jenkinsci
/
configuration-as-code-plugin
mirror of https://github.com/jenkinsci/configuration-as-code-plugin.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
configuration-as-code-plugin/demos/ldap
History
Joseph Petersen 410c3ae03e
SecretResolver support file and base64 variable expansion (#1408) 
Co-authored-by: Victor Martinez <victormartinezrubio@gmail.com>
 		2020-07-19 04:37:52 +02:00
..
README.md SecretResolver support file and base64 variable expansion (#1408) 2020-07-19 04:37:52 +02:00

README.md

configure ldap plugin

sample configuration

jenkins:
  securityRealm:
    ldap:
      configurations:
        - server: ldap.acme.com
          rootDN: dc=acme,dc=fr
          managerDN: "manager"
          managerPasswordSecret: "${LDAP_PASSWORD}"
          userSearch: "(&(objectCategory=User)(sAMAccountName={0}))"
          groupSearchFilter: "(&(cn={0})(objectclass=group))"
          groupMembershipStrategy:
            fromGroupSearch:
              filter: "(&(objectClass=group)(|(cn=GROUP_1)(cn=GROUP_2)))"
      cache:
        size: 100
        ttl: 10
      userIdStrategy: CaseInsensitive
      groupIdStrategy: CaseSensitive

implementation note

hudson.security.LDAPSecurityRealm can be configured using its @DataBoundConstructor parameters without any dedicated adapter code. It is identified as ldap as it implements the SecurityRealm extension point, so we can define a "natural" symbol name for it.