163 |
.. _auth_ldap_examples: |
|
164 |
||
165 |
Examples
|
|
166 |
--------
|
|
167 |
||
168 |
Sorry, there are no examples for this plugin. |
|
169 |
||
170 |
.. _auth_ldap_authors: |
|
171 |
||
172 |
Authors
|
|
173 |
-------
|
|
174 |
||
175 |
Eric Day |
|
176 |
||
177 |
.. _auth_ldap_version: |
|
178 |
||
179 |
Version
|
|
180 |
-------
|
|
181 |
||
182 |
This documentation applies to **auth_ldap 0.1**.
|
|
183 |
||
184 |
To see which version of the plugin a Drizzle server is running, execute: |
|
185 |
||
186 |
.. code-block:: mysql |
|
187 |
||
188 |
SELECT MODULE_VERSION FROM DATA_DICTIONARY.MODULES WHERE MODULE_NAME='auth_ldap' |
|
189 |
||
190 |
Changelog
|
|
191 |
---------
|
|
192 |
||
193 |
v0.1
|
|
194 |
^^^^
|
|
195 |
* First release.
|