lemonldap-ng/contribs/lemonldap-valve-tomcat/INSTALL.TXT

This valve is only available for tomcat 5.5 or greater

An up2date documentation can be found here:
http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/DocAppTomcatValve

COMPILATION
=====================================

Required : 
	* ant
	* jre > 1.4 
	* tomcat >= 5.5

Configure your tomcat home in build.properties files (be crareful for windosw user ...
 path must contains "/" . exemple c:/my hardisk/tomcat/


run ant command.

ValveLemonLDAPNG.jar is created under /dist directory


INSTALLATION
======================================


Copy ValveLemonLDAPNG.jar on <TOMCAT_HOME>/server/lib

Add on your server.xml file a new valve entry like this (in host section) :

<Valve className="org.lemonLDAPNG.SSOValve" userKey="AUTH-USER" roleKey="AUTH-ROLE" roleSeparator="," allows="127.0.0.1"/>

Configure attributes.

userKey : Key in the http header  send by lemonLDAP in order to store user login

roleKey :  Key in the http header  send by lemonLDAP in order to store roles.  If lemonLDAP send some roles split by some commas, use
				roleSeparator
				
*roleSeparator : see above

*allows: 	You can filter remote IP, IP defined in this attributes are allows (use "," separator for multiple IP). 
				Just set the lemonLDAP on this attribute in order to add more security. If this attribute is missed
				all hosts are allowed	
	

(*) Optional attributes 
	
QUICK TEST AN DEBUGGING TIPS
=======================================


Download for exemple probe application (great administration tool for tomcat) http://www.lambdaprobe.org

Install valve and configure it.

Send via lemonLDAP user with role = probeuser ... or other user with role = manager


Probe doesn't ask authentification, you're logged...


For debugging, this valve can print some helpfull information in debug level. Configure logging in tomcat
(see tomcat.apache.org/tomcat-5.5-doc/logging.html ) 


CONTACT
=======================================


	swapon666 (at) users.sourceforge.net
Tomcat valve from P. Pejac 2008-07-21 14:00:35 +02:00			`This valve is only available for tomcat 5.5 or greater`

			`An up2date documentation can be found here:`
			`http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/DocAppTomcatValve`

			`COMPILATION`
			`=====================================`

			`Required :`
			`* ant`
			`* jre > 1.4`
			`* tomcat >= 5.5`

			`Configure your tomcat home in build.properties files (be crareful for windosw user ...`
			`path must contains "/" . exemple c:/my hardisk/tomcat/`


			`run ant command.`

			`ValveLemonLDAPNG.jar is created under /dist directory`


			`INSTALLATION`
			`======================================`


			`Copy ValveLemonLDAPNG.jar on <TOMCAT_HOME>/server/lib`

			`Add on your server.xml file a new valve entry like this (in host section) :`

			`<Valve className="org.lemonLDAPNG.SSOValve" userKey="AUTH-USER" roleKey="AUTH-ROLE" roleSeparator="," allows="127.0.0.1"/>`

			`Configure attributes.`

			`userKey : Key in the http header send by lemonLDAP in order to store user login`

			`roleKey : Key in the http header send by lemonLDAP in order to store roles. If lemonLDAP send some roles split by some commas, use`
			`roleSeparator`

			`*roleSeparator : see above`

			`*allows: You can filter remote IP, IP defined in this attributes are allows (use "," separator for multiple IP).`
			`Just set the lemonLDAP on this attribute in order to add more security. If this attribute is missed`
			`all hosts are allowed`


			`(*) Optional attributes`

			`QUICK TEST AN DEBUGGING TIPS`
			`=======================================`


			`Download for exemple probe application (great administration tool for tomcat) http://www.lambdaprobe.org`

			`Install valve and configure it.`

			`Send via lemonLDAP user with role = probeuser ... or other user with role = manager`


			`Probe doesn't ask authentification, you're logged...`



			`For debugging, this valve can print some helpfull information in debug level. Configure logging in tomcat`
			`(see tomcat.apache.org/tomcat-5.5-doc/logging.html )`



			`CONTACT`
			`=======================================`


			`swapon666 (at) users.sourceforge.net`