1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
[%# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Bugzilla Bug Tracking System.
#
# The Initial Developer of the Original Code is Netscape Communications
# Corporation. Portions created by Netscape are
# Copyright (C) 1998 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s): Dave Miller <justdave@bugzilla.org>
# Frédéric Buclin <LpSolit@gmail.com>
# Marc Schumann <wurblzap@gmail.com>
#%]
[%
title = "User Authentication"
desc = "Set up your authentication policies"
%]
[% param_descs = {
auth_env_id => "Environment variable used by external authentication system " _
"to store a unique identifier for each user. Leave it blank " _
"if there isn't one or if this method of authentication " _
"is not being used.",
auth_env_email => "Environment variable used by external authentication system " _
"to store each user's email address. This is a required " _
"field for environmental authentication. Leave it blank " _
"if you are not going to use this feature.",
auth_env_realname => "Environment variable used by external authentication system " _
"to store the user's real name. Leave it blank if there " _
"isn't one or if this method of authentication is not being " _
"used.",
user_info_class => "Mechanism(s) to be used for gathering a user's login information.
More than one may be selected. If the first one returns nothing,
the second is tried, and so on.<br>
The types are:
<dl>
<dt>CGI</dt>
<dd>
Asks for username and password via CGI form interface.
</dd>
<dt>Env</dt>
<dd>
Info for a pre-authenticated user is passed in system
environment variables.
</dd>
</dl>",
user_verify_class => "Mechanism(s) to be used for verifying (authenticating) information
gathered by user_info_class.
More than one may be selected. If the first one cannot find the
user, the second is tried, and so on.<br>
The types are:
<dl>
<dt>DB</dt>
<dd>
${terms.Bugzilla}'s built-in authentication. This is the most common
choice.
</dd>
<dt>RADIUS</dt>
<dd>
RADIUS authentication using a RADIUS server.
This method is experimental; please see the
$terms.Bugzilla documentation for more information.
Using this method requires
<a href=\"?section=radius\">additional
parameters</a> to be set.
</dd>
<dt>LDAP</dt>
<dd>
LDAP authentication using an LDAP server.
This method is experimental; please see the
$terms.Bugzilla documentation for more information.
Using this method requires
<a href=\"?section=ldap\">additional
parameters</a> to be set.
</dd>
</dl>",
rememberlogin => "Controls management of session cookies
<ul>
<li>
on - Session cookies never expire (the user has to login only
once per browser).
</li>
<li>
off - Session cookies last until the users session ends (the user
will have to login in each new browser session).
</li>
<li>
defaulton/defaultoff - Default behavior as described
above, but user can choose whether $terms.Bugzilla will remember his
login or not.
</li>
</ul>",
loginnetmask => "The number of bits for the netmask used if a user chooses to " _
"allow a login to be valid for more than a single IP. Setting " _
"this to 32 disables this feature.<br> " _
"Note that enabling this may decrease the security of your system.",
requirelogin => "If this option is set, all access to the system beyond the " _
"front page will require a login. No anonymous users will " _
"be permitted.",
emailregexp => "This defines the regexp to use for legal email addresses. The " _
"default tries to match fully qualified email addresses. Another " _
"popular value to put here is <tt>^[^@]+$</tt>, which means " _
"'local usernames, no @ allowed.'",
emailregexpdesc => "This describes in English words what kinds of legal addresses " _
"are allowed by the <tt>emailregexp</tt> param.",
emailsuffix => "This is a string to append to any email addresses when actually " _
"sending mail to that address. It is useful if you have changed " _
"the <tt>emailregexp</tt> param to only allow local usernames, " _
"but you want the mail to be delivered to username@my.local.hostname.",
createemailregexp => "This defines the regexp to use for email addresses that are " _
"permitted to self-register using a 'New Account' feature. The " _
"default (.*) permits any account matching the emailregexp " _
"to be created. If this parameter is left blank, no users " _
"will be permitted to create their own accounts and all accounts " _
"will have to be created by an administrator." }
%]
|