@@ -196,127 +196,96 @@ $config = [
196196 'example-ldap' => [
197197 'ldap:Ldap',
198198
199- /**
200- * The connection string for the LDAP-server.
201- * You can add multiple by separating them with a space.
202- */
199+ // The connection string for the LDAP-server.
200+ // You can add multiple by separating them with a space.
203201 'connection_string' => 'ldap.example.org',
204202
205- /**
206- * Whether SSL/TLS should be used when contacting the LDAP server.
207- * Possible values are 'ssl', 'tls' or 'none'
208- */
203+ // Whether SSL/TLS should be used when contacting the LDAP server.
204+ // Possible values are 'ssl', 'tls' or 'none'
209205 'encryption' => 'ssl',
210206
211- /**
212- * The LDAP version to use when interfacing the LDAP-server.
213- * Defaults to 3
214- */
207+ // The LDAP version to use when interfacing the LDAP-server.
208+ // Defaults to 3
215209 'version' => 3,
216210
217- /**
218- * Set to TRUE to enable LDAP debug level. Passed to the LDAP connector class.
219- *
220- * Default: FALSE
221- * Required: No
222- */
211+ // Set to TRUE to enable LDAP debug level. Passed to the LDAP connector class.
212+ //
213+ // Default: FALSE
214+ // Required: No
223215 'ldap.debug' => false,
224216
225- /**
226- * The LDAP-options to pass when setting up a connection
227- * See [Symfony documentation][1]
228- */
217+ // The LDAP-options to pass when setting up a connection
218+ // See [Symfony documentation][1]
229219 'options' => [
230- /**
231- * Set whether to follow referrals.
232- * AD Controllers may require 0x00 to function.
233- * Possible values are 0x00 (NEVER), 0x01 (SEARCHING),
234- * 0x02 (FINDING) or 0x03 (ALWAYS).
235- */
220+
221+ // Set whether to follow referrals.
222+ // AD Controllers may require 0x00 to function.
223+ // Possible values are 0x00 (NEVER), 0x01 (SEARCHING),
224+ // 0x02 (FINDING) or 0x03 (ALWAYS).
236225 'referrals' => 0x00,
237226
238227 'network_timeout' => 3,
239228 ],
240229
241- /**
242- * The connector to use.
243- * Defaults to '\SimpleSAML\Module\ldap\Connector\Ldap', but can be set
244- * to '\SimpleSAML\Module\ldap\Connector\ActiveDirectory' when
245- * authenticating against Microsoft Active Directory. This will
246- * provide you with more specific error messages.
247- */
230+ // The connector to use.
231+ // Defaults to '\SimpleSAML\Module\ldap\Connector\Ldap', but can be set
232+ // to '\SimpleSAML\Module\ldap\Connector\ActiveDirectory' when
233+ // authenticating against Microsoft Active Directory. This will
234+ // provide you with more specific error messages.
248235 'connector' => '\SimpleSAML\Module\ldap\Connector\Ldap',
249236
250- /**
251- * Which attributes should be retrieved from the LDAP server.
252- * This can be an array of attribute names, or NULL, in which case
253- * all attributes are fetched.
254- */
237+ // Which attributes should be retrieved from the LDAP server.
238+ // This can be an array of attribute names, or NULL, in which case
239+ // all attributes are fetched.
255240 'attributes' => null,
256241
257- /**
258- * Which attributes should be base64 encoded after retrieval from
259- * the LDAP server.
260- */
242+ // Which attributes should be base64 encoded after retrieval from
243+ // the LDAP server.
261244 'attributes.binary' => [
262245 'jpegPhoto',
263246 'objectGUID',
264247 'objectSid',
265248 'mS-DS-ConsistencyGuid'
266249 ],
267250
268- /**
269- * The pattern which should be used to create the user's DN given
270- * the username. %username% in this pattern will be replaced with
271- * the user's username.
272- *
273- * This option is not used if the search.enable option is set to TRUE.
274- */
251+ // The pattern which should be used to create the user's DN given
252+ // the username. %username% in this pattern will be replaced with
253+ // the user's username.
254+ //
255+ // This option is not used if the search.enable option is set to TRUE.
275256 'dnpattern' => 'uid=%username%,ou=people,dc=example,dc=org',
276257
277- /**
278- * As an alternative to specifying a pattern for the users DN, it is
279- * possible to search for the username in a set of attributes. This is
280- * enabled by this option.
281- */
258+ // As an alternative to specifying a pattern for the users DN, it is
259+ // possible to search for the username in a set of attributes. This is
260+ // enabled by this option.
282261 'search.enable' => false,
283262
284- /**
285- * An array on DNs which will be used as a base for the search. In
286- * case of multiple strings, they will be searched in the order given.
287- */
263+ // An array on DNs which will be used as a base for the search. In
264+ // case of multiple strings, they will be searched in the order given.
288265 'search.base' => [
289266 'ou=people,dc=example,dc=org',
290267 ],
291268
292- /**
293- * The scope of the search. Valid values are 'sub' and 'one' and
294- * 'base', first one being the default if no value is set.
295- */
269+ // The scope of the search. Valid values are 'sub' and 'one' and
270+ // 'base', first one being the default if no value is set.
296271 'search.scope' => 'sub',
297272
298- /**
299- * The attribute(s) the username should match against.
300- *
301- * This is an array with one or more attribute names. Any of the
302- * attributes in the array may match the value the username.
303- */
273+ // The attribute(s) the username should match against.
274+ //
275+ // This is an array with one or more attribute names. Any of the
276+ // attributes in the array may match the value the username.
304277 'search.attributes' => ['uid', 'mail'],
305278
306- /**
307- * Additional filters that must match for the entire LDAP search to
308- * be true.
309- *
310- * This should be a single string conforming to [RFC 1960][2]
311- * and [RFC 2544][3]. The string is appended to the search attributes
312- */
279+ // Additional filters that must match for the entire LDAP search to
280+ // be true.
281+ //
282+ // This should be a single string conforming to [RFC 1960][2]
283+ // and [RFC 2544][3]. The string is appended to the search attributes
313284 'search.filter' => '(&(objectClass=Person)(|(sn=Doe)(cn=John *)))',
314285
315- /**
316- * The username & password where SimpleSAMLphp should bind to before
317- * searching. If this is left NULL, no bind will be performed before
318- * searching.
319- */
286+ // The username & password where SimpleSAMLphp should bind to before
287+ // searching. If this is left NULL, no bind will be performed before
288+ // searching.
320289 'search.username' => null,
321290 'search.password' => null,
322291 ],
@@ -327,50 +296,42 @@ $config = [
327296 'example-ldapmulti' => [
328297 'ldap:LdapMulti',
329298
330- /*
331- * The way the organization as part of the username should be handled.
332- * Three possible values:
333- * - 'none': No handling of the organization. Allows '@' to be part
334- * of the username.
335- * - 'allow': Will allow users to type 'username@organization'.
336- * - 'force': Force users to type 'username@organization'. The dropdown
337- * list will be hidden.
338- *
339- * The default is 'none'.
340- */
299+ // The way the organization as part of the username should be handled.
300+ // Three possible values:
301+ // - 'none': No handling of the organization. Allows '@' to be part
302+ // of the username.
303+ // - 'allow': Will allow users to type 'username@organization'.
304+ // - 'force': Force users to type 'username@organization'. The dropdown
305+ // list will be hidden.
306+ //
307+ // The default is 'none'.
341308 'username_organization_method' => 'none',
342309
343- /*
344- * Whether the organization should be included as part of the username
345- * when authenticating. If this is set to TRUE, the username will be on
346- * the form <username>@<organization identifier>. If this is FALSE, the
347- * username will be used as the user enters it.
348- *
349- * The default is FALSE.
350- */
310+ // Whether the organization should be included as part of the username
311+ // when authenticating. If this is set to TRUE, the username will be on
312+ // the form <username>@<organization identifier>. If this is FALSE, the
313+ // username will be used as the user enters it.
314+ //
315+ // The default is FALSE.
351316 'include_organization_in_username' => false,
352317
353- /*
354- * A list of available LDAP servers.
355- *
356- * The index is an identifier for the organization/group. When
357- * 'username_organization_method' is set to something other than 'none',
358- * the organization-part of the username is matched against the index.
359- *
360- * The value of each element is an array in the same format as an LDAP
361- * authentication source.
362- */
318+ // A list of available LDAP servers.
319+ //
320+ // The index is an identifier for the organization/group. When
321+ // 'username_organization_method' is set to something other than 'none',
322+ // the organization-part of the username is matched against the index.
323+ //
324+ // The value of each element is an array in the same format as an LDAP
325+ // authentication source.
363326 'mapping' => [
364327 'employees' => [
365- /**
366- * A short name/description for this group. Will be shown in a
367- * dropdown list when the user logs on.
368- *
369- * This option can be a string or an array with
370- * language => text mappings.
371- */
328+ // A short name/description for this group. Will be shown in a
329+ // dropdown list when the user logs on.
330+ //
331+ // This option can be a string or an array with
332+ // language => text mappings.
372333 'description' => 'Employees',
373- 'authsource' => '' example-ldap,
334+ 'authsource' => 'example-ldap' ,
374335 ],
375336
376337 'students' => [
0 commit comments