mirror of
https://github.com/grafana/grafana.git
synced 2024-11-25 02:10:45 -06:00
AuthProxy: additions to ttl config change (#20249)
* fixes according to feedback * additions to config and docs
This commit is contained in:
parent
026d13469f
commit
3111c3620b
@ -396,7 +396,7 @@
|
|||||||
;header_name = X-WEBAUTH-USER
|
;header_name = X-WEBAUTH-USER
|
||||||
;header_property = username
|
;header_property = username
|
||||||
;auto_sign_up = true
|
;auto_sign_up = true
|
||||||
;ldap_sync_ttl = 60
|
;sync_ttl = 60
|
||||||
;whitelist = 192.168.1.1, 192.168.2.1
|
;whitelist = 192.168.1.1, 192.168.2.1
|
||||||
;headers = Email:X-User-Email, Name:X-User-Name
|
;headers = Email:X-User-Email, Name:X-User-Name
|
||||||
# Read the auth proxy docs for details on what the setting below enables
|
# Read the auth proxy docs for details on what the setting below enables
|
||||||
|
@ -27,8 +27,9 @@ header_name = X-WEBAUTH-USER
|
|||||||
header_property = username
|
header_property = username
|
||||||
# Set to `true` to enable auto sign up of users who do not exist in Grafana DB. Defaults to `true`.
|
# Set to `true` to enable auto sign up of users who do not exist in Grafana DB. Defaults to `true`.
|
||||||
auto_sign_up = true
|
auto_sign_up = true
|
||||||
# If combined with Grafana LDAP integration define sync interval in minutes
|
# Define cache time to live in minutes
|
||||||
ldap_sync_ttl = 60
|
# If combined with Grafana LDAP integration it is also the sync interval
|
||||||
|
sync_ttl = 60
|
||||||
# Limit where auth proxy requests come from by configuring a list of IP addresses.
|
# Limit where auth proxy requests come from by configuring a list of IP addresses.
|
||||||
# This can be used to prevent users spoofing the X-WEBAUTH-USER header.
|
# This can be used to prevent users spoofing the X-WEBAUTH-USER header.
|
||||||
# Example `whitelist = 192.168.1.1, 192.168.1.0/24, 2001::23, 2001::0/120`
|
# Example `whitelist = 192.168.1.1, 192.168.1.0/24, 2001::23, 2001::0/120`
|
||||||
|
@ -46,6 +46,12 @@ var (
|
|||||||
ERR_TEMPLATE_NAME = "error"
|
ERR_TEMPLATE_NAME = "error"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// This constant corresponds to the default value for ldap_sync_ttl in .ini files
|
||||||
|
// it is used for comparision and has to be kept in sync
|
||||||
|
const (
|
||||||
|
AUTH_PROXY_SYNC_TTL = 60
|
||||||
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
// App settings.
|
// App settings.
|
||||||
Env = DEV
|
Env = DEV
|
||||||
@ -860,7 +866,7 @@ func (cfg *Cfg) Load(args *CommandLineArgs) error {
|
|||||||
ldapSyncVal := authProxy.Key("ldap_sync_ttl").MustInt()
|
ldapSyncVal := authProxy.Key("ldap_sync_ttl").MustInt()
|
||||||
syncVal := authProxy.Key("sync_ttl").MustInt()
|
syncVal := authProxy.Key("sync_ttl").MustInt()
|
||||||
|
|
||||||
if ldapSyncVal != 60 {
|
if ldapSyncVal != AUTH_PROXY_SYNC_TTL {
|
||||||
AuthProxySyncTtl = ldapSyncVal
|
AuthProxySyncTtl = ldapSyncVal
|
||||||
cfg.Logger.Warn("[Deprecated] the configuration setting 'ldap_sync_ttl' is deprecated, please use 'sync_ttl' instead")
|
cfg.Logger.Warn("[Deprecated] the configuration setting 'ldap_sync_ttl' is deprecated, please use 'sync_ttl' instead")
|
||||||
} else {
|
} else {
|
||||||
|
Loading…
Reference in New Issue
Block a user