Add remote user config settings

This commit is contained in:
Nicolás Fantone 2020-05-25 14:12:32 +01:00
parent 52298f8289
commit eb730be8f9
2 changed files with 22 additions and 3 deletions

View File

@ -130,7 +130,7 @@ SAML_ENABLED = False
# SAML_CERT_FILE = '/etc/pki/powerdns-admin/cert.crt' # SAML_CERT_FILE = '/etc/pki/powerdns-admin/cert.crt'
# SAML_CERT_KEY = '/etc/pki/powerdns-admin/key.pem' # SAML_CERT_KEY = '/etc/pki/powerdns-admin/key.pem'
# Cofigures if SAML tokens should be encrypted. # Configures if SAML tokens should be encrypted.
# SAML_SIGN_REQUEST = False # SAML_SIGN_REQUEST = False
# #Use SAML standard logout mechanism retreived from idp metadata # #Use SAML standard logout mechanism retreived from idp metadata
# #If configured false don't care about SAML session on logout. # #If configured false don't care about SAML session on logout.
@ -141,3 +141,19 @@ SAML_ENABLED = False
# #SAML_LOGOUT_URL = 'https://google.com' # #SAML_LOGOUT_URL = 'https://google.com'
# #SAML_ASSERTION_ENCRYPTED = True # #SAML_ASSERTION_ENCRYPTED = True
# Remote authentication settings
# Whether to enable remote user authentication or not
# Defaults to False
# REMOTE_USER_ENABLED=True
# If set, users will be redirected to this location on logout
# Ignore or set to None to avoid redirecting altogether
# Warning: if REMOTE_USER environment variable is still set after logging out and not cleared by
# some external module, not defining a custom logout URL might trigger a loop
# that will just log the user back in right after logging out
# REMOTE_USER_LOGOUT_URL=https://my.sso.com/cas/logout
# An optional list of remote authentication tied cookies to be removed upon logout
# REMOTE_USER_COOKIES=['MOD_AUTH_CAS', 'MOD_AUTH_CAS_S']

View File

@ -45,7 +45,9 @@ legal_envvars = (
'SAML_LOGOUT', 'SAML_LOGOUT',
'SAML_LOGOUT_URL', 'SAML_LOGOUT_URL',
'SAML_ASSERTION_ENCRYPTED', 'SAML_ASSERTION_ENCRYPTED',
'OFFLINE_MODE' 'OFFLINE_MODE',
'REMOTE_USER_LOGOUT_URL',
'REMOTE_USER_COOKIES'
) )
legal_envvars_int = ('PORT', 'MAIL_PORT', 'SAML_METADATA_CACHE_LIFETIME') legal_envvars_int = ('PORT', 'MAIL_PORT', 'SAML_METADATA_CACHE_LIFETIME')
@ -62,7 +64,8 @@ legal_envvars_bool = (
'SAML_WANT_MESSAGE_SIGNED', 'SAML_WANT_MESSAGE_SIGNED',
'SAML_LOGOUT', 'SAML_LOGOUT',
'SAML_ASSERTION_ENCRYPTED', 'SAML_ASSERTION_ENCRYPTED',
'OFFLINE_MODE' 'OFFLINE_MODE',
'REMOTE_USER_ENABLED'
) )
# import everything from environment variables # import everything from environment variables