Web proxy LDAP authentication

提供: VyOS jp
移動: 案内検索


Configuration commands:

service
    webproxy
        authentication
            children <integer>        # Authentication processes number limit (they run as separate processes)
            realm <string>            # The realm name shown in auth dialog
            credentials-ttl <minutes> # Session life time
            method <string>           # Only "ldap" is supported right now, introduced for scalability
            ldap
                server <host or IP>         # LDAP server, mandatory
                port <1-65535>              # LDAP port, default 389
                version <integer>           # LDAP version, default is 3
                password <string>           # LDAP password
                base-dn <string>            # LDAP base DN, mandatory
                bind-dn <string>            # LDAP bind DN
                filter-expression <string>  # LDAP expression for user accounts
                username-attribute <string> # LDAP attribute used for user names
                persistent-connection       # Use persistent LDAP connection
                use-ssl                     # Use LDAP over SSL
        url-filtering
            squidguard
                source-group
                    ldap-user-search # User group search LDAP expression
                    ldap-ip-search   # IP list search LDAP expression
                    user <list>      # Predefined user list