Open escamudo opened 3 weeks ago
Is it possible to add the "createUser" and "updateUser" setting to misp-docker/core/files/configure_misp.sh to enable automatic user information updates with each LDAP login?
The "updateUser" would allow MISP roles for LDAP groups to be refreshed automatically on the user's next login, ensuring that any role changes are immediately applied to users within the LDAP group. ( https://www.circl.lu/doc/misp/appendices/#appendix-f-ldap-authentication )
LDAP_DEFAULT_ROLE_ID="{\"ldap_misp_group_publisher\": 4, \"ldap_misp_group_admins\": 1}"
core/files/configure_misp.sh :
sudo -u www-data php /var/www/MISP/tests/modify_config.php modify "{ \"ApacheSecureAuth\": { \"apacheEnv\": \"${LDAP_APACHE_ENV}\", \"ldapServer\": \"${LDAP_SERVER}\", \"starttls\": ${LDAP_STARTTLS}, \"ldapProtocol\": ${LDAP_OPT_PROTOCOL_VERSION}, \"ldapNetworkTimeout\": ${LDAP_OPT_NETWORK_TIMEOUT}, \"ldapReaderUser\": \"${LDAP_READER_USER}\", \"ldapReaderPassword\": \"${LDAP_READER_PASSWORD}\", \"ldapDN\": \"${LDAP_DN}\", \"ldapSearchFilter\": \"${LDAP_SEARCH_FILTER}\", \"ldapSearchAttribut\": \"${LDAP_SEARCH_ATTRIBUTE}\", \"ldapFilter\": ${LDAP_FILTER}, #################### TO ADD #################### \"createUser\": ${LDAP_CREATE_USER}, \"updateUser\": ${LDAP_UPDATE_USER}, ############################################### \"ldapDefaultRoleId\": ${LDAP_DEFAULT_ROLE_ID}, \"ldapDefaultOrg\": \"${LDAP_DEFAULT_ORG}\", \"ldapAllowReferrals\": ${LDAP_OPT_REFERRALS}, \"ldapEmailField\": ${LDAP_EMAIL_FIELD} } }" > /dev/null
How would those vars be initialized?
Can you create a PR?
Is it possible to add the "createUser" and "updateUser" setting to misp-docker/core/files/configure_misp.sh to enable automatic user information updates with each LDAP login?
The "updateUser" would allow MISP roles for LDAP groups to be refreshed automatically on the user's next login, ensuring that any role changes are immediately applied to users within the LDAP group. ( https://www.circl.lu/doc/misp/appendices/#appendix-f-ldap-authentication )
LDAP_DEFAULT_ROLE_ID="{\"ldap_misp_group_publisher\": 4, \"ldap_misp_group_admins\": 1}"
core/files/configure_misp.sh :