From fbf0a46d29809761467e722ae44ecfa53b8e49a3 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Fri, 21 Feb 2014 15:32:53 -0500
Subject: [PATCH] Merge commit 'refs/tickets/12/12/1' of https://dev.gitblit.com/git/gitblit

---
 src/main/distrib/data/gitblit.properties |  166 +++++++++++++++++++++++--------------------------------
 1 files changed, 69 insertions(+), 97 deletions(-)

diff --git a/src/main/distrib/data/gitblit.properties b/src/main/distrib/data/gitblit.properties
index 92427e5..35ae16a 100644
--- a/src/main/distrib/data/gitblit.properties
+++ b/src/main/distrib/data/gitblit.properties
@@ -562,16 +562,7 @@
 web.projectsFile = ${baseFolder}/projects.conf
 
 # Either the full path to a user config file (users.conf)
-# OR the full path to a simple user properties file (users.properties)
 # OR a fully qualified class name that implements the IUserService interface.
-#
-# Alternative user services:
-#    com.gitblit.LdapUserService
-#    com.gitblit.RedmineUserService
-#    com.gitblit.SalesforceUserService
-#    com.gitblit.WindowsUserService
-#    com.gitblit.PAMUserService
-#    com.gitblit.HtpasswdUserService
 #
 # Any custom user service implementation must have a public default constructor.
 #
@@ -579,6 +570,25 @@
 # RESTART REQUIRED
 # BASEFOLDER
 realm.userService = ${baseFolder}/users.conf
+
+# Ordered list of external authentication providers which will be used if
+# authentication against the local user service fails.
+#
+# Valid providers are:
+#
+#    htpasswd
+#    ldap
+#    pam
+#    redmine
+#    salesforce
+#    windows
+
+# e.g. realm.authenticationProviders = htpasswd windows
+#
+# SINCE 1.4.0
+# RESTART REQUIRED
+# SPACE-DELIMITED
+realm.authenticationProviders =
 
 # How to store passwords.
 # Valid values are plain, md5, or combined-md5.  md5 is the hash of password.
@@ -601,6 +611,12 @@
 #
 # SINCE 0.5.0
 web.siteName =
+
+# The canonical url of your Gitblit server to bs used in email notifications.
+# e.g. web.canonicalUrl = https://demo-gitblit.rhcloud.com
+#
+# SINCE 1.4.0
+web.canonicalUrl = 
 
 # You may specify a different logo image for the header but it must be 120x45px.
 # If the specified file does not exist, the default Gitblit logo will be used.
@@ -1331,19 +1347,16 @@
 # SINCE 1.3.0
 realm.container.autoCreateAccounts = false
 
-# The WindowsUserService must be backed by another user service for standard user
-# and team management.
-# default: users.conf
-#
-# RESTART REQUIRED
-# BASEFOLDER
-# SINCE 1.3.0
-realm.windows.backingUserService = ${baseFolder}/users.conf
-
 # Allow or prohibit Windows guest account logins
 #
 # SINCE 1.3.0
 realm.windows.allowGuests = false
+
+# Allow user accounts belonging to the BUILTIN\Administrators group to be
+# Gitblit administrators.
+#
+# SINCE 1.4.0
+realm.windows.permitBuiltInAdministrators = true
 
 # The default domain for authentication.
 #
@@ -1357,29 +1370,11 @@
 # SINCE 1.3.0
 realm.windows.defaultDomain =
 
-# The PAMUserService must be backed by another user service for standard user
-# and team management.
-# default: users.conf
-#
-# RESTART REQUIRED
-# BASEFOLDER
-# SINCE 1.3.1
-realm.pam.backingUserService = ${baseFolder}/users.conf
-
 # The PAM service name for authentication.
 # default: system-auth
 #
 # SINCE 1.3.1
 realm.pam.serviceName = system-auth
-
-# The HtpasswdUserService must be backed by another user service for standard user
-# and team management and attributes. This can be one of the local Gitblit user services.
-# default: users.conf
-#
-# RESTART REQUIRED
-# BASEFOLDER
-# SINCE 1.3.2
-realm.htpasswd.backingUserService = ${baseFolder}/users.conf
 
 # The Apache htpasswd file that contains the users and passwords.
 # default: ${baseFolder}/htpasswd
@@ -1388,30 +1383,6 @@
 # BASEFOLDER
 # SINCE 1.3.2
 realm.htpasswd.userfile = ${baseFolder}/htpasswd
-
-#  Determines how accounts are looked up upon login.
-#
-# If set to false, then authentication for local accounts is done against
-# the backing user service.
-# If set to true, then authentication will first be checked against the
-# htpasswd store, even if the account appears as a local account in the
-# backing user service. If the user is found in the htpasswd store, then
-# an already existing local account will be turned into an external account.
-# In this case an initial local password is never used and gets overwritten
-# by the externally stored password upon login.
-# default: false
-#
-# SINCE 1.3.2
-realm.htpasswd.overrideLocalAuthentication = false
-
-# The SalesforceUserService must be backed by another user service for standard user
-# and team management.
-# default: users.conf
-#
-# RESTART REQUIRED
-# BASEFOLDER
-# SINCE 1.3.0
-realm.salesforce.backingUserService = ${baseFolder}/users.conf
 
 # Restrict the Salesforce user to members of this org.
 # default: 0 (i.e. do not check the Org ID)
@@ -1438,15 +1409,6 @@
 #
 # SINCE 1.0.0
 realm.ldap.password = password
-
-# The LdapUserService must be backed by another user service for standard user
-# and team management.
-# default: users.conf
-#
-# SINCE 1.0.0
-# RESTART REQUIRED
-# BASEFOLDER
-realm.ldap.backingUserService = ${baseFolder}/users.conf
 
 # Delegate team membership control to LDAP.
 #
@@ -1504,6 +1466,15 @@
 # SINCE 1.0.0
 realm.ldap.groupMemberPattern = (&(objectClass=group)(member=${dn}))
 
+# Filter criteria for empty LDAP groups
+#
+# Query pattern to use when searching for an empty team. This may be any valid 
+# LDAP query expression, including the standard (&) and (|) operators.
+#
+# default: (&(objectClass=group)(!(member=*)))
+# SINCE 1.4.0
+realm.ldap.groupEmptyMemberPattern = (&(objectClass=group)(!(member=*)))
+
 # LDAP users or groups that should be given administrator privileges.
 #
 # Teams are specified with a leading '@' character.  Groups with spaces in the
@@ -1537,43 +1508,44 @@
 # SINCE 1.0.0
 realm.ldap.email = email
 
-# Defines the cache period to be used when caching LDAP queries. This is currently
-# only used for LDAP user synchronization.
-#
-# Must be of the form '<long> <TimeUnit>' where <TimeUnit> is one of 'MILLISECONDS', 'SECONDS', 'MINUTES', 'HOURS', 'DAYS' 
-# default: 2 MINUTES
-#
-# RESTART REQUIRED
-realm.ldap.ldapCachePeriod = 2 MINUTES
-
-# Defines whether to synchronize all LDAP users into the backing user service
-#
-# Valid values: true, false
-# If left blank, false is assumed
-realm.ldap.synchronizeUsers.enable = false
-
-# Defines whether to delete non-existent LDAP users from the backing user service
-# during synchronization. depends on  realm.ldap.synchronizeUsers.enable = true
-#
-# Valid values: true, false
-# If left blank, true is assumed
-realm.ldap.synchronizeUsers.removeDeleted = true
-
 # Attribute on the USER record that indicate their username to be used in gitblit
 # when synchronizing users from LDAP
 # if blank, Gitblit will use uid
 # For MS Active Directory this may be sAMAccountName
+#
+# SINCE 1.0.0
 realm.ldap.uid = uid
 
-# The RedmineUserService must be backed by another user service for standard user
-# and team management.
-# default: users.conf
+# Defines whether to synchronize all LDAP users and teams into the user service
+#
+# Valid values: true, false
+# If left blank, false is assumed
+#
+# SINCE 1.4.0
+realm.ldap.synchronize = false
+
+# Defines the period to be used when synchronizing users and teams from ldap.
+#
+# Must be of the form '<long> <TimeUnit>' where <TimeUnit> is one of 'MILLISECONDS', 'SECONDS', 'MINUTES', 'HOURS', 'DAYS' 
+
+# default: 5 MINUTES
 #
 # RESTART REQUIRED
-# BASEFOLDER
-realm.redmine.backingUserService = ${baseFolder}/users.conf
+# SINCE 1.4.0
+realm.ldap.syncPeriod = 5 MINUTES
+
+# Defines whether to delete non-existent LDAP users from the user service
+# during synchronization. depends on  realm.ldap.synchronize = true
+#
+# Valid values: true, false
+# If left blank, true is assumed
+#
+# SINCE 1.4.0
+realm.ldap.removeDeletedUsers = true
 
 # URL of the Redmine.
+#
+# SINCE 1.2.0
 realm.redmine.url = http://example.com/redmine
 
 #
@@ -1638,7 +1610,7 @@
 #
 # SINCE 1.4.0
 # RESTART REQUIRED
-server.redirectToHttpsPort = true
+server.redirectToHttpsPort = false
 
 # Specify the interface for Jetty to bind the standard connector.
 # You may specify an ip or an empty value to bind to all interfaces.

--
Gitblit v1.9.1