2012-02-25 23:45:20 +01:00
< !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
< html xmlns = "http://www.w3.org/1999/xhtml" xml:lang = "en"
lang="en" dir="ltr">
< head >
< meta http-equiv = "Content-Type" content = "text/html; charset=utf-8" / >
< title > < / title >
<!-- metadata -->
< meta name = "generator" content = "Offline" / >
< meta name = "version" content = "Offline 0.1" / >
<!-- style sheet links -->
< link rel = "stylesheet" media = "all" type = "text/css" href = "../../../css/all.css" / >
< link rel = "stylesheet" media = "screen" type = "text/css" href = "../../../css/screen.css" / >
< link rel = "stylesheet" media = "print" type = "text/css" href = "../../../css/print.css" / >
< / head >
< body >
< div class = "dokuwiki export" >
2015-06-08 16:57:58 +02:00
< h1 class = "sectionedit1" id = "openid" > OpenID< / h1 >
2012-02-25 23:45:20 +01:00
< div class = "level1" >
2015-06-08 16:57:58 +02:00
< div class = "table sectionedit2" > < table class = "inline" >
< thead >
2012-02-25 23:45:20 +01:00
< tr class = "row0 roweven" >
2015-06-11 15:14:53 +02:00
< th class = "col0 centeralign" > Authentication < / th > < th class = "col1 centeralign" > Users < / th > < th class = "col2 centeralign" > Password < / th >
2012-02-25 23:45:20 +01:00
< / tr >
2015-06-08 16:57:58 +02:00
< / thead >
2012-02-25 23:45:20 +01:00
< tr class = "row1 rowodd" >
< td class = "col0 centeralign" > ✔ < / td > < td class = "col1 centeralign" > ✔ < / td > < td class = "col2" > < / td >
< / tr >
2015-06-08 16:57:58 +02:00
< / table > < / div >
2015-06-11 15:14:53 +02:00
<!-- EDIT2 TABLE [22 - 85] -->
< p >
2015-12-18 10:46:34 +01:00
< p > < div class = "notewarning" > OpenID protocol is deprecated. You should now use < a href = "../../documentation/1.9/authopenidconnect.html" class = "wikilink1" title = "documentation:1.9:authopenidconnect" > OpenID Connect< / a > .
2015-06-11 15:14:53 +02:00
< / div > < / p >
< / p >
2012-02-25 23:45:20 +01:00
< / div >
2015-06-11 15:14:53 +02:00
<!-- EDIT1 SECTION "OpenID" [1 - 196] -->
2015-06-08 16:57:58 +02:00
< h2 class = "sectionedit3" id = "presentation" > Presentation< / h2 >
2012-02-25 23:45:20 +01:00
< div class = "level2" >
< p >
2015-06-08 16:57:58 +02:00
< abbr title = "LemonLDAP::NG" > LL::NG< / abbr > can delegate authentication to an OpenID server. This requires < a href = "http://search.cpan.org/~mart/Net-OpenID-Consumer/" class = "urlextern" title = "http://search.cpan.org/~mart/Net-OpenID-Consumer/" rel = "nofollow" > Perl OpenID consumer module< / a > with at least version 1.0.
2012-02-25 23:45:20 +01:00
< / p >
< p >
2015-12-18 10:46:34 +01:00
< p > < div class = "notetip" > < abbr title = "LemonLDAP::NG" > LL::NG< / abbr > can also act as < a href = "../../documentation/1.9/idpopenid.html" class = "wikilink1" title = "documentation:1.9:idpopenid" > OpenID server< / a > , that allows to interconnect two < abbr title = "LemonLDAP::NG" > LL::NG< / abbr > systems.
2012-02-25 23:45:20 +01:00
< / div > < / p >
< / p >
< p >
2015-06-08 16:57:58 +02:00
< abbr title = "LemonLDAP::NG" > LL::NG< / abbr > will then display a form with an OpenID input, wher users will type their OpenID login.
2012-02-25 23:45:20 +01:00
< / p >
< p >
2015-12-18 10:46:34 +01:00
< p > < div class = "notetip" > OpenID authentication can proposed as an alternate authentication scheme using the < a href = "../../documentation/1.9/authchoice.html" class = "wikilink1" title = "documentation:1.9:authchoice" > authentication choice< / a > method.
2012-02-25 23:45:20 +01:00
< / div > < / p >
< / p >
< p >
2015-06-08 16:57:58 +02:00
< abbr title = "LemonLDAP::NG" > LL::NG< / abbr > can use a white list or a black list to filter allowed OpenID domains.
2012-02-25 23:45:20 +01:00
< / p >
< p >
If OpenID is used as users database, attributes will be requested to the server with SREG extention.
< / p >
< / div >
2015-06-11 15:14:53 +02:00
<!-- EDIT3 SECTION "Presentation" [197 - 943] -->
2015-06-08 16:57:58 +02:00
< h2 class = "sectionedit4" id = "configuration" > Configuration< / h2 >
2012-02-25 23:45:20 +01:00
< div class = "level2" >
< p >
In Manager, go in < code > General Parameters< / code > > < code > Authentication modules< / code > and choose OpenID for authentication and/or users.
< / p >
< p >
Then, go in < code > OpenID parameters< / code > :
< / p >
< ul >
< li class = "level1" > < div class = "li" > < strong > Authentication level< / strong > : authentication level for this module.< / div >
< / li >
< li class = "level1" > < div class = "li" > < strong > Secret token< / strong > : used to check integrity of OpenID response.< / div >
< / li >
< li class = "level1" > < div class = "li" > < strong > Authorizated domain< / strong > :< / div >
< ul >
< li class = "level2" > < div class = "li" > < strong > List type< / strong > : choose white list to define allowed domains or black list to define forbidden domains< / div >
< / li >
< li class = "level2" > < div class = "li" > < strong > List< / strong > : domains list (comma separated values)< / div >
< / li >
< / ul >
< / li >
< / ul >
< p >
2014-02-19 16:42:12 +01:00
To configure requested attributes, edit < strong > Exported variables< / strong > and define attributes:
2012-02-25 23:45:20 +01:00
< / p >
< ul >
< li class = "level1" > < div class = "li" > < strong > Key< / strong > : internal session key, can be prefixed by < code > !< / code > to make the attribute required< / div >
< / li >
< li class = "level1" > < div class = "li" > < strong > Value< / strong > : SREG attribute name:< / div >
< ul >
< li class = "level2" > < div class = "li" > fullname< / div >
< / li >
< li class = "level2" > < div class = "li" > nickname< / div >
< / li >
< li class = "level2" > < div class = "li" > language< / div >
< / li >
< li class = "level2" > < div class = "li" > postcode< / div >
< / li >
< li class = "level2" > < div class = "li" > timezone< / div >
< / li >
< li class = "level2" > < div class = "li" > country< / div >
< / li >
< li class = "level2" > < div class = "li" > gender< / div >
< / li >
< li class = "level2" > < div class = "li" > email< / div >
< / li >
< li class = "level2" > < div class = "li" > dob< / div >
< / li >
< / ul >
< / li >
< / ul >
2014-02-19 16:42:12 +01:00
< p >
2015-12-18 10:46:34 +01:00
See also < a href = "../../documentation/1.9/exportedvars.html" class = "wikilink1" title = "documentation:1.9:exportedvars" > exported variables configuration< / a > .
2014-02-19 16:42:12 +01:00
< / p >
2012-02-25 23:45:20 +01:00
< / div >
2015-06-08 16:57:58 +02:00
< / div > <!-- closes <div class="dokuwiki export"> -->