tvl-depot/third_party/apereo-cas/overlay/etc/cas/config/cas.properties
Luke Granger-Brown 3e7073f106 feat(3p/apereo-cas): add the LDAP DN to the list of attributes
Panettone currently uses the LDAP DN as the user key, so we collect it
here so that we can later make sure its exposed to Panettone.

Change-Id: Ia2048cb479a2afe6fe9f47181115ae7ec13dedf3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2811
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
2021-04-03 21:51:58 +00:00

39 lines
1.3 KiB
Properties

cas.server.name=https://login.tvl.fyi
cas.server.prefix=${cas.server.name}
cas.server.scope=tvl.fyi
server.tomcat.basedir=/etc/cas/tomcat
server.servlet.context.path=/
cas.service-registry.json.location=file:/etc/cas/services
server.port=8443
server.address=127.0.0.1
server.ssl.enabled=false
# Enable X-Forwarded-For using Tomcat.
server.forward-headers-strategy=NATIVE
server.tomcat.remoteip.remote-ip-header=x-forwarded-for
server.tomcat.remoteip.protocol-header=x-forwarded-proto
server.tomcat.basedir=/etc/cas/tomcat
server.servlet.context-path=/
cas.authn.saml-idp.entity-id=https://login.tvl.fyi
cas.authn.accept.users=
cas.authn.attribute-repository.default-attributes-to-release=uid,mail,displayName,username,principalLdapDn
cas.authn.ldap[0].pool-passivator=NONE
cas.authn.ldap[0].principal-attribute-list=cn:uid,mail,displayName,cn:username
cas.authn.ldap[0].collect-dn-attribute=true
cas.authn.ldap[0].principal-dn-attribute-name=principalLdapDn
cas.authn.ldap[0].ldap-url=ldap://localhost
cas.authn.ldap[0].use-start-tls=false
cas.authn.ldap[0].validator.base-dn=dc=tvl,dc=fyi
cas.authn.ldap[0].base-dn=dc=tvl,dc=fyi
cas.authn.ldap[0].search-filter=cn={user}
cas.authn.ldap[0].dn-format=cn=%s,ou=users,dc=tvl,dc=fyi
cas.authn.ldap[0].type=DIRECT
cas.authn.oidc.issuer=${cas.server.name}/oidc