diff options
author | Robert Speicher <robert@gitlab.com> | 2016-02-18 19:46:35 +0000 |
---|---|---|
committer | Robert Speicher <robert@gitlab.com> | 2016-02-18 19:46:35 +0000 |
commit | c04e22fba8d130a58f498ff48127712d7dae17ee (patch) | |
tree | 341590a61401b0ae52317dbaca35c65471f9acad /config | |
parent | 0feab326d52222dc0ab5bd0a6b15dab297f44aa9 (diff) | |
parent | f014127e173b718b81879634c1dac9191184995c (diff) | |
download | gitlab-ce-c04e22fba8d130a58f498ff48127712d7dae17ee.tar.gz |
Merge branch 'saml-decoupling' into 'master'
Decouple SAML authentication from the default Omniauth logic
Fixes gitlab-org/gitlab-ee#178
With this merge request SAML gets its own login logic and its own `User` class under `lib/gitlab/saml/` This is needed to give SAML more versatility over how the authorization process works and to pave the way for the development of a SAML group sync as outlined here: gitlab-org/gitlab-ee#118
See merge request !2782
Diffstat (limited to 'config')
-rw-r--r-- | config/gitlab.yml.example | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example index faf05ecd466..b6954b3152b 100644 --- a/config/gitlab.yml.example +++ b/config/gitlab.yml.example @@ -288,15 +288,22 @@ production: &base # auto_sign_in_with_provider: saml # CAUTION! - # This allows users to login without having a user account first (default: false). + # This allows users to login without having a user account first. Define the allowed + # providers using an array, e.g. ["saml", "twitter"] # User accounts will be created automatically when authentication was successful. - allow_single_sign_on: false + allow_single_sign_on: ["saml"] + # Locks down those users until they have been cleared by the admin (default: true). block_auto_created_users: true # Look up new users in LDAP servers. If a match is found (same uid), automatically # link the omniauth identity with the LDAP account. (default: false) auto_link_ldap_user: false + # Allow users with existing accounts to login and auto link their account via SAML + # login, without having to do a manual login first and manually add SAML + # (default: false) + auto_link_saml_user: false + ## Auth providers # Uncomment the following lines and fill in the data of the auth provider you want to use # If your favorite auth provider is not listed you can use others: |