nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-02-28 05:53:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,964 Commits 11 Branches 58 Tags 14 MiB
Commit Graph

90 Commits

Author SHA1 Message Date
Stonewall Jackson
fa44a257e9 allow specifying all sasl bind options in config.php 2024-02-28 16:29:56 -05:00
Stonewall Jackson
dc666e191f fix spelling in LDAP sasl example 2024-02-28 16:29:56 -05:00
Stonewall Jackson
c8424ae5d5 Update LDAP driver to support SASL binds 
Add a new 'sasl' option to the LDAP driver, which invokes
ldap_sasl_bind() instead of ldap_bind().

This allows authenticating to LDAP using the GSSAPI (kerberos) or
EXTERNAL mechanisms, rather than a bindDN and password.

Note that for GSSAPI binds, PHP needs access to valid kerberos
credentials (for example, by setting the KRB5CCNAME environment variable
for the PHP process).

Tested with OpenLDAP/Heimdal kerberos, but should also work with Active
Directory.
 2024-02-28 16:29:56 -05:00
Andrew Ruthven
4ae36c132d Have a sensible default setting for the UserAgent 2024-02-18 01:51:56 +13:00
Andrew Ruthven
d7d19b906f Set external_refresh by default 
Let's just set a sane default of 60 minutes.
 2024-02-18 00:04:37 +13:00
Andrew Ruthven
8a6274e6cf Rather than look for a flag, if a member is a DN, modify/fetch the record. 
This changes 48c6512a70740c403027b66e9d609e9b871d29c0, in Eric's commit it
needs a flag to go fetch the record and apply the mapping to find the
username field. This approach looks for a telltale that this is DN (naively
an "=") and then either grabs the first element from the DN if the username
attr matches or fetches the entry from LDAP.

There have also been attempts in the past to special case uniqueMember and
to add a group_member_dnfix config option.

This should handle the cases where people use uid/cn/whatever for the
username.
 2024-02-17 02:25:25 +00:00
Andrew Ruthven
b0d01264e0 Various tidyups, show some more defaults, make a bit more current. 2024-02-17 02:25:25 +00:00
Andrew Ruthven
56d7d22d86 Rename mapping_field to user_mapping_field 
This is to be consistent with group_mapping_field. The code is backwards
compatible with mapping_field.

In sync_LDAP_groups assign user_mapping once, not for every group.
 2024-02-17 02:25:25 +00:00
Andrew Ruthven
13083b07e8 Rename username to name in group mappings, drop unused fullname from example 
Usinger "username" for the group name is confusing and misleading. Just
use name, but support our users who still have username.

We don't use fullname, drop it from the example.
 2024-02-17 02:25:25 +00:00
Andrew Ruthven
bb713137fd memberUid is deprecated, make member default 2024-02-17 02:25:25 +00:00
Andrew Ruthven
ed7f308b87 Add default filters for users and groups 
Some (all?) LDAP servers will just not respond if there is no filter,
provide a sensible default.
 2024-02-17 02:25:25 +00:00
Andrew Ruthven
0a4471ab06 Wrap most lines in config file to 76 characters 
This makes it a lot more readable on an 80 character wide terminal.
 2024-02-03 06:24:50 +00:00
Andrew Ruthven
0ec4fb4dc5 Correct case and plural 2024-01-19 00:43:53 +13:00
Andrew Ruthven
fa1b9ae353 Lower case CN, and use the example domain 2024-01-19 00:43:02 +13:00
Andreas Haerter
11a57a85c6 Another mapping_field key to prevent PHP warnings; typos 2024-01-18 11:05:25 +00:00
Andreas Haerter
d53dad3363 Fix typos in example config; Improve Active Directory example 
This fixes a few typos and trailing spaces and improves the AD
example:

- missing port leads to PHP warnings
- use more common and compatible field names for attribute mapping
- distinguishedName as bind user example
 2024-01-18 11:05:25 +00:00
Scott Savarese
0059d0dcdb Support ldap connections via URI to handle ldaps and redundant ldap servers 2023-04-27 11:00:50 +00:00
Andrew Ruthven
5db0622d65 Provide example configuration on using memcache. 2023-01-18 00:11:57 +13:00
Andrew Ruthven
a054d16390 Mass tidy up of whitespace in sample config. 2023-01-08 12:46:19 +13:00
Andrew Ruthven
7a8c7b5b25 Convert loop_limit to a config item 2022-12-15 20:50:44 +00:00
Paul Waite
dd5bd9c282 Provide a facility for setting an override URL which will replace the Change Password UI, and the Forgotten Password UI with a clickable link. 2022-02-12 14:02:54 +00:00
Florian Schlichting
202e2edd5a tighten $c->list_everyone to look for DAV::read privilege and actually block access to principals and collections 
Groups really only exist in the davical web interface, CALDAV clients
discover principals and collections based on GRANTs such as the
DAV::read privilege, so use that for the web interface as well.

Also, not listing users is nice, actually blocking access to those users
(which can be enumerated with the id GET parameter) is a lot better.
 2021-02-09 01:54:32 +08:00
Klaus M Pfeiffer
042ce5f076 add feature list_everyone (fixes #59) 2021-02-08 17:41:28 +00:00
Florian Schlichting
afcaacaf2a do_not_sync_from_ldap for groups (fixes #158) 2019-01-30 21:42:01 +01:00
Andrew Ruthven
f658a45d38 Provide example of how to enable audit logging 2019-01-30 22:59:05 +13:00
Andrew Ruthven
6bcece8632 Make the default settings stand out more 2019-01-04 22:54:37 +13:00
“Paul
c5891abc7f Introduce new global variable to control maximum size of carddav resources. 2018-08-30 17:23:12 +02:00
Florian Schlichting
b8df885484 put the most important debug options in a more visible place 2018-01-11 23:36:16 +01:00
Florian Schlichting
79a3cb9e33 Document $c->hide_bound and $c->disable_caldav_proxy_propfind_collections config options 
These were added by Jan Mate in 2014 in 6229409 and c32a288
 2017-10-25 23:34:36 +02:00
Frank Steinberg
3bb6cd4479 Resolve attendee group names to lists of individual users. Configurable by $c->enable_attendee_group_resolution (from !21) 2017-09-21 23:27:51 +02:00
Florian Schlichting
ebdd6b1674 fix config example as well 2017-04-25 00:10:22 +02:00
Jan Losinski
b5072dd154 Set the user agent string for external calendars 2017-04-24 21:20:34 +00:00
Florian Schlichting
d205521bd4 drivers_ldap says "updated" has been replaced with "modified", so update example config accordingly 2017-04-07 23:58:33 +02:00
Florian Schlichting
caaad9ce85 Document remaining config settings for which there are defaults, as well as the very useful skip_bad_event_on_import 2017-01-23 22:59:35 +01:00
Marc
364bbd1df5 allow admins to manually toggle the uniqueMember fix via config (fix #102) 2017-01-17 23:30:59 +01:00
Florian Schlichting
ab7dad057d UI: use ExtraRowFormat to fix tooltip on action rows / buttons 2017-01-10 22:14:42 +01:00
Florian Schlichting
3b35350e8b Make sure all configuration settings described at https://wiki.davical.org/index.php/Configuration/settings are documented in the example config files (cf. #76) 2017-01-08 22:18:07 +01:00
Florian Schlichting
2c11535eb0 use secure URIs where possible 2017-01-08 15:48:52 +01:00
Florian Schlichting
93d3b6daba remove logout button when the webserver does auth, or use a configured logout URL (fixes #67, Debian #703130) 2017-01-08 02:08:13 +01:00
Florian Schlichting
202542dc1b updates for bulk addressbook import 2017-01-07 02:17:29 +01:00
Florian Schlichting
2c0c65d08a add optional support for X-Forwarded-Proto etc (closes: #87) 
Modify the relevant $_SERVER variables directly, as we're using them in
various places in davical and awl.
 2017-01-06 16:06:11 +01:00
Florian Schlichting
11c56c85b1 sort example-config.php, add "Scheduling" section and integrate imap_pam_conf_php.txt 2017-01-02 22:13:40 +01:00
Florian Schlichting
adce3f48a9 provide a .ics download link in collection view and document $c->get_includes_subcollections 2017-01-02 21:57:41 +01:00
Florian Schlichting
a4ba019397 make sure we dont have documentation suggesting that $c->something can be used without assigning a value 2016-12-02 00:46:58 +01:00
Florian Schlichting
0901fd2756 Remove remaining references to $c->local_tzid (fixes #35) 2016-12-02 00:24:53 +01:00
Andrew McMillan
c5c0421caf Add /metrics.php to be scraped by Prometheus for monitoring. 2016-06-22 23:53:22 +01:00
Florian Schlichting
bf733fca8e let admin.php without parameters redirect to index.php, and document restrict_setup_to_admin setting (fixes #55) 2016-01-01 21:55:32 +01:00
Florian Schlichting
1821d65f1b minor cleanup of example-config.php 2016-01-01 21:55:15 +01:00
Mark Davies
0cc7b944b4 Add config value "support_obsolete_free_busy_property" 
to control whether the obsolete Scheduling property
"calendar-free-busy-set" is populated during a PROPFIND. For Issue #31,
Database Performance Improvements.
 2014-12-16 21:30:14 +01:00
Rob Ostensen
f0e912da7e iSchedule changes: fix signed domain, better error handling, cleanups 2012-01-30 21:18:10 -06:00