Skip to content

Commit 3435b71

Browse files
arteta22000arteta22000
authored
Make LdapAuth configurable via environment variables (#209)
* Make LdapAuth configurable via environment variables * fix check_env_vars on one line * readme.md update
1 parent 9a58520 commit 3435b71

File tree

4 files changed

+162
-53
lines changed

4 files changed

+162
-53
lines changed

README.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -95,6 +95,14 @@ To override these behaviours edit the docker-compose.yml file's misp-core volume
9595
If it is just a default setting that is meant to be set if not already set by the user, add it in one of the `*.default.json` files.
9696
If it is a setting controlled by an environment variable which is meant to override whatever is set, add it in one of the `*.envars.json` files (note that you can still specify a default value).
9797

98+
#### LDAP Authentication
99+
100+
You can configure LDAP authentication in MISP using 2 methods:
101+
- native plugin: LdapAuth (https://github.com/MISP/MISP/tree/2.5/app/Plugin/LdapAuth)
102+
- previous approach with ApacheSecureAuth (https://gist.github.com/Kagee/f35ed25216369481437210753959d372).
103+
104+
LdapAuth is to be recommended, because it doesn't require rproxy apache with the ldap module.
105+
98106
### Production
99107

100108
- It is recommended to specify the build you want run by editing `docker-compose.yml` (see here for the list of available tags https://github.com/orgs/MISP/packages)

core/files/configure_misp.sh

Lines changed: 74 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -155,40 +155,92 @@ set_up_oidc() {
155155
fi
156156
}
157157

158-
set_up_ldap() {
159-
if [[ "$LDAP_ENABLE" != "true" ]]; then
160-
echo "... LDAP authentication disabled"
158+
set_up_apachesecureauth() {
159+
if [[ "$APACHESECUREAUTH_LDAP_ENABLE" != "true" ]]; then
160+
echo "... LDAP APACHESECUREAUTH authentication disabled"
161161
return
162162
fi
163163

164+
165+
if [ ! -z "$APACHESECUREAUTH_LDAP_OLD_VAR_DETECT" ]; then
166+
echo "WARNING: old variables used for APACHESECUREAUTH bloc in env file. Switch to the new naming convention."
167+
fi
168+
164169
# Check required variables
165-
# LDAP_SEARCH_FILTER may be empty
166-
check_env_vars LDAP_APACHE_ENV LDAP_SERVER LDAP_STARTTLS LDAP_READER_USER LDAP_READER_PASSWORD LDAP_DN LDAP_SEARCH_ATTRIBUTE LDAP_FILTER LDAP_DEFAULT_ROLE_ID LDAP_DEFAULT_ORG LDAP_OPT_PROTOCOL_VERSION LDAP_OPT_NETWORK_TIMEOUT LDAP_OPT_REFERRALS
170+
# APACHESECUREAUTH_LDAP_SEARCH_FILTER may be empty
171+
check_env_vars APACHESECUREAUTH_LDAP_APACHE_ENV APACHESECUREAUTH_LDAP_SERVER APACHESECUREAUTH_LDAP_STARTTLS APACHESECUREAUTH_LDAP_READER_USER APACHESECUREAUTH_LDAP_READER_PASSWORD APACHESECUREAUTH_LDAP_DN APACHESECUREAUTH_LDAP_SEARCH_ATTRIBUTE APACHESECUREAUTH_LDAP_FILTER APACHESECUREAUTH_LDAP_DEFAULT_ROLE_ID APACHESECUREAUTH_LDAP_DEFAULT_ORG APACHESECUREAUTH_LDAP_OPT_PROTOCOL_VERSION APACHESECUREAUTH_LDAP_OPT_NETWORK_TIMEOUT APACHESECUREAUTH_LDAP_OPT_REFERRALS
167172

168173
sudo -u www-data php /var/www/MISP/tests/modify_config.php modify "{
169174
\"ApacheSecureAuth\": {
170-
\"apacheEnv\": \"${LDAP_APACHE_ENV}\",
171-
\"ldapServer\": \"${LDAP_SERVER}\",
172-
\"starttls\": ${LDAP_STARTTLS},
173-
\"ldapProtocol\": ${LDAP_OPT_PROTOCOL_VERSION},
174-
\"ldapNetworkTimeout\": ${LDAP_OPT_NETWORK_TIMEOUT},
175-
\"ldapReaderUser\": \"${LDAP_READER_USER}\",
176-
\"ldapReaderPassword\": \"${LDAP_READER_PASSWORD}\",
177-
\"ldapDN\": \"${LDAP_DN}\",
178-
\"ldapSearchFilter\": \"${LDAP_SEARCH_FILTER}\",
179-
\"ldapSearchAttribut\": \"${LDAP_SEARCH_ATTRIBUTE}\",
180-
\"ldapFilter\": ${LDAP_FILTER},
181-
\"ldapDefaultRoleId\": ${LDAP_DEFAULT_ROLE_ID},
182-
\"ldapDefaultOrg\": \"${LDAP_DEFAULT_ORG}\",
183-
\"ldapAllowReferrals\": ${LDAP_OPT_REFERRALS},
184-
\"ldapEmailField\": ${LDAP_EMAIL_FIELD}
175+
\"apacheEnv\": \"${APACHESECUREAUTH_LDAP_APACHE_ENV}\",
176+
\"ldapServer\": \"${APACHESECUREAUTH_LDAP_SERVER}\",
177+
\"starttls\": ${APACHESECUREAUTH_LDAP_STARTTLS},
178+
\"ldapProtocol\": ${APACHESECUREAUTH_LDAP_OPT_PROTOCOL_VERSION},
179+
\"ldapNetworkTimeout\": ${APACHESECUREAUTH_LDAP_OPT_NETWORK_TIMEOUT},
180+
\"ldapReaderUser\": \"${APACHESECUREAUTH_LDAP_READER_USER}\",
181+
\"ldapReaderPassword\": \"${APACHESECUREAUTH_LDAP_READER_PASSWORD}\",
182+
\"ldapDN\": \"${APACHESECUREAUTH_LDAP_DN}\",
183+
\"ldapSearchFilter\": \"${APACHESECUREAUTH_LDAP_SEARCH_FILTER}\",
184+
\"ldapSearchAttribut\": \"${APACHESECUREAUTH_LDAP_SEARCH_ATTRIBUTE}\",
185+
\"ldapFilter\": ${APACHESECUREAUTH_LDAP_FILTER},
186+
\"ldapDefaultRoleId\": ${APACHESECUREAUTH_LDAP_DEFAULT_ROLE_ID},
187+
\"ldapDefaultOrg\": \"${APACHESECUREAUTH_LDAP_DEFAULT_ORG}\",
188+
\"ldapAllowReferrals\": ${APACHESECUREAUTH_LDAP_OPT_REFERRALS},
189+
\"ldapEmailField\": ${APACHESECUREAUTH_LDAP_EMAIL_FIELD}
185190
}
186191
}" > /dev/null
187192

188193
# Disable password confirmation as stated at https://github.com/MISP/MISP/issues/8116
189194
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "Security.require_password_confirmation" false
190195
}
191196

197+
set_up_ldap() {
198+
if [[ "$LDAPAUTH_ENABLE" != "true" ]]; then
199+
echo "... LDAPAUTH authentication disabled"
200+
return
201+
fi
202+
203+
# Check required variables
204+
# LDAPAUTH_LDAPSEARCHFILTER may be empty
205+
check_env_vars LDAPAUTH_LDAPSERVER LDAPAUTH_LDAPDN LDAPAUTH_LDAPREADERUSER LDAPAUTH_LDAPREADERPASSWORD LDAPAUTH_LDAPSEARCHATTRIBUTE LDAPAUTH_LDAPDEFAULTROLEID LDAPAUTH_LDAPDEFAULTORGID LDAPAUTH_LDAPEMAILFIELD LDAPAUTH_LDAPNETWORKTIMEOUT LDAPAUTH_LDAPPROTOCOL LDAPAUTH_LDAPALLOWREFERRALS LDAPAUTH_STARTTLS LDAPAUTH_MIXEDAUTH LDAPAUTH_UPDATEUSER LDAPAUTH_DEBUG LDAPAUTH_LDAPTLSREQUIRECERT LDAPAUTH_LDAPTLSCUSTOMCACERT LDAPAUTH_LDAPTLSCRLCHECK LDAPAUTH_LDAPTLSPROTOCOLMIN
206+
207+
sudo -u www-data php /var/www/MISP/tests/modify_config.php modify "{
208+
\"LdapAuth\": {
209+
\"ldapServer\": \"${LDAPAUTH_LDAPSERVER}\",
210+
\"ldapDn\": \"${LDAPAUTH_LDAPDN}\",
211+
\"ldapReaderUser\": \"${LDAPAUTH_LDAPREADERUSER}\",
212+
\"ldapReaderPassword\": \"${LDAPAUTH_LDAPREADERPASSWORD}\",
213+
\"ldapSearchFilter\": \"${LDAPAUTH_LDAPSEARCHFILTER}\",
214+
\"ldapSearchAttribute\": \"${LDAPAUTH_LDAPSEARCHATTRIBUTE}\",
215+
\"ldapEmailField\": ${LDAPAUTH_LDAPEMAILFIELD},
216+
\"ldapNetworkTimeout\": ${LDAPAUTH_LDAPNETWORKTIMEOUT},
217+
\"ldapProtocol\": ${LDAPAUTH_LDAPPROTOCOL},
218+
\"ldapAllowReferrals\": ${LDAPAUTH_LDAPALLOWREFERRALS},
219+
\"starttls\": ${LDAPAUTH_STARTTLS},
220+
\"mixedAuth\": ${LDAPAUTH_MIXEDAUTH},
221+
\"ldapDefaultOrgId\": ${LDAPAUTH_LDAPDEFAULTORGID},
222+
\"ldapDefaultRoleId\": ${LDAPAUTH_LDAPDEFAULTROLEID},
223+
\"updateUser\": ${LDAPAUTH_UPDATEUSER},
224+
\"debug\": ${LDAPAUTH_DEBUG},
225+
\"ldapTlsRequireCert\": \"${LDAPAUTH_LDAPTLSREQUIRECERT}\",
226+
\"ldapTlsCustomCaCert\": ${LDAPAUTH_LDAPTLSCUSTOMCACERT},
227+
\"ldapTlsCrlCheck\": \"${LDAPAUTH_LDAPTLSCRLCHECK}\",
228+
\"ldapTlsProtocolMin\": \"${LDAPAUTH_LDAPTLSPROTOCOLMIN}\"
229+
}
230+
}" > /dev/null
231+
232+
# Configure LdapAuth in MISP
233+
sudo -u www-data php /var/www/MISP/tests/modify_config.php modify "{
234+
\"Security\": {
235+
\"auth\": [\"LdapAuth.Ldap\"]
236+
}
237+
}" > /dev/null
238+
239+
240+
# Disable password confirmation as stated at https://github.com/MISP/MISP/issues/8116
241+
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "Security.require_password_confirmation" false
242+
}
243+
192244
set_up_aad() {
193245
if [[ "$AAD_ENABLE" != "true" ]]; then
194246
echo "... Entra (AzureAD) authentication disabled"
@@ -449,6 +501,8 @@ echo "MISP | Create sync servers ..." && create_sync_servers
449501

450502
echo "MISP | Set Up OIDC ..." && set_up_oidc
451503

504+
echo "MISP | Set Up apachesecureauth ..." && set_up_apachesecureauth
505+
452506
echo "MISP | Set Up LDAP ..." && set_up_ldap
453507

454508
echo "MISP | Set Up AAD ..." && set_up_aad

docker-compose.yml

Lines changed: 40 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -125,23 +125,46 @@ services:
125125
- "OIDC_DEFAULT_ORG=${OIDC_DEFAULT_ORG}"
126126
- "OIDC_LOGOUT_URL=${OIDC_LOGOUT_URL}"
127127
- "OIDC_SCOPES=${OIDC_SCOPES}"
128-
# LDAP authentication settings
129-
- "LDAP_ENABLE=${LDAP_ENABLE}"
130-
- "LDAP_APACHE_ENV=${LDAP_APACHE_ENV}"
131-
- "LDAP_SERVER=${LDAP_SERVER}"
132-
- "LDAP_STARTTLS=${LDAP_STARTTLS}"
133-
- "LDAP_READER_USER=${LDAP_READER_USER}"
134-
- "LDAP_READER_PASSWORD=${LDAP_READER_PASSWORD}"
135-
- "LDAP_DN=${LDAP_DN}"
136-
- "LDAP_SEARCH_FILTER=${LDAP_SEARCH_FILTER}"
137-
- "LDAP_SEARCH_ATTRIBUTE=${LDAP_SEARCH_ATTRIBUTE}"
138-
- "LDAP_FILTER=${LDAP_FILTER}"
139-
- "LDAP_DEFAULT_ROLE_ID=${LDAP_DEFAULT_ROLE_ID}"
140-
- "LDAP_DEFAULT_ORG=${LDAP_DEFAULT_ORG}"
141-
- "LDAP_EMAIL_FIELD=${LDAP_EMAIL_FIELD}"
142-
- "LDAP_OPT_PROTOCOL_VERSION=${LDAP_OPT_PROTOCOL_VERSION}"
143-
- "LDAP_OPT_NETWORK_TIMEOUT=${LDAP_OPT_NETWORK_TIMEOUT}"
144-
- "LDAP_OPT_REFERRALS=${LDAP_OPT_REFERRALS}"
128+
# APACHESECUREAUTH authentication settings
129+
- "APACHESECUREAUTH_LDAP_OLD_VAR_DETECT=${LDAP_ENABLE}"
130+
- "APACHESECUREAUTH_LDAP_ENABLE=${APACHESECUREAUTH_LDAP_ENABLE:-${LDAP_ENABLE}}"
131+
- "APACHESECUREAUTH_LDAP_APACHE_ENV=${APACHESECUREAUTH_LDAP_APACHE_ENV:-${LDAP_APACHE_ENV}}"
132+
- "APACHESECUREAUTH_LDAP_SERVER=${APACHESECUREAUTH_LDAP_SERVER:-${LDAP_SERVER}}"
133+
- "APACHESECUREAUTH_LDAP_STARTTLS=${APACHESECUREAUTH_LDAP_STARTTLS:-${LDAP_STARTTLS}}"
134+
- "APACHESECUREAUTH_LDAP_READER_USER=${APACHESECUREAUTH_LDAP_READER_USER:-${LDAP_READER_USER}}"
135+
- "APACHESECUREAUTH_LDAP_READER_PASSWORD=${APACHESECUREAUTH_LDAP_READER_PASSWORD:-${LDAP_READER_PASSWORD}}"
136+
- "APACHESECUREAUTH_LDAP_DN=${APACHESECUREAUTH_LDAP_DN:-${LDAP_DN}}"
137+
- "APACHESECUREAUTH_LDAP_SEARCH_FILTER=${APACHESECUREAUTH_LDAP_SEARCH_FILTER:-${LDAP_SEARCH_FILTER}}"
138+
- "APACHESECUREAUTH_LDAP_SEARCH_ATTRIBUTE=${APACHESECUREAUTH_LDAP_SEARCH_ATTRIBUTE:-${LDAP_SEARCH_ATTRIBUTE}}"
139+
- "APACHESECUREAUTH_LDAP_FILTER=${APACHESECUREAUTH_LDAP_FILTER:-${LDAP_FILTER}}"
140+
- "APACHESECUREAUTH_LDAP_DEFAULT_ROLE_ID=${APACHESECUREAUTH_LDAP_DEFAULT_ROLE_ID:-${LDAP_DEFAULT_ROLE_ID}}"
141+
- "APACHESECUREAUTH_LDAP_DEFAULT_ORG=${APACHESECUREAUTH_LDAP_DEFAULT_ORG:-${LDAP_DEFAULT_ORG}}"
142+
- "APACHESECUREAUTH_LDAP_EMAIL_FIELD=${APACHESECUREAUTH_LDAP_EMAIL_FIELD:-${LDAP_EMAIL_FIELD}}"
143+
- "APACHESECUREAUTH_LDAP_OPT_PROTOCOL_VERSION=${APACHESECUREAUTH_LDAP_OPT_PROTOCOL_VERSION:-${LDAP_OPT_PROTOCOL_VERSION}}"
144+
- "APACHESECUREAUTH_LDAP_OPT_NETWORK_TIMEOUT=${APACHESECUREAUTH_LDAP_OPT_NETWORK_TIMEOUT:-${LDAP_OPT_NETWORK_TIMEOUT}}"
145+
- "APACHESECUREAUTH_LDAP_OPT_REFERRALS=${APACHESECUREAUTH_LDAP_OPT_REFERRALS:-${LDAP_OPT_REFERRALS}}"
146+
# LdapAuth MISP authentication settings
147+
- "LDAPAUTH_ENABLE=${LDAPAUTH_ENABLE}"
148+
- "LDAPAUTH_LDAPSERVER=${LDAPAUTH_LDAPSERVER}"
149+
- "LDAPAUTH_LDAPDN=${LDAPAUTH_LDAPDN}"
150+
- "LDAPAUTH_LDAPREADERUSER=${LDAPAUTH_LDAPREADERUSER}"
151+
- "LDAPAUTH_LDAPREADERPASSWORD=${LDAPAUTH_LDAPREADERPASSWORD}"
152+
- "LDAPAUTH_LDAPSEARCHFILTER=${LDAPAUTH_LDAPSEARCHFILTER}"
153+
- "LDAPAUTH_LDAPSEARCHATTRIBUTE=${LDAPAUTH_LDAPSEARCHATTRIBUTE}"
154+
- "LDAPAUTH_LDAPEMAILFIELD=${LDAPAUTH_LDAPEMAILFIELD}"
155+
- "LDAPAUTH_LDAPNETWORKTIMEOUT=${LDAPAUTH_LDAPNETWORKTIMEOUT}"
156+
- "LDAPAUTH_LDAPPROTOCOL=${LDAPAUTH_LDAPPROTOCOL}"
157+
- "LDAPAUTH_LDAPALLOWREFERRALS=${LDAPAUTH_LDAPALLOWREFERRALS}"
158+
- "LDAPAUTH_STARTTLS=${LDAPAUTH_STARTTLS}"
159+
- "LDAPAUTH_MIXEDAUTH=${LDAPAUTH_MIXEDAUTH}"
160+
- "LDAPAUTH_LDAPDEFAULTORGID=${LDAPAUTH_LDAPDEFAULTORGID}"
161+
- "LDAPAUTH_LDAPDEFAULTROLEID=${LDAPAUTH_LDAPDEFAULTROLEID}"
162+
- "LDAPAUTH_UPDATEUSER=${LDAPAUTH_UPDATEUSER}"
163+
- "LDAPAUTH_DEBUG=${LDAPAUTH_DEBUG}"
164+
- "LDAPAUTH_LDAPTLSREQUIRECERT=${LDAPAUTH_LDAPTLSREQUIRECERT}"
165+
- "LDAPAUTH_LDAPTLSCUSTOMCACERT=${LDAPAUTH_LDAPTLSCUSTOMCACERT}"
166+
- "LDAPAUTH_LDAPTLSCRLCHECK=${LDAPAUTH_LDAPTLSCRLCHECK}"
167+
- "LDAPAUTH_LDAPTLSPROTOCOLMIN=${LDAPAUTH_LDAPTLSPROTOCOLMIN}"
145168
# AAD authentication settings
146169
- "AAD_ENABLE=${AAD_ENABLE}"
147170
- "AAD_CLIENT_ID=${AAD_CLIENT_ID}"

template.env

Lines changed: 40 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -134,22 +134,46 @@ SYNCSERVERS_1_PULL_RULES=
134134
# users should not be able to control the HTTP header configured in LDAP_APACHE_ENV
135135
# (e.g. REMOTE_USER), this means you must not allow direct access to MISP.
136136
# NOTE 2: You need to escape special characters twice, e.g., "pass\word" becomes "pass\\\\word".
137-
# LDAP_ENABLE=true
138-
# LDAP_APACHE_ENV="REMOTE_USER"
139-
# LDAP_SERVER="ldap://your_domain_controller"
140-
# LDAP_STARTTLS=true
141-
# LDAP_READER_USER="CN=service_account_name,OU=Users,DC=domain,DC=net"
142-
# LDAP_READER_PASSWORD="password"
143-
# LDAP_DN="OU=Users,DC=domain,DC=net"
144-
# LDAP_SEARCH_FILTER=""
145-
# LDAP_SEARCH_ATTRIBUTE="uid"
146-
# LDAP_FILTER="[\"mail\", \"uid\", \"cn\" ]"
147-
# LDAP_DEFAULT_ROLE_ID="3"
148-
# LDAP_DEFAULT_ORG="1"
149-
# LDAP_EMAIL_FIELD="[\"mail\"]"
150-
# LDAP_OPT_PROTOCOL_VERSION="3"
151-
# LDAP_OPT_NETWORK_TIMEOUT="-1"
152-
# LDAP_OPT_REFERRALS=false
137+
#APACHESECUREAUTH_LDAP_ENABLE=true
138+
#APACHESECUREAUTH_LDAP_APACHE_ENV="REMOTE_USER"
139+
#APACHESECUREAUTH_LDAP_SERVER="ldap://your_domain_controller"
140+
#APACHESECUREAUTH_LDAP_STARTTLS=true
141+
#APACHESECUREAUTH_LDAP_READER_USER="CN=service_account_name,OU=Users,DC=domain,DC=net"
142+
#APACHESECUREAUTH_LDAP_READER_PASSWORD="password"
143+
#APACHESECUREAUTH_LDAP_DN="OU=Users,DC=domain,DC=net"
144+
#APACHESECUREAUTH_LDAP_SEARCH_FILTER=""
145+
#APACHESECUREAUTH_LDAP_SEARCH_ATTRIBUTE="uid"
146+
#APACHESECUREAUTH_LDAP_FILTER="[\"mail\", \"uid\", \"cn\" ]"
147+
#APACHESECUREAUTH_LDAP_DEFAULT_ROLE_ID="3"
148+
#APACHESECUREAUTH_LDAP_DEFAULT_ORG="1"
149+
#APACHESECUREAUTH_LDAP_EMAIL_FIELD="[\"mail\"]"
150+
#APACHESECUREAUTH_LDAP_OPT_PROTOCOL_VERSION="3"
151+
#APACHESECUREAUTH_LDAP_OPT_NETWORK_TIMEOUT="-1"
152+
#APACHESECUREAUTH_LDAP_OPT_REFERRALS=false
153+
154+
# Enable LDAP (using the MISP plugin native) authentication, according to https://github.com/MISP/MISP/tree/2.5/app/Plugin/LdapAuth
155+
# NOTE 2: You need to escape special characters twice, e.g., "pass\word" becomes "pass\\\\word".
156+
#LDAPAUTH_ENABLE=true
157+
#LDAPAUTH_LDAPSERVER="ldap://your_domain_controller"
158+
#LDAPAUTH_LDAPDN="OU=Users,DC=domain,DC=net"
159+
#LDAPAUTH_LDAPREADERUSER="CN=service_account_name,OU=Users,DC=domain,DC=net"
160+
#LDAPAUTH_LDAPREADERPASSWORD="password"
161+
#LDAPAUTH_LDAPSEARCHFILTER=""
162+
#LDAPAUTH_LDAPSEARCHATTRIBUTE="mail"
163+
#LDAPAUTH_LDAPEMAILFIELD="[\"mail\"]"
164+
#LDAPAUTH_LDAPNETWORKTIMEOUT="-1"
165+
#LDAPAUTH_LDAPPROTOCOL="3"
166+
#LDAPAUTH_LDAPALLOWREFERRALS=true
167+
#LDAPAUTH_STARTTLS=false
168+
#LDAPAUTH_MIXEDAUTH=true
169+
#LDAPAUTH_LDAPDEFAULTORGID="1"
170+
#LDAPAUTH_LDAPDEFAULTROLEID="3"
171+
#LDAPAUTH_UPDATEUSER=true
172+
#LDAPAUTH_DEBUG=false
173+
#LDAPAUTH_LDAPTLSREQUIRECERT="LDAP_OPT_X_TLS_ALLOW"
174+
#LDAPAUTH_LDAPTLSCUSTOMCACERT=false
175+
#LDAPAUTH_LDAPTLSCRLCHECK="LDAP_OPT_X_TLS_CRL_PEER"
176+
#LDAPAUTH_LDAPTLSPROTOCOLMIN="LDAP_OPT_X_TLS_PROTOCOL_TLS1_2"
153177

154178
# Enable Azure AD (Entra) authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/AadAuth/README.md
155179
# AAD_ENABLE=true

0 commit comments

Comments
 (0)