SOGo 6 - system settings
SOGo 6 system settings change everything on the webapp, whatever who is or is not authenticated. They are stored in the database, and don’t need to restart the application to be effective.
How to set/patch them
First init
You can put a JSON file in the filesystem of SOGo and set this process_setting: SOGO_INIT_SYSTEM_SETTINGS_PATH.
You can use this endpoint with administrator privileges:
* PATCH /api/admin/v1/config/system, body must be a JSON with at least one of the following parameters.
SOGO_S_DO_DOMAIN
Boolean, default to False.
If your SOGo has the same configuration whatever the user, put this to True. SOGo 6 is able to make different behavior according to the user’s domain. If that’s not the case, this setting will prevent unnecessary checks and also simplify some of its algorithms.
|
You can enable or disable this setting on the go, the user’s experience won’t notice anything. It’s mainly a safeguard for SOGo backend to only do what it needs to do. |
SOGO_S_KNOWN_DOMAIN
A list of strings, default is empty/missing
This setting is a way to tell SOGo all the domains it should know. It allows it to take action when it doesn’t know the domain
|
For now, alpha, only the next setting |
|
Later, a functionality will be added to automatically list the domains based on your user sources. |
SOGO_S_REJECT_UNKNOWN_DOMAIN
A boolean, default to False.
|
DO NOT USE IF |
This setting sets SOGo 6 to directly reject plain login (username/password) or auth method (username) if the domain of the user is not
listed in SOGO_S_KNOWN_DOMAIN. That way, it prevents SOGo 6 from making an unnecessary query/request to your user sources.
SOGO_S_DOMAINLESS_LOGIN
A boolean, default to False
SOGo 6 relies a lot on the user’s domain (except if you set SOGO_S_DO_DOMAIN=False). However, you may want your users to log in
with a uid which is not their email. E.g. (user instead of user@sogo.nu).
In that case, set this setting to True. It will tell SOGo 6 how to behave with this user.
|
With this setting at True, SOGo will have to check every user source for the first login. After that, it will link the current user to the user
source and its email’s domain, which means It means that if your user’s uid is "sogo" but its mail is "sogo@sogo.nu", settings for sogo.nu will be applied after the login. Unless you have set
|
SOGO_S_DIRECT_LOGIN
|
NOT IMPLEMENTED FOR ALPHA |
A boolean, default to False
By default, SOGo 6 will make the login phase in two steps: * First ask for the uid/mail/username * Second ask for the password or redirect to an SSO if needed
This allows you to easily set a different authentication system according to the user’s domain (E.g. sogo@sogo.nu is plain/password, sogo@ogos.un is OpenID).
However, if you have the same authentication system for all of your users, you can make it in one step by setting this at True.