-
Notifications
You must be signed in to change notification settings - Fork 602
/
Copy pathsettings_company_authentication.hbs
124 lines (92 loc) · 5.06 KB
/
settings_company_authentication.hbs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
{{> header }}
<h1>LDAP authentication</h1>
<p class="lead">LDAP authentication details</p>
{{> show_flash_messages }}
<div class="row main-row_header">
<p class="col-md-12">Description</p>
</div>
<div class="row">
<div class="col-md-8 col-md-offset-1">
<p>TimeOff.Management supports LDAP authentication for customers that want to integrate the application with the rest of their infrastructure. The obvious reason is to allow employees to reuse their Active directory credentials in TimeOff.Management.</p>
<p>This page allows you to setup the TimeOff.Management to communicate with a custom LDAP server.</p>
<p>Please note that employees have to use their <strong>LDAP email</strong> with <strong>LDAP password</strong> (rather than username). This is due to the multi-tenant nature of TimeOff.Management application that allows hosting more than one company within a single installation.</p>
<p>Form below has placeholders with examples how to setup TimeOff.Management to use free test LDAP server described <a href="http://www.forumsys.com/en/tutorials/integration-how-to/ldap/online-ldap-test-server/">here</a>.</p>
</div>
</div>
<div class="row main-row_header">
<p class="col-md-12">Configuration</p>
</div>
<div class="row">
<div class="col-md-12">
<form class="form-horizontal" action="" method="post">
<div class="form-group">
<div class="col-md-9 col-md-offset-3">
<label for="ldap_auth_enabled" class="control-label">
<input
id="ldap_auth_enabled"
type="checkbox"
{{# if company.ldap_auth_enabled }} checked="checked" {{/if}}
name="ldap_auth_enabled"
/>
Enable LDAP authentication
</label>
</div>
</div>
<hr/>
<div class="form-group">
<label for="ldap_url" class="col-md-3 control-label">URL to LDAP server</label>
<div class="col-md-5">
<input class="form-control" id="ldap_url" placeholder="ldap://ldap.forumsys.com:389" name="url" value="{{ldap_config.url}}" aria-describedby="ldap_url_help" >
</div>
<span id="ldap_url_help" class="help-block">The URL must contain the protocol and port parts</span>
<div class="col-md-9 col-md-offset-3">
<label for="allow_unauthorized_cert" class="control-label">
<input
id="allow_unauthorized_cert"
type="checkbox"
{{# if ldap_config.allow_unauthorized_cert }} checked="checked" {{/if}}
name="allow_unauthorized_cert"
/>
Allow unauthorized SSL certificate (if LDAPS is used)
</label>
</div>
</div>
<div class="form-group">
<label for="ldap_bindn" class="col-md-3 control-label">BindDN</label>
<div class="col-md-5">
<input class="form-control" id="ldap_bindn" placeholder="cn=read-only-admin,dc=example,dc=com" name="binddn" value="{{ ldap_config.binddn }}">
</div>
</div>
<div class="form-group">
<label for="ldap_password" class="col-md-3 control-label">Bind Credentials</label>
<div class="col-md-5">
<input class="form-control" id="ldap_password" placeholder="" name="bindcredentials" value="{{ ldap_config.bindcredentials }}" type="password" aria-describedby="ldap_password_help">
</div>
<span id="ldap_password_help" class="help-block">Password used for dealing with LDAP queries</span>
</div>
<div class="form-group">
<label for="ldap_search_base" class="col-md-3 control-label">Search Base</label>
<div class="col-md-5">
<input class="form-control" id="ldap_search_base" placeholder="dc=example,dc=com" name="searchbase" value="{{ ldap_config.searchbase }}">
</div>
</div>
<hr/>
<p class="col-md-offset-2">In order to prevent a situation where a company account locks itself out, the current administrator (<strong>{{# with logged_user}}{{this.full_name}}{{/with}}</strong>) has to enter the password associated with her/his email on the LDAP server.</p>
<p class="col-md-offset-2">This is to ensure that <strong>{{# with logged_user}}{{this.full_name}}{{/with}}</strong> can login into TimeOff.Management with new LDAP settings.</p>
<hr/>
<div class="form-group">
<label for="current_user_password" class="col-md-3 control-label">My LDAP password</label>
<div class="col-md-5">
<input class="form-control" id="current_user_password" placeholder="" name="password_to_check" value="" type="password" aria-describedby="current_user_password_help">
</div>
<span id="current_user_password_help" class="help-block">Password for <strong>{{# with logged_user}}{{this.full_name}}{{/with}}</strong> in the new LDAP server.</span>
</div>
<div class="form-group">
<div class="col-md-offset-3 col-md-5">
<button id="submit_registration" type="submit" class="pull-right btn btn-success single-click">Save LDAP configuration</button>
</div>
</div>
</form>
</div>
</div>
{{> footer }}