Web proxy LDAP authentication

From VyOS Wiki
Jump to: navigation, search
Warning sign.png This page is migrated to Readthedocs .
Information found on this page is migrated to readthedocs and information found here could be outdated or misleading. https://vyos.readthedocs.io/en/latest/services/webproxy.html?highlight=web%20proxy#authentication


Configuration commands:

service
    webproxy
        authentication
            children <integer>        # Authentication processes number limit (they run as separate processes)
            realm <string>            # The realm name shown in auth dialog
            credentials-ttl <minutes> # Session life time
            method <string>           # Only "ldap" is supported right now, introduced for scalability
            ldap
                server <host or IP>         # LDAP server, mandatory
                port <1-65535>              # LDAP port, default 389
                version <integer>           # LDAP version, default is 3
                password <string>           # LDAP password
                base-dn <string>            # LDAP base DN, mandatory
                bind-dn <string>            # LDAP bind DN
                filter-expression <string>  # LDAP expression for user accounts
                username-attribute <string> # LDAP attribute used for user names
                persistent-connection       # Use persistent LDAP connection
                use-ssl                     # Use LDAP over SSL
        url-filtering
            squidguard
                source-group
                    ldap-user-search # User group search LDAP expression
                    ldap-ip-search   # IP list search LDAP expression
                    user <list>      # Predefined user list