Versions Compared

Old Version 11

changes.mady.by.user Olivier Michaut

Saved on

compared with

New Version 12

changes.mady.by.user Olivier Michaut

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: typos in UDMG Auth Proxy configuration

...

Panel

# Proxy Configuration
[proxy]
# Enable Auto Recover
recover = true
# Enable Cors
cors = true
# Enable  Request Track ID
tracker = false
# Enable Logguer
logger = true
# Listen Port
port = "5000"
# Listen IP 
inet = "127.0.0.1"# Local
[service.localPort, default "5000"
port = "5000"
# Network interface, default "0.0.0.0"
inet = "127.0.0.1"
# Enable recover on panic, default true, should be true for production environment
recover = true
# Enable Cross-Origin Resource Sharing (CORS), should be true for production environment
cors = true
# Enable Request Track ID, default true
tracker = true
# Enable Request Logguer, default true
logger = true
# Rate Limit IP Request over 1 second, default 0 (unlimited)
limit = 0
# Enable the Prometheus Metric Endpoint '/metric', default false
metrics = false

# Service 'local' with direct authentication on the waarp gateway
[service.local]
# MFT Waarp Gateway Listen Protocol
protocol = "http"

[[service.local.targets]]
# MFT Waarp Gateway Hostname or IP
hostname = "localhost"
# MFT Waarp Gateway Port
port = 18080

# Service 'mft' with direct authentication on the waarp gateway
[service.mft]
# MFT Waarp Gateway Listen Protocol
protocol = "http""

[[service.mft.targets]]
# MFT Waarp Gateway Hostname or IP
hostname = "localhost"
# MFT Waarp Gateway Port
port = " 18080""

Configuration for LDAP Authentication

...

Panel

# Proxy Configuration
[proxy]
# Enable Auto RecoverPort, default "5000"
port = "5000"
# Network interface, default "0.0.0.0"
inet = "127.0.0.1"
# Enable recover on panic, default true, should be true for production environment
recover = true
# Enable CorsCross-Origin Resource Sharing (CORS), should be true for production environment
cors = true
# Enable  Request Request Track ID, default true
tracker = falsetrue
# Enable Request Logguer, default true
logger = true
# Listen Port
port = "5000"
# Listen IP 
inet = "127.0.0.1"# Service with LDAP Authentication
[service.mftRate Limit IP Request over 1 second, default 0 (unlimited)
limit = 0
# Enable the Prometheus Metric Endpoint '/metric', default false
metrics = false

# Service 'local' with direct authentication on the waarp gateway
[service.local]
# MFT Waarp Gateway Listen Protocol
protocol = "http"

# MFT Waarp Gateway Hostname or IP
hostname = "localhost"[[service.local.targets]]
# MFT Waarp Gateway Hostname or IP
hostname = "localhost"
# MFT Waarp Gateway Port
port = 18080

# Service 'mft' with LDAP Authentication
[service.mft]
# MFT Waarp Gateway PortListen Protocol
port protocol = "18080http"

# This option is breaking glass option for admins, they will not reach the LDAP service during the Auth Stage
admins = ["admin"]



[[service.mft.targets]]
# MFT Waarp Gateway Hostname or IP
hostname = "localhost"
# MFT Waarp Gateway Port
port = 18080

# User for Sync Password Between Ldap and Proxy
[service.mft.credential]
# Pre - Setup user under MFT Waarp Gateway
username = "ldap_sync"
password = "ldap_password"

# LDAP Configuration
[service.mft.auth.ldap]
# LDAP Server DC with OU
dn = "ou=users,dc=stonebranch,dc=com"
# LDAP Server FQDN or IP
hostname = "myldap.server.fqdn.com"
# LDAP Server pORT
port = " 1389"

Note

The LDAP replication requires a user with permission for creating and updating users. For example to create the 'ldap_sync' user with the command line interface:

waarp_gateway user add -u ldap_sync -p ldap_password -r 'U=rw'
In case of successful authentication on the LDAP, the user is created with default read permission in the internal UDMG database if it does not exist. Otherwise the credentials are updated in the database to allow for authentication on the REST and CLI interfaces.

...