forked from mystiq/dex
fa69c918b2
This allows users of the LDAP connector to give users of Dex' login
prompt an idea of what they should enter for a username.
Before, irregardless of how the LDAP connector was set up, the prompt
was
Username
[_________________]
Password
[_________________]
Now, this is configurable, and can be used to say "MyCorp SSO Login" if
that's what it is.
If it's not configured, it will default to "Username".
For the passwordDB connector (local users), it is set to "Email
Address", since this is what it uses.
Signed-off-by: Stephan Renatus <srenatus@chef.io>
54 lines
1.2 KiB
YAML
54 lines
1.2 KiB
YAML
issuer: http://127.0.0.1:5556/dex
|
|
storage:
|
|
type: sqlite3
|
|
config:
|
|
file: examples/dex.db
|
|
web:
|
|
http: 0.0.0.0:5556
|
|
|
|
connectors:
|
|
- type: ldap
|
|
name: OpenLDAP
|
|
id: ldap
|
|
config:
|
|
host: localhost:10389
|
|
|
|
# No TLS for this setup.
|
|
insecureNoSSL: true
|
|
|
|
# This would normally be a read-only user.
|
|
bindDN: cn=admin,dc=example,dc=org
|
|
bindPW: admin
|
|
|
|
usernamePrompt: Email Address
|
|
|
|
userSearch:
|
|
baseDN: ou=People,dc=example,dc=org
|
|
filter: "(objectClass=person)"
|
|
username: mail
|
|
# "DN" (case sensitive) is a special attribute name. It indicates that
|
|
# this value should be taken from the entity's DN not an attribute on
|
|
# the entity.
|
|
idAttr: DN
|
|
emailAttr: mail
|
|
nameAttr: cn
|
|
|
|
groupSearch:
|
|
baseDN: ou=Groups,dc=example,dc=org
|
|
filter: "(objectClass=groupOfNames)"
|
|
|
|
# A user is a member of a group when their DN matches
|
|
# the value of a "member" attribute on the group entity.
|
|
userAttr: DN
|
|
groupAttr: member
|
|
|
|
# The group name should be the "cn" value.
|
|
nameAttr: cn
|
|
|
|
staticClients:
|
|
- id: example-app
|
|
redirectURIs:
|
|
- 'http://127.0.0.1:5555/callback'
|
|
name: 'Example App'
|
|
secret: ZXhhbXBsZS1hcHAtc2VjcmV0
|