NameHostname
Type: NameHostname
Parent: AuthPop3Set, AuthImapSet, AuthSshSet, AuthLdapSet
Declares a server for authentication. Any user that is to be able to login has to have an account on the given server and must not be excluded.
Possible server types are:
- POP3 server
- IMAP server
- Any remote host having the SSH daemon enabled
- LDAP server
It is possible to allow (include) or forbid (exclude) login to specific users on a server.
To use one of these authentications in a config you have to reference it by its name attribute.
| Attribute | Description | Usage |
|---|---|---|
| id |
A unique ID. This authentication element can be referenced
by that name from any config element.
|
required |
| displayname | A descriptive text that will be displayed below the login prompt to remind the user of what credentials he has to use to login. | optional |
| includes | A comma seperated list of users on that server that are allowed to login. No other users are allowed. | optional |
| excludes | A comma seperated list of users on that server that are not allowed to login. Every other existing user on that server is allowed. | optional |
| hostname | Comma separated list of hostnames of servers that are to be used to check logins against. The servers must be reachable by that name from the web server WebCFG is running on. If unsure use FQDN. IP addresses are also possible. | required |
| showhostname |
Allowed values: true, false If set to true, the value(s) in the hostname attribute will be displayed below the login fields. If there is only one hostname, it will be displayed as text field, if several hostnames are given comma separated it will displayed as drop down box. If set to false, nothing will be displayed. |
optional |
<authentications>
<pop3set>
<pop3 id="pop3" hostname="mail1.domain.tld, mail2.domain.tld"
displayname="Please login using your mail server credentials."
excludes="user1, user2" showhostname="true"/>
</pop3set>
</authentications>
[...]
<wcapp name="testConfig"
displayname="Test configuration with POP3 authentication"
authref="pop3">
[...]
</wcapp>
This example shows how to define a POP3 authentication and how to reference it from a config. Every user that has an account on either mail1.domain.tld or mail2.domain.tld may login except user1 and user2.
As the attribute showhostname is set, a dropdown box will be displayed below the login prompt to enable the user to chose the POP3 server to authenticate agains.
Below the dropdown box, a label is shown with the text from displayname.
<authentications>
<imapset>
<imap id="imap" hostname="imap.domain.tld"
displayname="Please login using your mail server credentials."
includes="user3, user4, user5" showhostname="true"/>
</imapset>
</authentications>
[...]
<wcapp name="testConfig"
displayname="Test configuration with IMAP authentication"
authref="imap">
[...]
</wcapp>
This example shows how to define an IMAP authentication and how to reference it from a config. No user except user4, user5 and user6 may login.
As the attribute showhostname is set and only one hostname is given, a textfield is shown containing the hostname.
Below the dropdown box, a label is shown with the text from displayname.
<authentications>
<sshset>
<ssh id="ssh" hostname="server.domain.tld" />
</sshset>
</authentications>
[...]
<wcapp name="testConfig"
displayname="Test configuration with SSH authentication"
authref="ssh">
[...]
</wcapp>
This example shows how to define a SSH authentication and how to reference it from a config. Every user with SSH access to the given server is allowed to login.
The hostname is invisible to users as the attribute showhostname is not set.
<authentications>
<ldapset>
<ldap id="ldap" hostname="w2k3.domain.tld" />
</ldapset>
</authentications>
[...]
<wcapp name="testConfig"
displayname="Test configuration with LDAP authentication"
authref="ldap">
[...]
</wcapp>
If LDAP is used for authentication, the user has to give its username in the following form to login:
-
On a W2K3 or Exchange server:
the username at it is defined in AD -
On a LDAP server:
The complete CN (e.g.cn=admin,dc=domain,dc=com)