Tree - source-git/augeas - CentOS Git server

source-git / augeas

Files

Commit: a2ae7a292c6214cd44b783b9d82ed5afdf9ebb0e
Blob Blame History Raw
(* Module Jaas *)
(* Author: Simon Vocella <voxsim@gmail.com> *)
module Test_jaas =

let conf = "
/*
  This is the JAAS configuration file used by the Shibboleth IdP.

  A JAAS configuration file is a grouping of LoginModules defined in the following manner:
  <LoginModuleClass> <Flag> <ModuleOptions>;

  LoginModuleClass - fully qualified class name of the LoginModule class
  Flag             - indicates whether the requirement level for the modules;
                         allowed values: required, requisite, sufficient, optional
  ModuleOptions    - a space delimited list of name=\"value\" options

  For complete documentation on the format of this file see:
  http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html

  For LoginModules available within the Sun JVM see:
  http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/tutorials/LoginConfigFile.html

  Warning: Do NOT use Sun's JNDI LoginModule to authentication against an LDAP directory,
  Use the LdapLoginModule that ships with Shibboleth and is demonstrated below.

  Note, the application identifier MUST be ShibUserPassAuth
*/


ShibUserPassAuth {

// Example LDAP authentication
// See: https://wiki.shibboleth.net/confluence/display/SHIB2/IdPAuthUserPass
/*
   edu.vt.middleware.ldap.jaas.LdapLoginModule required
      ldapUrl=\"ldap://ldap.example.org\"
      baseDn=\"ou=people,dc=example,dc=org\"
      ssl=\"true\"
      userFilter=\"uid={0}\";
*/

// Example Kerberos authentication, requires Sun's JVM
// See: https://wiki.shibboleth.net/confluence/display/SHIB2/IdPAuthUserPass
/*
   com.sun.security.auth.module.Krb5LoginModule required
      useKeyTab=\"true\"
      keyTab=\"/path/to/idp/keytab/file\";
*/

   edu.vt.middleware.ldap.jaas.LdapLoginModule required
      host = \"ldap://127.0.0.1:389\"
      base = \"dc=example,dc=com\"
      serviceUser = \"cn=admin,dc=example,dc=com\"
      serviceCredential = \"ldappassword\"
      ssl = \"false\"
      userField = \"uid\"
      // Example comment within definition
      subtreeSearch = \"true\";
};

NetAccountAuth {
   // Test of optionless flag
   nz.ac.auckland.jaas.Krb5LoginModule required;
};

com.sun.security.jgss.krb5.initiate {
   // Test of omitted linebreaks and naked boolean
   com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true;
};"

test Jaas.lns get conf =
  {  }
  { "#mcomment"
    { "1" = "This is the JAAS configuration file used by the Shibboleth IdP." }
    { "2" = "A JAAS configuration file is a grouping of LoginModules defined in the following manner:" }
    { "3" = "<LoginModuleClass> <Flag> <ModuleOptions>;" }
    { "4" = "LoginModuleClass - fully qualified class name of the LoginModule class" }
    { "5" = "Flag             - indicates whether the requirement level for the modules;" }
    { "6" = "allowed values: required, requisite, sufficient, optional" }
    { "7" = "ModuleOptions    - a space delimited list of name=\"value\" options" }
    { "8" = "For complete documentation on the format of this file see:" }
    { "9" = "http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html" }
    { "10" = "For LoginModules available within the Sun JVM see:" }
    { "11" = "http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/tutorials/LoginConfigFile.html" }
    { "12" = "Warning: Do NOT use Sun's JNDI LoginModule to authentication against an LDAP directory," }
    { "13" = "Use the LdapLoginModule that ships with Shibboleth and is demonstrated below." }
    { "14" = "Note, the application identifier MUST be ShibUserPassAuth" }
  }
  {  }
  {  }
  { "login" = "ShibUserPassAuth"
    {  }
    { "#comment" = "Example LDAP authentication" }
    { "#comment" = "See: https://wiki.shibboleth.net/confluence/display/SHIB2/IdPAuthUserPass" }
    { "#mcomment"
      { "1" = "edu.vt.middleware.ldap.jaas.LdapLoginModule required" }
      { "2" = "ldapUrl=\"ldap://ldap.example.org\"" }
      { "3" = "baseDn=\"ou=people,dc=example,dc=org\"" }
      { "4" = "ssl=\"true\"" }
      { "5" = "userFilter=\"uid={0}\";" }
    }
    {  }
    { "#comment" = "Example Kerberos authentication, requires Sun's JVM" }
    { "#comment" = "See: https://wiki.shibboleth.net/confluence/display/SHIB2/IdPAuthUserPass" }
    { "#mcomment"
      { "1" = "com.sun.security.auth.module.Krb5LoginModule required" }
      { "2" = "useKeyTab=\"true\"" }
      { "3" = "keyTab=\"/path/to/idp/keytab/file\";" }
    }
    {  }
    { "loginModuleClass" = "edu.vt.middleware.ldap.jaas.LdapLoginModule"
      { "flag" = "required"
        { "host" = "\"ldap://127.0.0.1:389\"" }
        { "base" = "\"dc=example,dc=com\"" }
        { "serviceUser" = "\"cn=admin,dc=example,dc=com\"" }
        { "serviceCredential" = "\"ldappassword\"" }
        { "ssl" = "\"false\"" }
        { "userField" = "\"uid\"" }
        { "#comment" = "Example comment within definition" }
        { "subtreeSearch" = "\"true\"" }
      }
    }
    {  }
  }
  {  }
  {  }
  { "login" = "NetAccountAuth"
    { "#comment" = "Test of optionless flag" }
    { "loginModuleClass" = "nz.ac.auckland.jaas.Krb5LoginModule"
      { "flag" = "required" }
    }
    {  }
  }
  {  }
  {  }
  { "login" = "com.sun.security.jgss.krb5.initiate"
    { "#comment" = "Test of omitted linebreaks and naked boolean" }
    { "loginModuleClass" = "com.sun.security.auth.module.Krb5LoginModule"
      { "flag" = "required"
        { "useTicketCache" = "true" }
      }
    }
    {  }
  }
source-git / augeas

Source Code

Files
