Minor fixes to the LDAP module readme
This commit is contained in:
parent
0f07a5cb84
commit
079a2d68db
|
@ -4,15 +4,15 @@ Gogs LDAP Authentication Module
|
||||||
## About
|
## About
|
||||||
|
|
||||||
This authentication module attempts to authorize and authenticate a user
|
This authentication module attempts to authorize and authenticate a user
|
||||||
against an LDAP server. It provides two methods of authenitcation: LDAP via
|
against an LDAP server. It provides two methods of authentication: LDAP via
|
||||||
BindDN, and LDAP simple authentication.
|
BindDN, and LDAP simple authentication.
|
||||||
|
|
||||||
LDAP via BindDN functions like most LDAP authentication systems.
|
LDAP via BindDN functions like most LDAP authentication systems. First, it
|
||||||
First, it queries the LDAP server using a Bind DN and
|
queries the LDAP server using a Bind DN and searches for the user that is
|
||||||
searches for the user that is attempting to sign in. If the user is found, the
|
attempting to sign in. If the user is found, the module attempts to bind to the
|
||||||
module attempts to bind to the server using the user's supplied credentials. If
|
server using the user's supplied credentials. If this succeeds, the user has
|
||||||
this succeeds, the user has been authenticated, and his account information is
|
been authenticated, and his account information is retrieved and passed to the
|
||||||
retrieved and passed to the Gogs login infrastructure.
|
Gogs login infrastructure.
|
||||||
|
|
||||||
LDAP simple authentication does not utilize a Bind DN. Instead, it binds
|
LDAP simple authentication does not utilize a Bind DN. Instead, it binds
|
||||||
directly with the LDAP server using the user's supplied credentials. If the bind
|
directly with the LDAP server using the user's supplied credentials. If the bind
|
||||||
|
@ -97,4 +97,5 @@ share the following fields:
|
||||||
* User Filter **(required)**
|
* User Filter **(required)**
|
||||||
* An LDAP filter declaring when a user should be allowed to log in. The `%s`
|
* An LDAP filter declaring when a user should be allowed to log in. The `%s`
|
||||||
matching parameter will be substituted with the user's username.
|
matching parameter will be substituted with the user's username.
|
||||||
|
* Example: (&(objectClass=posixAccount)(cn=%s))
|
||||||
* Example: (&(objectClass=posixAccount)(uid=%s))
|
* Example: (&(objectClass=posixAccount)(uid=%s))
|
||||||
|
|
Loading…
Reference in New Issue