This is an automated email from the ASF dual-hosted git repository. heneveld pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/brooklyn-docs.git
commit 0519dc5b03067f2eb71eefa2583d5711917a97df Author: Juan Cabrerizo <j...@cloudsoft.io> AuthorDate: Sat Aug 21 17:55:55 2021 +0100 new LDAP keys --- guide/ops/configuration/brooklyn_cfg.md | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/guide/ops/configuration/brooklyn_cfg.md b/guide/ops/configuration/brooklyn_cfg.md index c372835..ecd6a3f 100644 --- a/guide/ops/configuration/brooklyn_cfg.md +++ b/guide/ops/configuration/brooklyn_cfg.md @@ -139,8 +139,14 @@ The other things you need to set in `brooklyn.cfg` are: * `brooklyn.webconsole.security.ldap.allowed_realms_regex` - allows multiple realms (domains) that match regex - username must be of form domain\user * `brooklyn.webconsole.security.ldap.ou` *optional, by default it set to Users* - ldap ou parameter - -**brooklyn.cfg example configuration:** +* `brooklyn.webconsole.security.ldap.group_config_key` *optional* to be used in combination with the next. Name of the + config key prefix for the valid LDAP groups to be mapped to AMP entitlements. If used only mapped groups will be added + to the user groups. If empty, user LDAP groups will be ignored. +* `brooklyn.webconsole.security.ldap.fetch_user_group` *optional, by default it set to false* - whether or not the LDAP + groups for the user should be gathered. If true, the groups will be stored in the user session and the security context +* `brooklyn.webconsole.security.ldap.login_info_log` *optional, by default it set to false* - whether or not the user attempts + to log in the system must be added to the info log + **brooklyn.cfg example configuration:** ~~~ brooklyn.webconsole.security.provider=org.apache.brooklyn.rest.security.provider.LdapSecurityProvider