[%# This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. # # This Source Code Form is "Incompatible With Secondary Licenses", as # defined by the Mozilla Public License, v. 2.0. #%] [% title = "User Authentication" desc = "Set up your authentication policies" %] [% param_descs = { auth_env_id => "Environment variable used by external authentication system " _ "to store a unique identifier for each user. Leave it blank " _ "if there isn't one or if this method of authentication " _ "is not being used.", auth_env_email => "Environment variable used by external authentication system " _ "to store each user's email address. This is a required " _ "field for environmental authentication. Leave it blank " _ "if you are not going to use this feature.", auth_env_realname => "Environment variable used by external authentication system " _ "to store the user's real name. Leave it blank if there " _ "isn't one or if this method of authentication is not being " _ "used.", user_info_class => "Mechanism(s) to be used for gathering a user's login information. More than one may be selected. If the first one returns nothing, the second is tried, and so on.
The types are:
CGI
Asks for username and password via CGI form interface.
Env
Info for a pre-authenticated user is passed in system environment variables.
", user_verify_class => "Mechanism(s) to be used for verifying (authenticating) information gathered by user_info_class. More than one may be selected. If the first one cannot find the user, the second is tried, and so on.
The types are:
DB
Bugzilla's built-in authentication. This is the most common choice.
RADIUS
RADIUS authentication using a RADIUS server. Please see the Bugzilla documentation for more information. Using this method requires additional parameters to be set.
LDAP
LDAP authentication using an LDAP server. Please see the Bugzilla documentation for more information. Using this method requires additional parameters to be set.
", rememberlogin => "Controls management of session cookies ", requirelogin => "If this option is set, all access to the system beyond the " _ "front page will require a login. No anonymous users will " _ "be permitted.", emailregexp => "This defines the regular expression to use for legal email addresses. " _ "The default tries to match fully qualified email addresses. " _ "Use .* to accept any email address following the " _ "RFC 2822 " _ "specification.", emailregexpdesc => "This description explains valid addresses that " _ "are allowed by the emailregexp param.", createemailregexp => "This defines the (case-insensitive) regexp to use for email addresses that are " _ "permitted to self-register using a 'New Account' feature. The " _ "default (.*) permits any account matching the emailregexp " _ "to be created. If this parameter is left blank, no users " _ "will be permitted to create their own accounts and all accounts " _ "will have to be created by an administrator.", use_email_as_login => "If switched on, users will log in with the email " _ "address of the account. If switched off, they will " _ "log in with a separate identifier.
" _ "Switching this from off to on results in " _ "the destructive act of the login name for all users " _ "being set to their email address!", password_complexity => "Set the complexity required for passwords. In all cases must the passwords " _ "be at least ${constants.USER_PASSWORD_MIN_LENGTH} characters long." _ "", password_check_on_login => "If set, $terms.Bugzilla will check that the password meets the current " _ "complexity rules and minimum length requirements when the user logs " _ "into the $terms.Bugzilla web interface. If it doesn't, the user would " _ "not be able to log in, and recieve a message to reset their password.", auth_delegation => "If set, $terms.Bugzilla will allow third party applications " _ "to request API keys for users." } %]