Add ldap IO timeout option to manager (#2267)

This commit is contained in:
Maxime Besson 2020-10-27 11:36:08 +01:00
parent bcb81cd91b
commit 1623c542a0
16 changed files with 44 additions and 25 deletions

View File

@ -138,12 +138,13 @@ sub defaultValues {
'ldapGroupAttributeNameSearch' => 'cn',
'ldapGroupAttributeNameUser' => 'dn',
'ldapGroupObjectClass' => 'groupOfNames',
'ldapIOTimeout' => 10,
'ldapPasswordResetAttribute' => 'pwdReset',
'ldapPasswordResetAttributeValue' => 'TRUE',
'ldapPwdEnc' => 'utf-8',
'ldapSearchDeref' => 'find',
'ldapServer' => 'ldap://localhost',
'ldapTimeout' => 120,
'ldapTimeout' => 10,
'ldapUsePasswordResetAttribute' => 1,
'ldapVerify' => 'require',
'ldapVersion' => 3,

View File

@ -45,7 +45,7 @@ our $authParameters = {
githubParams => [qw(githubAuthnLevel githubClientID githubClientSecret githubUserField githubScope)],
gpgParams => [qw(gpgAuthnLevel gpgDb)],
kerberosParams => [qw(krbAuthnLevel krbKeytab krbByJs krbRemoveDomain)],
ldapParams => [qw(ldapAuthnLevel ldapExportedVars ldapServer ldapPort ldapVerify ldapBase managerDn managerPassword ldapTimeout ldapVersion ldapRaw ldapCAFile ldapCAPath LDAPFilter AuthLDAPFilter mailLDAPFilter ldapSearchDeref ldapGroupBase ldapGroupObjectClass ldapGroupAttributeName ldapGroupAttributeNameUser ldapGroupAttributeNameSearch ldapGroupDecodeSearchedValue ldapGroupRecursive ldapGroupAttributeNameGroup ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser ldapPwdEnc ldapUsePasswordResetAttribute ldapPasswordResetAttribute ldapPasswordResetAttributeValue ldapAllowResetExpiredPassword ldapITDS)],
ldapParams => [qw(ldapAuthnLevel ldapExportedVars ldapServer ldapPort ldapVerify ldapBase managerDn managerPassword ldapTimeout ldapIOTimeout ldapVersion ldapRaw ldapCAFile ldapCAPath LDAPFilter AuthLDAPFilter mailLDAPFilter ldapSearchDeref ldapGroupBase ldapGroupObjectClass ldapGroupAttributeName ldapGroupAttributeNameUser ldapGroupAttributeNameSearch ldapGroupDecodeSearchedValue ldapGroupRecursive ldapGroupAttributeNameGroup ldapPpolicyControl ldapSetPassword ldapChangePasswordAsUser ldapPwdEnc ldapUsePasswordResetAttribute ldapPasswordResetAttribute ldapPasswordResetAttributeValue ldapAllowResetExpiredPassword ldapITDS)],
linkedinParams => [qw(linkedInAuthnLevel linkedInClientID linkedInClientSecret linkedInFields linkedInUserField linkedInScope)],
nullParams => [qw(nullAuthnLevel)],
oidcParams => [qw(oidcAuthnLevel oidcRPCallbackGetParam oidcRPStateTimeout)],

View File

@ -1660,6 +1660,10 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
'default' => 0,
'type' => 'bool'
},
'ldapIOTimeout' => {
'default' => 10,
'type' => 'int'
},
'ldapITDS' => {
'default' => 0,
'type' => 'bool'
@ -1728,7 +1732,7 @@ m[^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
'type' => 'bool'
},
'ldapTimeout' => {
'default' => 120,
'default' => 10,
'type' => 'int'
},
'ldapUsePasswordResetAttribute' => {

View File

@ -3304,9 +3304,14 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
},
ldapTimeout => {
type => 'int',
default => 120,
default => 10,
documentation => 'LDAP connection timeout',
},
ldapIOTimeout => {
type => 'int',
default => 10,
documentation => 'LDAP operation timeout',
},
ldapVersion => {
type => 'int',
default => 3,

View File

@ -259,9 +259,9 @@ sub tree {
'ldapServer', 'ldapPort',
'ldapVerify', 'ldapBase',
'managerDn', 'managerPassword',
'ldapTimeout', 'ldapVersion',
'ldapRaw', 'ldapCAFile',
'ldapCAPath',
'ldapTimeout', 'ldapIOTimeout',
'ldapVersion', 'ldapRaw',
'ldapCAFile', 'ldapCAPath',
]
},
{

View File

@ -443,7 +443,8 @@
"ldapSearchDeref":"الاسم المستعار",
"ldapServer":"مضيف الخادم",
"ldapSetPassword":"تعديل كلمة المرور مع عملية موسعة",
"ldapTimeout":"مهلة",
"ldapTimeout":"Connection timeout",
"ldapIOTimeout": "Operation timeout",
"ldapUsePasswordResetAttribute":"استخدام سمة إعادة الضبط",
"ldapVerify":"Verify LDAP server certificate",
"ldapVersion":"الإصدار",
@ -1160,4 +1161,4 @@
"samlRelayStateTimeout":"تناوب حالة مهلة الجلسة ",
"samlUseQueryStringSpecific":"استخدام أسلوب query_string المعين",
"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
}
}

View File

@ -443,7 +443,8 @@
"ldapSearchDeref":"Alias dereference",
"ldapServer":"Server host",
"ldapSetPassword":"Password modify extended operation",
"ldapTimeout":"Timeout",
"ldapTimeout":"Connection timeout",
"ldapIOTimeout": "Operation timeout",
"ldapUsePasswordResetAttribute":"Use reset attribute",
"ldapVerify":"Verify LDAP server certificate",
"ldapVersion":"Version",
@ -1160,4 +1161,4 @@
"samlRelayStateTimeout":"RelayState session timeout",
"samlUseQueryStringSpecific":"Use specific query_string method",
"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
}
}

View File

@ -443,7 +443,8 @@
"ldapSearchDeref":"Alias dereference",
"ldapServer":"Server host",
"ldapSetPassword":"Password modify extended operation",
"ldapTimeout":"Timeout",
"ldapTimeout":"Connection timeout",
"ldapIOTimeout": "Operation timeout",
"ldapUsePasswordResetAttribute":"Use reset attribute",
"ldapVerify":"Verify LDAP server certificate",
"ldapVersion":"Version",

View File

@ -443,7 +443,8 @@
"ldapSearchDeref":"Déréférence des alias",
"ldapServer":"Hôte",
"ldapSetPassword":"Opération étendue password modify",
"ldapTimeout":"Temps maximum d'inactivité",
"ldapTimeout":"Délai maximum de connexion",
"ldapIOTimeout": "Délai maximum d'opération",
"ldapUsePasswordResetAttribute":"Utiliser l'attribut de réinitialisation",
"ldapVerify":"Vérifier le certificat du serveur LDAP",
"ldapVersion":"Version",

View File

@ -443,7 +443,8 @@
"ldapSearchDeref":"Alias dereference",
"ldapServer":"Host del server",
"ldapSetPassword":"Operazione prolungata di modifica password",
"ldapTimeout":"Timeout",
"ldapTimeout":"Connection timeout",
"ldapIOTimeout": "Operation timeout",
"ldapUsePasswordResetAttribute":"Utilizza l'attributo di ripristino",
"ldapVerify":"Verify LDAP server certificate",
"ldapVersion":"Versione",
@ -1160,4 +1161,4 @@
"samlRelayStateTimeout":"Timeout di sessione di RelayState",
"samlUseQueryStringSpecific":"Utilizza il metodo specifico query_string",
"samlOverrideIDPEntityID":"Sostituisci l'ID entità quando agisce come IDP"
}
}

View File

@ -443,7 +443,8 @@
"ldapSearchDeref":"Dereferencja aliasu",
"ldapServer":"Host serwera",
"ldapSetPassword":"Rozszerzona operacja modyfikacji hasła",
"ldapTimeout":"Limit czasu",
"ldapTimeout":"Connection timeout",
"ldapIOTimeout": "Operation timeout",
"ldapUsePasswordResetAttribute":"Użyj atrybutu reset",
"ldapVerify":"Verify LDAP server certificate",
"ldapVersion":"Wersja",
@ -1160,4 +1161,4 @@
"samlRelayStateTimeout":"Limit czasu sesji RelayState",
"samlUseQueryStringSpecific":"Użyj określonej metody query_string",
"samlOverrideIDPEntityID":"Zastąp identyfikator jednostki podczas działania jako IDP"
}
}

View File

@ -443,7 +443,8 @@
"ldapSearchDeref":"Takma ad yönlendirmeleri",
"ldapServer":"Konak sunucu",
"ldapSetPassword":"Parola değiştirme işlemi genişletilmiş",
"ldapTimeout":"Zaman aşımı",
"ldapTimeout":"Connection timeout",
"ldapIOTimeout": "Operation timeout",
"ldapUsePasswordResetAttribute":"Sıfırlama niteliklerini kullan",
"ldapVerify":"LDAP sunucu sertifikasını doğrulayın",
"ldapVersion":"Sürüm",
@ -1160,4 +1161,4 @@
"samlRelayStateTimeout":"RelayState oturum zaman aşımı",
"samlUseQueryStringSpecific":"Spesifik query_string metodu kullan",
"samlOverrideIDPEntityID":"IDP olarak davrandığında Varlık ID'yi geçersiz kıl"
}
}

View File

@ -443,7 +443,8 @@
"ldapSearchDeref":"Bí danh ngoại tham chiếu ",
"ldapServer":"Máy chủ lưu trữ",
"ldapSetPassword":"Mật khẩu sửa đổi hoạt động mở rộng",
"ldapTimeout":"Thời gian chờ",
"ldapTimeout":"Connection timeout",
"ldapIOTimeout": "Operation timeout",
"ldapUsePasswordResetAttribute":"Sử dụng thuộc tính đặt lại",
"ldapVerify":"Verify LDAP server certificate",
"ldapVersion":"Phiên bản",
@ -1160,4 +1161,4 @@
"samlRelayStateTimeout":"Thời gian hết hạn phiên RelayState ",
"samlUseQueryStringSpecific":"Sử dụng phương pháp query_string cụ thể",
"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
}
}

View File

@ -443,7 +443,8 @@
"ldapSearchDeref":"Alias dereference",
"ldapServer":"Server host",
"ldapSetPassword":"Password modify extended operation",
"ldapTimeout":"Timeout",
"ldapTimeout":"Connection timeout",
"ldapIOTimeout": "Operation timeout",
"ldapUsePasswordResetAttribute":"Use reset attribute",
"ldapVerify":"Verify LDAP server certificate",
"ldapVersion":"版本",
@ -1160,4 +1161,4 @@
"samlRelayStateTimeout":"RelayState session timeout",
"samlUseQueryStringSpecific":"Use specific query_string method",
"samlOverrideIDPEntityID":"Override Entity ID when acting as IDP"
}
}

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long