142 lines
7.1 KiB
Cheetah
142 lines
7.1 KiB
Cheetah
[%# The contents of this file are subject to the Mozilla Public
|
|
# License Version 1.1 (the "License"); you may not use this file
|
|
# except in compliance with the License. You may obtain a copy of
|
|
# the License at http://www.mozilla.org/MPL/
|
|
#
|
|
# Software distributed under the License is distributed on an "AS
|
|
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
|
# implied. See the License for the specific language governing
|
|
# rights and limitations under the License.
|
|
#
|
|
# The Original Code is the Bugzilla Bug Tracking System.
|
|
#
|
|
# The Initial Developer of the Original Code is Netscape Communications
|
|
# Corporation. Portions created by Netscape are
|
|
# Copyright (C) 1998 Netscape Communications Corporation. All
|
|
# Rights Reserved.
|
|
#
|
|
# Contributor(s): Dave Miller <justdave@bugzilla.org>
|
|
# Frédéric Buclin <LpSolit@gmail.com>
|
|
# Marc Schumann <wurblzap@gmail.com>
|
|
#%]
|
|
[%
|
|
title = "User Authentication"
|
|
desc = "Set up your authentication policies"
|
|
info = "<p>This page contains the settings that control how this Bugzilla"
|
|
_ " installation will do its authentication. Choose what authentication"
|
|
_ " mechanism to use (the Bugzilla database, or an external source such"
|
|
_ " as LDAP), and set basic behavioral parameters. For example, choose"
|
|
_ " whether to require users to login to browse bugs, the management"
|
|
_ " of authentication cookies, and the regular expression used to"
|
|
_ " validate email addresses.</p>"
|
|
%]
|
|
|
|
[% param_descs = {
|
|
auth_env_id => "Environment variable used by external authentication system " _
|
|
"to store a unique identifier for each user. Leave it blank " _
|
|
"if there isn't one or if this method of authentication " _
|
|
"is not being used.",
|
|
|
|
auth_env_email => "Environment variable used by external authentication system " _
|
|
"to store each user's email address. This is a required " _
|
|
"field for environmental authentication. Leave it blank " _
|
|
"if you are not going to use this feature.",
|
|
|
|
auth_env_realname => "Environment variable used by external authentication system " _
|
|
"to store the user's real name. Leave it blank if there " _
|
|
"isn't one or if this method of authentication is not being " _
|
|
"used.",
|
|
|
|
user_info_class => "Mechanism(s) to be used for gathering a user's login information.
|
|
More than one may be selected. If the first one returns nothing,
|
|
the second is tried, and so on.<br />
|
|
The types are:
|
|
<dl>
|
|
<dt>CGI</dt>
|
|
<dd>
|
|
Asks for username and password via CGI form interface.
|
|
</dd>
|
|
<dt>Env</dt>
|
|
<dd>
|
|
Info for a pre-authenticated user is passed in system
|
|
environment variables.
|
|
</dd>
|
|
</dl>",
|
|
|
|
user_verify_class => "Mechanism(s) to be used for verifying (authenticating) information
|
|
gathered by user_info_class.
|
|
More than one may be selected. If the first one cannot find the
|
|
user, the second is tried, and so on.<br />
|
|
The types are:
|
|
<dl>
|
|
<dt>DB</dt>
|
|
<dd>
|
|
$terms.Bugzilla's built-in authentication. This is the most common
|
|
choice.
|
|
</dd>
|
|
<dt>RADIUS</dt>
|
|
<dd>
|
|
RADIUS authentication using a RADIUS server.
|
|
This method is experimental; please see the
|
|
$terms.Bugzilla documentation for more information.
|
|
Using this method requires
|
|
<a href=\"?section=radius\">additional
|
|
parameters</a> to be set.
|
|
</dd>
|
|
<dt>LDAP</dt>
|
|
<dd>
|
|
LDAP authentication using an LDAP server.
|
|
Please see the $terms.Bugzilla documentation
|
|
for more information. Using this method requires
|
|
<a href=\"?section=ldap\">additional
|
|
parameters</a> to be set.
|
|
</dd>
|
|
</dl>",
|
|
|
|
rememberlogin => "Controls management of session cookies
|
|
<ul>
|
|
<li>
|
|
on - Session cookies never expire (the user has to login only
|
|
once per browser).
|
|
</li>
|
|
<li>
|
|
off - Session cookies last until the users session ends (the user
|
|
will have to login in each new browser session).
|
|
</li>
|
|
<li>
|
|
defaulton/defaultoff - Default behavior as described
|
|
above, but user can choose whether $terms.Bugzilla will remember his
|
|
login or not.
|
|
</li>
|
|
</ul>",
|
|
|
|
requirelogin => "If this option is set, all access to the system beyond the " _
|
|
"front page will require a login. No anonymous users will " _
|
|
"be permitted.",
|
|
|
|
emailregexp => "This defines the regexp to use for legal email addresses. The " _
|
|
"default tries to match fully qualified email addresses. Another " _
|
|
"popular value to put here is <tt>^[^@]+$</tt>, which means " _
|
|
"'local usernames, no @ allowed.'",
|
|
|
|
emailregexpdesc => "This describes in English words what kinds of legal addresses " _
|
|
"are allowed by the <tt>emailregexp</tt> param.",
|
|
|
|
emailsuffix => "This is a string to append to any email addresses when actually " _
|
|
"sending mail to that address. It is useful if you have changed " _
|
|
"the <tt>emailregexp</tt> param to only allow local usernames, " _
|
|
"but you want the mail to be delivered to username@my.local.hostname.",
|
|
|
|
createemailregexp => "This defines the regexp to use for email addresses that are " _
|
|
"permitted to self-register using a 'New Account' feature. The " _
|
|
"default (.*) permits any account matching the emailregexp " _
|
|
"to be created. If this parameter is left blank, no users " _
|
|
"will be permitted to create their own accounts and all accounts " _
|
|
"will have to be created by an administrator.",
|
|
|
|
max_login_attempts => "Maximum failed logins to lock account for one IP address. 0 means no limit.",
|
|
|
|
login_lockout_interval => "If the maximum login attempts occur during this many minutes, the account is locked.",
|
|
|
|
} %]
|