diff --git a/template.env b/template.env index 418bdc2..1cce6f9 100644 --- a/template.env +++ b/template.env @@ -134,46 +134,46 @@ SYNCSERVERS_1_PULL_RULES= # users should not be able to control the HTTP header configured in LDAP_APACHE_ENV # (e.g. REMOTE_USER), this means you must not allow direct access to MISP. # NOTE 2: You need to escape special characters twice, e.g., "pass\word" becomes "pass\\\\word". -#APACHESECUREAUTH_LDAP_ENABLE=true -#APACHESECUREAUTH_LDAP_APACHE_ENV="REMOTE_USER" -#APACHESECUREAUTH_LDAP_SERVER="ldap://your_domain_controller" -#APACHESECUREAUTH_LDAP_STARTTLS=true -#APACHESECUREAUTH_LDAP_READER_USER="CN=service_account_name,OU=Users,DC=domain,DC=net" -#APACHESECUREAUTH_LDAP_READER_PASSWORD="password" -#APACHESECUREAUTH_LDAP_DN="OU=Users,DC=domain,DC=net" -#APACHESECUREAUTH_LDAP_SEARCH_FILTER="" -#APACHESECUREAUTH_LDAP_SEARCH_ATTRIBUTE="uid" -#APACHESECUREAUTH_LDAP_FILTER="[\"mail\", \"uid\", \"cn\" ]" -#APACHESECUREAUTH_LDAP_DEFAULT_ROLE_ID="3" -#APACHESECUREAUTH_LDAP_DEFAULT_ORG="1" -#APACHESECUREAUTH_LDAP_EMAIL_FIELD="[\"mail\"]" -#APACHESECUREAUTH_LDAP_OPT_PROTOCOL_VERSION="3" -#APACHESECUREAUTH_LDAP_OPT_NETWORK_TIMEOUT="-1" -#APACHESECUREAUTH_LDAP_OPT_REFERRALS=false +# APACHESECUREAUTH_LDAP_ENABLE=true +# APACHESECUREAUTH_LDAP_APACHE_ENV="REMOTE_USER" +# APACHESECUREAUTH_LDAP_SERVER="ldap://your_domain_controller" +# APACHESECUREAUTH_LDAP_STARTTLS=true +# APACHESECUREAUTH_LDAP_READER_USER="CN=service_account_name,OU=Users,DC=domain,DC=net" +# APACHESECUREAUTH_LDAP_READER_PASSWORD="password" +# APACHESECUREAUTH_LDAP_DN="OU=Users,DC=domain,DC=net" +# APACHESECUREAUTH_LDAP_SEARCH_FILTER="" +# APACHESECUREAUTH_LDAP_SEARCH_ATTRIBUTE="uid" +# APACHESECUREAUTH_LDAP_FILTER="[\"mail\", \"uid\", \"cn\" ]" +# APACHESECUREAUTH_LDAP_DEFAULT_ROLE_ID="3" +# APACHESECUREAUTH_LDAP_DEFAULT_ORG="1" +# APACHESECUREAUTH_LDAP_EMAIL_FIELD="[\"mail\"]" +# APACHESECUREAUTH_LDAP_OPT_PROTOCOL_VERSION="3" +# APACHESECUREAUTH_LDAP_OPT_NETWORK_TIMEOUT="-1" +# APACHESECUREAUTH_LDAP_OPT_REFERRALS=false # Enable LDAP (using the MISP plugin native) authentication, according to https://github.com/MISP/MISP/tree/2.5/app/Plugin/LdapAuth # NOTE 2: You need to escape special characters twice, e.g., "pass\word" becomes "pass\\\\word". -#LDAPAUTH_ENABLE=true -#LDAPAUTH_LDAPSERVER="ldap://your_domain_controller" -#LDAPAUTH_LDAPDN="OU=Users,DC=domain,DC=net" -#LDAPAUTH_LDAPREADERUSER="CN=service_account_name,OU=Users,DC=domain,DC=net" -#LDAPAUTH_LDAPREADERPASSWORD="password" -#LDAPAUTH_LDAPSEARCHFILTER="" -#LDAPAUTH_LDAPSEARCHATTRIBUTE="mail" -#LDAPAUTH_LDAPEMAILFIELD="[\"mail\"]" -#LDAPAUTH_LDAPNETWORKTIMEOUT="-1" -#LDAPAUTH_LDAPPROTOCOL="3" -#LDAPAUTH_LDAPALLOWREFERRALS=true -#LDAPAUTH_STARTTLS=false -#LDAPAUTH_MIXEDAUTH=true -#LDAPAUTH_LDAPDEFAULTORGID="1" -#LDAPAUTH_LDAPDEFAULTROLEID="3" -#LDAPAUTH_UPDATEUSER=true -#LDAPAUTH_DEBUG=false -#LDAPAUTH_LDAPTLSREQUIRECERT="LDAP_OPT_X_TLS_ALLOW" -#LDAPAUTH_LDAPTLSCUSTOMCACERT=false -#LDAPAUTH_LDAPTLSCRLCHECK="LDAP_OPT_X_TLS_CRL_PEER" -#LDAPAUTH_LDAPTLSPROTOCOLMIN="LDAP_OPT_X_TLS_PROTOCOL_TLS1_2" +# LDAPAUTH_ENABLE=true +# LDAPAUTH_LDAPSERVER="ldap://your_domain_controller" +# LDAPAUTH_LDAPDN="OU=Users,DC=domain,DC=net" +# LDAPAUTH_LDAPREADERUSER="CN=service_account_name,OU=Users,DC=domain,DC=net" +# LDAPAUTH_LDAPREADERPASSWORD="password" +# LDAPAUTH_LDAPSEARCHFILTER="" +# LDAPAUTH_LDAPSEARCHATTRIBUTE="mail" +# LDAPAUTH_LDAPEMAILFIELD="[\"mail\"]" +# LDAPAUTH_LDAPNETWORKTIMEOUT="-1" +# LDAPAUTH_LDAPPROTOCOL="3" +# LDAPAUTH_LDAPALLOWREFERRALS=true +# LDAPAUTH_STARTTLS=false +# LDAPAUTH_MIXEDAUTH=true +# LDAPAUTH_LDAPDEFAULTORGID="1" +# LDAPAUTH_LDAPDEFAULTROLEID="3" +# LDAPAUTH_UPDATEUSER=true +# LDAPAUTH_DEBUG=false +# LDAPAUTH_LDAPTLSREQUIRECERT="LDAP_OPT_X_TLS_ALLOW" +# LDAPAUTH_LDAPTLSCUSTOMCACERT=false +# LDAPAUTH_LDAPTLSCRLCHECK="LDAP_OPT_X_TLS_CRL_PEER" +# LDAPAUTH_LDAPTLSPROTOCOLMIN="LDAP_OPT_X_TLS_PROTOCOL_TLS1_2" # Enable Azure AD (Entra) authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/AadAuth/README.md # AAD_ENABLE=true