Adding LDAP StartTLS support

Some LDAP server do not allow authenticate with unencrypted password. This patch is adding the StartTLS support which takes care of the encryption. In order to enable the StartTLS, go to "System Settings" and select the "Enable StartTLS" in the Authentication section. Then make sure that you add your LDAP certificate into the Java keystore: $ keytool -import \ -file /etc/pki/tls/certs/cacert.pem \ -alias myName \ -keystore /var/lib/gitbucket/keystore You can list all keys from the keystore like this: $ keytool -list -keystore /var/lib/gitbucket/keystore
2025-11-07 14:05:52 +01:00 · 2013-11-01 15:44:19 +00:00
parent 34853d0322
commit f311339786
6 changed files with 52 additions and 9 deletions
--- a/src/main/scala/app/SystemSettingsController.scala
+++ b/src/main/scala/app/SystemSettingsController.scala
@@ -33,7 +33,8 @@ trait SystemSettingsControllerBase extends ControllerBase with FlashMapSupport {
        "bindPassword"             -> trim(label("Bind Password", optional(text()))),
        "baseDN"                   -> trim(label("Base DN", text(required))),
        "userNameAttribute"        -> trim(label("User name attribute", text(required))),
-        "mailAttribute"            -> trim(label("Mail address attribute", text(required)))
+        "mailAttribute"            -> trim(label("Mail address attribute", text(required))),
+        "tls"                      -> trim(label("Enable StartTLS", optional(boolean())))
    )(Ldap.apply))
  )(SystemSettings.apply)