prosody: add LDAP authentication via SASL mechanism

env.example

@@ -81,6 +81,54 @@ TZ=Europe/Amsterdam
 # Advanced configuration options (you generally don't need to change these)
 #
 
+# Enable LDAP authentication in prosody via SASL mechanism.
+# Note: turn on ENABLE_AUTH for get it work.
+#ENABLE_LDAP_AUTH=1
+
+###################### LDAP settings ############################
+# for detail information please see Cyrus SASL saslauthd.conf man page
+
+# LDAP url for connection.
+#LDAP_URL=ldaps://ldap.domain.com/
+
+# LDAP base DN. Can be empty
+#LDAP_BASE=DC=example,DC=domain,DC=com
+
+# LDAP user DN. Do not specify this parameter for the anonymous bind.
+#LDAP_BINDDN=CN=binduser,OU=users,DC=example,DC=domain,DC=com
+
+# LDAP user password. Do not specify this parameter for the anonymous bind.
+#LDAP_BINDPW=LdapUserPassw0rd
+
+# LDAP filter. Tokens example:
+# %1-9 - if the input key is user@mail.domain.com, then %1 is com, %2 is domain and %3 is mail.
+# %s - %s is replaced by the complete service string.
+# %r - %r is replaced by the complete realm string.
+#LDAP_FILTER=(sAMAccountName=%u)
+
+# LDAP authentication method
+#LDAP_AUTH_METHOD=bind
+
+# LDAP version
+#LDAP_VERSION=3
+
+# LDAP TLS using
+#LDAP_USE_TLS=1
+
+# List of SSL/TLS ciphers to allow.
+#LDAP_TLS_CIPHERS=SECURE256:SECURE128:!AES-128-CBC:!ARCFOUR-128:!CAMELLIA-128-CBC:!3DES-CBC:!CAMELLIA-128-CBC
+
+# Require and verify server certificate
+#LDAP_TLS_CHECK_PEER=1
+
+# Path to CA cert file. Used when server sertificate verify is enabled.
+#LDAP_TLS_CACERT_FILE=/etc/ssl/certs/ca-certificates.crt
+
+# Path to CA certs directory. Used when server sertificate verify is enabled.
+#LDAP_TLS_CACERT_DIR=/etc/ssl/certs
+
+#################################################################
+
 # Internal XMPP domain.
 XMPP_DOMAIN=meet.jitsi