mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2026-02-10 08:46:58 +08:00
Added the configuration option deny-roaming.
That required moving the read of the group configuration during the cookie authentication phase.
This commit is contained in:
Nikos Mavrogiannopoulos
@@ -2,7 +2,7 @@
|
||||
# all should succeed.
|
||||
# Options: certificate, pam.
|
||||
#auth = "certificate"
|
||||
#auth = "plain[./sample.passwd]"
|
||||
auth = "plain[./sample.passwd]"
|
||||
#auth = "pam"
|
||||
|
||||
# The gid-min option is used by auto-select-group option, in order to
|
||||
@@ -133,6 +133,11 @@ auth-timeout = 40
|
||||
# of that cookie.
|
||||
cookie-validity = 10800
|
||||
|
||||
# Whether roaming is allowed, i.e., if true a cookie is
|
||||
# restricted to a single IP address and cannot be re-used
|
||||
# from a different IP.
|
||||
deny-roaming = false
|
||||
|
||||
# ReKey time (in seconds)
|
||||
# ocserv will ask the client to refresh keys periodically once
|
||||
# this amount of seconds is elapsed. Set to zero to disable.
|
||||
|
||||
Reference in New Issue
Block a user