[brooklyn-docs] 02/05: new LDAP keys

[he...@apache.org]

This is an automated email from the ASF dual-hosted git repository.

heneveld pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/brooklyn-docs.git

commit 0519dc5b03067f2eb71eefa2583d5711917a97df
Author: Juan Cabrerizo <ju...@cloudsoft.io>
AuthorDate: Sat Aug 21 17:55:55 2021 +0100

    new LDAP keys
---
 guide/ops/configuration/brooklyn_cfg.md | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/guide/ops/configuration/brooklyn_cfg.md b/guide/ops/configuration/brooklyn_cfg.md
index c372835..ecd6a3f 100644
--- a/guide/ops/configuration/brooklyn_cfg.md
+++ b/guide/ops/configuration/brooklyn_cfg.md
@@ -139,8 +139,14 @@ The other things you need to set in `brooklyn.cfg` are:
 * `brooklyn.webconsole.security.ldap.allowed_realms_regex` - allows multiple realms (domains) that match regex - username must 
   be of form domain\user
 * `brooklyn.webconsole.security.ldap.ou` *optional, by default it set to Users* -  ldap ou parameter
-
-**brooklyn.cfg example configuration:**
+* `brooklyn.webconsole.security.ldap.group_config_key` *optional* to be used in combination with the next. Name of the 
+  config key prefix for the valid LDAP groups to be mapped to AMP entitlements. If used only mapped groups will be added 
+  to the user groups. If empty, user LDAP groups will be ignored.
+* `brooklyn.webconsole.security.ldap.fetch_user_group` *optional, by default it set to false* - whether or not the LDAP
+  groups for the user should be gathered. If true, the groups will be stored in the user session and the security context
+* `brooklyn.webconsole.security.ldap.login_info_log` *optional, by default it set to false* - whether or not the user attempts
+  to log in the system must be added to the info log
+  **brooklyn.cfg example configuration:**
 
 ~~~
 brooklyn.webconsole.security.provider=org.apache.brooklyn.rest.security.provider.LdapSecurityProvider