Nemcio/GitBucket
1
0
Fork 0
mirror of https://github.com/gitbucket/gitbucket.git synced 2025-11-07 14:05:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Adding LDAP StartTLS support

Browse Source 
Some LDAP server do not allow authenticate with unencrypted password.
This patch is adding the StartTLS support which takes care of the
encryption.

In order to enable the StartTLS, go to "System Settings" and select the
"Enable StartTLS" in the Authentication section. Then make sure that you
add your LDAP certificate into the Java keystore:

$ keytool -import \
          -file /etc/pki/tls/certs/cacert.pem \
          -alias myName \
          -keystore /var/lib/gitbucket/keystore

You can list all keys from the keystore like this:

$ keytool -list -keystore /var/lib/gitbucket/keystore
This commit is contained in:
Jiri Tyr
2013-11-01 15:44:19 +00:00
parent 34853d0322
commit f311339786
6 changed files with 52 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/main/scala/service/SystemSettingsService.scala
View File

@@ -32,6 +32,7 @@ trait SystemSettingsService {
props.setProperty(LdapBaseDN, ldap.baseDN)
props.setProperty(LdapUserNameAttribute, ldap.userNameAttribute)
props.setProperty(LdapMailAddressAttribute, ldap.mailAttribute)
ldap.tls.foreach(x => props.setProperty(LdapTls, x.toString))
}
}
props.store(new java.io.FileOutputStream(GitBucketConf), null)
@@ -69,7 +70,8 @@ trait SystemSettingsService {
getOptionValue(props, LdapBindPassword, None),
getValue(props, LdapBaseDN, ""),
getValue(props, LdapUserNameAttribute, ""),
getValue(props, LdapMailAddressAttribute, "")))
getValue(props, LdapMailAddressAttribute, ""),
getOptionValue[Boolean](props, LdapTls, None)))
} else {
None
}
@@ -97,7 +99,8 @@ object SystemSettingsService {
bindPassword: Option[String],
baseDN: String,
userNameAttribute: String,
mailAttribute: String)
mailAttribute: String,
tls: Option[Boolean])
case class Smtp(
host: String,
@@ -129,6 +132,7 @@ object SystemSettingsService {
private val LdapBaseDN = "ldap.baseDN"
private val LdapUserNameAttribute = "ldap.username_attribute"
private val LdapMailAddressAttribute = "ldap.mail_attribute"
private val LdapTls = "ldap.tls"
private def getValue[A: ClassTag](props: java.util.Properties, key: String, default: A): A =
defining(props.getProperty(key)){ value =>