#
# ldap_forwardauth config file
#

# == LDAP SETTINGS ==
# Enter the auth information for the ldap bind dn auth
LDAP_URL="ldap://127.0.0.1"
LDAP_BIND_DN="cn=example,ou=users,dc=example,dc=com"
LDAP_BIND_PASSWORD="securePassword"
LDAP_BASE_DN="ou=users,dc=example,dc=com"
LDAP_FILTER="(&)"
LDAP_UID="cn"

# == LDAP MATCHERS ==
# Matchers allow the program to figure out what fields
# contain what type of data
LDAP_USERNAME_MATCHER="uid"
LDAP_EMAIL_MATCHER="mail"
LDAP_FIRST_NAME_MATCHER="givenname"
LDAP_LAST_NAME_MATCHER="sn"

# == FORWARD AUTH HEADER NAMES ==
# Specify the names for the forward auth headers
# ldap_forwardauth should output
HTTP_USERNAME_HEADER=X-Webauth-Username
HTTP_EMAIL_HEADER=X-Webauth-Email
HTTP_FIRST_NAME_HEADER=X-Webauth-First-Name
HTTP_LAST_NAME_HEADER=X-Webauth-Last-Name

# == HOST INFORMATION ==
# The http host is the domain and port ldap_forwardauth is hosted at
# Cookie domain is the superset of domains that ldap_forwardauth can auth to
# Note: HTTPH_HOST must must be the same or a subdomain to COOKIE_DOMAIN
HTTP_HOST=auth.example.com
COOKIE_DOMAIN=example.com
COOKIE_NAME=X-Webauth-Token