[%# This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. # # This Source Code Form is "Incompatible With Secondary Licenses", as # defined by the Mozilla Public License, v. 2.0. #%] [% title = "User Authentication" desc = "Set up your authentication policies" %] [% param_descs = { auth_env_id => "Environment variable used by external authentication system " _ "to store a unique identifier for each user. Leave it blank " _ "if there isn't one or if this method of authentication " _ "is not being used.", auth_env_email => "Environment variable used by external authentication system " _ "to store each user's email address. This is a required " _ "field for environmental authentication. Leave it blank " _ "if you are not going to use this feature.", auth_env_realname => "Environment variable used by external authentication system " _ "to store the user's real name. Leave it blank if there " _ "isn't one or if this method of authentication is not being " _ "used.", user_info_class => "Mechanism(s) to be used for gathering a user's login information. More than one may be selected. If the first one returns nothing, the second is tried, and so on.
The types are:
CGI
Asks for username and password via CGI form interface.
Env
Info for a pre-authenticated user is passed in system environment variables.
", user_verify_class => "Mechanism(s) to be used for verifying (authenticating) information gathered by user_info_class. More than one may be selected. If the first one cannot find the user, the second is tried, and so on.
The types are:
DB
${terms.Bugzilla}'s built-in authentication. This is the most common choice.
RADIUS
RADIUS authentication using a RADIUS server. Please see the $terms.Bugzilla documentation for more information. Using this method requires additional parameters to be set.
LDAP
LDAP authentication using an LDAP server. Please see the $terms.Bugzilla documentation for more information. Using this method requires additional parameters to be set.
", rememberlogin => "Controls management of session cookies ", requirelogin => "If this option is set, all access to the system beyond the " _ "front page will require a login. No anonymous users will " _ "be permitted.", webservice_email_filter => "Filter email addresses returned by the WebService API depending on " _ "if the user is logged in or not. This works similarly to how the " _ "web UI currently filters email addresses. If requirelogin " _ "is enabled, then this parameter has no effect as users must be logged " _ "in to use ${terms.Bugzilla}.", emailregexp => "This defines the regular expression to use for legal email addresses. " _ "The default tries to match fully qualified email addresses. " _ "Use .* to accept any email address following the " _ "RFC 2822 " _ "specification. Another popular value to put here is ^[^@]+$, " _ "which means 'local usernames, no @ allowed.'", emailregexpdesc => "This description explains valid addresses that " _ "are allowed by the emailregexp param.", emailsuffix => "This is a string to append to any email addresses when actually " _ "sending mail to that address. It is useful if you have changed " _ "the emailregexp param to only allow local usernames, " _ "but you want the mail to be delivered to username@my.local.hostname.", createemailregexp => "This defines the (case-insensitive) regexp to use for email addresses that are " _ "permitted to self-register using a 'New Account' feature. The " _ "default (.*) permits any account matching the emailregexp " _ "to be created. If this parameter is left blank, no users " _ "will be permitted to create their own accounts and all accounts " _ "will have to be created by an administrator.", password_complexity => "Set the complexity required for passwords. In all cases must the passwords " _ "be at least ${constants.USER_PASSWORD_MIN_LENGTH} characters long." _ "" } %]