代码拉取完成,页面将自动刷新
This directory contains various authorization plugins:
In general, it should be possible to increase log level in Tomcat's
logging.properties file to get more verbose logging.
Has a special property called "fake" that allows to insert custom headers with the "fake-" prefix that would be evaluated instead of the usual SSO headers.
Header insertion can be done e.g. using the Modify headers Firefox plugin.
<!-- get user cred from HTTP headers -->
<void method="add">
<object class="org.opengrok.indexer.authorization.AuthorizationPlugin">
<void property="name">
<string>opengrok.auth.plugin.UserPlugin</string>
</void>
<void property="flag">
<string>REQUISITE</string>
</void>
<!-- set fake parameter to true to allow insertion of custom headers -->
<void property="setup">
<void method="put">
<string>fake</string>
<boolean>true</boolean>
</void>
</void>
</object>
</void>
The following snippet configures global authorization stack with 2 REQUISITE plugins and a sub-stack with 1 SUFFICIENT and 1 REQUIRED plugin.
There is a config file ldap-plugin-config.xml specified globally that will be
used by LdapPlugin. See LdapPlugin directory for sample of this config file.
This snippet can be put info read-only configuration that is passed to the indexer via the -R option.
<!-- Authorization config begin -->
<void property="pluginStack">
<!-- The setup will be inherited to all sub-stacks -->
<void property="setup">
<void method="put">
<string>configuration</string>
<string>/opengrok/auth/config/ldap-plugin-config.xml</string>
</void>
</void>
<void property="stack">
<!-- get user cred from HTTP headers -->
<void method="add">
<object class="org.opengrok.indexer.authorization.AuthorizationPlugin">
<void property="name">
<string>opengrok.auth.plugin.UserPlugin</string>
</void>
<void property="flag">
<string>REQUISITE</string>
</void>
</object>
</void>
<!-- get email, ou and uid -->
<void method="add">
<object class="org.opengrok.indexer.authorization.AuthorizationPlugin">
<void property="name">
<string>opengrok.auth.plugin.LdapUserPlugin</string>
</void>
<void property="flag">
<string>REQUISITE</string>
</void>
</object>
<void property="setup">
<void method="put">
<string>objectclass</string>
<string>posixAccount</string>
</void>
</void>
</void>
<!-- Authorization stacks follow -->
<void method="add">
<object class="org.opengrok.indexer.authorization.AuthorizationStack">
<void property="forProjects">
<void method="add">
<string>foo</string>
</void>
</void>
<void property="forGroups">
<void method="add">
<string>mygroup</string>
</void>
</void>
<void property="name">
<string>substack for some source code</string>
</void>
<void property="flag">
<string>REQUIRED</string>
</void>
<void property="stack">
<void method="add">
<object class="org.opengrok.indexer.authorization.AuthorizationPlugin">
<void property="name">
<string>opengrok.auth.plugin.LdapAttrPlugin</string>
</void>
<void property="flag">
<string>SUFFICIENT</string>
</void>
<void property="setup">
<void method="put">
<string>attribute</string>
<string>mail</string>
</void>
<void method="put">
<string>file</string>
<string>/opengrok/auth/config/whitelists/mycode-whitelist-mail.txt</string>
</void>
</void>
</object>
</void>
<void method="add">
<object class="org.opengrok.indexer.authorization.AuthorizationPlugin">
<void property="name">
<string>opengrok.auth.plugin.LdapFilterPlugin</string>
</void>
<void property="flag">
<string>REQUIRED</string>
</void>
<void property="setup">
<void method="put">
<string>filter</string>
<string>(&(objectclass=posixGroup)(cn=my_src*)(memberUid=%uid%))</string>
</void>
</void>
</object>
</void>
</void>
</object>
</void>
</void>
<!-- Authorization config end -->
</object>
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手