2018-05-17 21:42:46 +02:00
<!DOCTYPE html>
< html lang = "en" dir = "ltr" >
< head >
< meta charset = "utf-8" / >
< title > documentation:2.0:platformsoverview< / title >
< meta name = "generator" content = "DokuWiki" / >
2018-06-25 23:17:51 +02:00
< meta name = "robots" content = "index,follow" / >
2018-05-17 21:42:46 +02:00
< meta name = "keywords" content = "documentation,2.0,platformsoverview" / >
< link rel = "search" type = "application/opensearchdescription+xml" href = "lib/exe/opensearch.html" title = "LemonLDAP::NG" / >
< link rel = "start" href = "platformsoverview.html" / >
< link rel = "contents" href = "platformsoverview.html" title = "Sitemap" / >
< link rel = "stylesheet" type = "text/css" href = "lib/exe/css.php.t.bootstrap3.css" / >
<!-- //if:usedebianlibs
< link rel = "stylesheet" type = "text/css" href = "/javascript/bootstrap/css/bootstrap.min.css" / >
//elsif:useexternallibs
< link rel = "stylesheet" type = "text/css" href = "https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" > < / script >
//elsif:cssminified
< link rel = "stylesheet" type = "text/css" href = "/static/bwr/bootstrap/dist/css/bootstrap.min.css" / >
//else -->
< link rel = "stylesheet" type = "text/css" href = "/static/bwr/bootstrap/dist/css/bootstrap.css" / >
<!-- //endif -->
< script type = "text/javascript" > / * < ! [ C D A T A [ * / v a r N S = ' d o c u m e n t a t i o n : 2 . 0 ' ; v a r J S I N F O = { " i d " : " d o c u m e n t a t i o n : 2 . 0 : p l a t f o r m s o v e r v i e w " , " n a m e s p a c e " : " d o c u m e n t a t i o n : 2 . 0 " } ;
/*!]]>*/< / script >
< script type = "text/javascript" charset = "utf-8" src = "lib/exe/js.php.t.bootstrap3.js" > < / script >
<!-- //if:usedebianlibs
< script type = "text/javascript" src = "/javascript/jquery/jquery.min.js" > < / script >
//elsif:useexternallibs
< script type = "text/javascript" src = "http://code.jquery.com/jquery-2.2.0.min.js" > < / script >
//elsif:jsminified
< script type = "text/javascript" src = "/static/bwr/jquery/dist/jquery.min.js" > < / script >
//else -->
< script type = "text/javascript" src = "/static/bwr/jquery/dist/jquery.js" > < / script >
<!-- //endif -->
<!-- //if:usedebianlibs
< script type = "text/javascript" src = "/javascript/jquery-ui/jquery-ui.min.js" > < / script >
//elsif:useexternallibs
< script type = "text/javascript" src = "http://code.jquery.com/ui/1.10.4/jquery-ui.min.js" > < / script >
//elsif:jsminified
< script type = "text/javascript" src = "/static/bwr/jquery-ui/jquery-ui.min.js" > < / script >
//else -->
< script type = "text/javascript" src = "/static/bwr/jquery-ui/jquery-ui.js" > < / script >
<!-- //endif -->
< / head >
< body >
< div class = "dokuwiki export container" >
<!-- TOC START -->
< div id = "dw__toc" >
< h3 class = "toggle" > Table of Contents< / h3 >
< div >
< ul class = "toc" >
< li class = "level1" > < div class = "li" > < a href = "#portalmanager_installation" > Portal/Manager installation< / a > < / div > < / li >
< li class = "level1" > < div class = "li" > < a href = "#application_protection_overview" > Application protection overview< / a > < / div >
< ul class = "toc" >
< li class = "level2" > < div class = "li" > < a href = "#handler_integration" > Handler integration< / a > < / div >
< ul class = "toc" >
< li class = "level3" > < div class = "li" > < a href = "#direct_application_mode" > Direct Application Mode< / a > < / div > < / li >
< li class = "level3" > < div class = "li" > < a href = "#reverseproxy_mode" > ReverseProxy Mode< / a > < / div > < / li >
< / ul >
< / li >
< li class = "level2" > < div class = "li" > < a href = "#external_servers_for_nginx" > External servers for Nginx< / a > < / div >
< ul class = "toc" >
< li class = "level3" > < div class = "li" > < a href = "#fastcgi" > FastCGI< / a > < / div > < / li >
< li class = "level3" > < div class = "li" > < a href = "#uwsgi" > uWSGI< / a > < / div > < / li >
< / ul > < / li >
< / ul > < / li >
< / ul >
< / div >
< / div >
<!-- TOC END -->
< h1 class = "sectionedit1" id = "platforms_overview" > Platforms overview< / h1 >
< div class = "level1" >
< p >
LLNG is able to use different web servers to provide its services. Here is a resume of all possibilities. We recommend:
< / p >
< ul >
< li class = "level1" > < div class = "li" > For installations subject to small/medium load: Nginx with our default FastCGI server, or Apache < em > (with mpm_prefork engine)< / em > < / div >
< / li >
< li class = "level1" > < div class = "li" > For heavily loaded installation: Nginx. The choice for < a href = "#external_servers_for_nginx" title = "documentation:2.0:platformsoverview ↵" class = "wikilink1" > FastCGI server engine< / a > depends on the behavior of your users< / div >
< / li >
< / ul >
< / div >
<!-- EDIT1 SECTION "Platforms overview" [1 - 437] -->
< h2 class = "sectionedit2" id = "portalmanager_installation" > Portal/Manager installation< / h2 >
< div class = "level2" >
< p >
2018-06-25 23:17:51 +02:00
Since 2.0, both portal and manager are native FastCGI / PSGI Plack based applications. They can be powered by any FastCGI / PSGI compatible web servers. Some examples:
2018-05-17 21:42:46 +02:00
< / p >
< div class = "table sectionedit3" > < table class = "inline table table-bordered table-striped" >
< thead >
< tr class = "row0 roweven" >
< th class = "col0" > < / th > < th class = "col1 centeralign" colspan = "2" > Apache < / th > < th class = "col3 centeralign" > Nginx < / th > < th class = "col4 centeralign" > Plack servers family < / th >
< / tr >
< / thead >
< tr class = "row1 rowodd" >
< td class = "col0 centeralign" > < strong > Engines< / strong > < / td > < td class = "col1 centeralign" colspan = "2" > < a href = "https://httpd.apache.org/mod_fcgid/" class = "urlextern" title = "https://httpd.apache.org/mod_fcgid/" rel = "nofollow" > mod_fcgid< / a > or < a href = "http://www.fastcgi.com/" class = "urlextern" title = "http://www.fastcgi.com/" rel = "nofollow" > mod_fastcgi< / a > < / td > < td class = "col3 centeralign" > < a href = "#external_servers_for_nginx" title = "documentation:2.0:platformsoverview ↵" class = "wikilink1" > FastCGI/uWSGI server< / a > < / td > < td class = "col4 centeralign" > Any < a href = "https://plackperl.org" class = "urlextern" title = "https://plackperl.org" rel = "nofollow" > Plack HTTP server< / a > < em > (see < a href = "configplack.html" class = "wikilink1" title = "documentation:2.0:configplack" > our doc< / a > )< / em > < / td >
< / tr >
< tr class = "row2 roweven" >
< td class = "col0 centeralign" > < strong > Link with webserver process< / strong > < / td > < td class = "col1 centeralign" > External processes managed by webserver < em > (default)< / em > < / td > < td class = "col2 centeralign" > External < a href = "#external_servers_for_nginx" title = "documentation:2.0:platformsoverview ↵" class = "wikilink1" > LLNG server< / a > < / td > < td class = "col3 centeralign" > External < a href = "#external_servers_for_nginx" title = "documentation:2.0:platformsoverview ↵" class = "wikilink1" > LLNG server< / a > < / td > < td class = "col4 centeralign" > < a href = "configplack.html" class = "wikilink1" title = "documentation:2.0:configplack" > Inside< / a > < / td >
< / tr >
< / table > < / div >
2018-06-25 23:17:51 +02:00
<!-- EDIT3 TABLE [648 - 1194] -->
2018-05-17 21:42:46 +02:00
< / div >
2018-06-25 23:17:51 +02:00
<!-- EDIT2 SECTION "Portal/Manager installation" [438 - 1195] -->
2018-05-17 21:42:46 +02:00
< h2 class = "sectionedit4" id = "application_protection_overview" > Application protection overview< / h2 >
< div class = "level2" >
< p >
Applications can be protected:
< / p >
< ul >
< li class = "level1" > < div class = "li" > by a LLNG handler< / div >
< / li >
< li class = "level1" > < div class = "li" > by themselves if they can dial with a supported protocol (< abbr title = "Security Assertion Markup Language" > SAML< / abbr > , OpenID-Connect,…)< / div >
< / li >
< / ul >
< p >
To protect applications with handler, LLNG can be used in two mode:
< / p >
< ul >
< li class = "level1" > < div class = "li" > Direct Application Mode : LLNG handler is an embedded application. Handler must be installed on application Web Server< / div >
< / li >
< li class = "level1" > < div class = "li" > ReverseProxy Mode : applications are hidden behind a ReverseProxy which provides the required LLNG handler< / div >
< / li >
< / ul >
< / div >
2018-06-25 23:17:51 +02:00
<!-- EDIT4 SECTION "Application protection overview" [1196 - 1685] -->
2018-05-17 21:42:46 +02:00
< h3 class = "sectionedit5" id = "handler_integration" > Handler integration< / h3 >
< div class = "level3" >
< / div >
< h4 id = "direct_application_mode" > Direct Application Mode< / h4 >
< div class = "level4" >
< p >
LLNG handlers can be installed on the following web servers:
< / p >
< div class = "table sectionedit6" > < table class = "inline table table-bordered table-striped" >
< thead >
< tr class = "row0 roweven" >
< th class = "col0 leftalign" > < / th > < th class = "col1 centeralign" > Apache < / th > < th class = "col2 centeralign" > Nginx < / th > < th class = "col3 centeralign" > Plack servers family < / th > < th class = "col4 centeralign" > Node.js < / th >
< / tr >
< / thead >
< tr class = "row1 rowodd" >
< td class = "col0 centeralign" > < strong > Addon needed< / strong > < / td > < td class = "col1 centeralign" > ModPerl < / td > < td class = "col2 leftalign" > < / td > < td class = "col3 leftalign" > < / td > < td class = "col4 centeralign" > Express < / td >
< / tr >
< tr class = "row2 roweven" >
2018-06-25 23:17:51 +02:00
< td class = "col0 centeralign" > < strong > LLNG integration in webserver< / strong > < / td > < td class = "col1 centeralign" > < a href = "configvhost.html#apache_configuration" class = "wikilink1" title = "documentation:2.0:configvhost" > Inside< / a > < / td > < td class = "col2 centeralign" > Separate process: < a href = "#external_servers_for_nginx" title = "documentation:2.0:platformsoverview ↵" class = "wikilink1" > External LLNG FastCGI/uWSGI servers< / a > < em > (auth_request)< / em > < / td > < td class = "col3 centeralign" > < a href = "psgi.html#protect_a_psgi_application" class = "wikilink1" title = "documentation:2.0:psgi" > Inside< / a > < / td > < td class = "col4 centeralign" > < a href = "https://github.com/LemonLDAPNG/node-lemonldap-ng-handler#express-app" class = "urlextern" title = "https://github.com/LemonLDAPNG/node-lemonldap-ng-handler#express-app" rel = "nofollow" > Inside< / a > < / td >
2018-05-17 21:42:46 +02:00
< / tr >
< / table > < / div >
2018-06-25 23:17:51 +02:00
<!-- EDIT6 TABLE [1812 - 2304] -->
2018-05-17 21:42:46 +02:00
< / div >
< h4 id = "reverseproxy_mode" > ReverseProxy Mode< / h4 >
< div class = "level4" >
< div class = "table sectionedit7" > < table class = "inline table table-bordered table-striped" >
< thead >
< tr class = "row0 roweven" >
< th class = "col0 leftalign" > < / th > < th class = "col1 centeralign" > Apache < / th > < th class = "col2 centeralign" > Nginx < / th >
< / tr >
< / thead >
< tr class = "row1 rowodd" >
< td class = "col0 centeralign" > < strong > LLNG integration in ReverseProxy webserver< / strong > < / td > < td class = "col1 centeralign" > < a href = "configvhost.html#apache_configuration" class = "wikilink1" title = "documentation:2.0:configvhost" > Inside< / a > < / td > < td class = "col2 centeralign" > Separate process: < a href = "#external_servers_for_nginx" title = "documentation:2.0:platformsoverview ↵" class = "wikilink1" > External LLNG FastCGI/uWSGI servers< / a > < / td >
< / tr >
< / table > < / div >
2018-06-25 23:17:51 +02:00
<!-- EDIT7 TABLE [2332 - 2569] -->
2018-05-17 21:42:46 +02:00
< / div >
2018-06-25 23:17:51 +02:00
<!-- EDIT5 SECTION "Handler integration" [1686 - 2571] -->
2018-05-17 21:42:46 +02:00
< h3 class = "sectionedit8" id = "external_servers_for_nginx" > External servers for Nginx< / h3 >
< div class = "level3" >
< p >
2018-06-25 23:17:51 +02:00
Nginx supportes natively FastCGI and uWSGI protocoles.
2018-05-17 21:42:46 +02:00
< / p >
< p >
Therefore, LLNG services can be provided by compatible external servers.
< / p >
2018-06-07 13:48:21 +02:00
< div class = "notetip" > FastCGI or uWSGI server(s) can be installed on separate hosts. Also you can imagine a global cloud-FastCGI/uWSGI-service for all your Nginx servers. See more at < a href = "ssoaas.html" class = "wikilink1" title = "documentation:2.0:ssoaas" > SSO as a service (SSOaaS)< / a > .
2018-05-17 21:42:46 +02:00
< / div >
< / div >
< h4 id = "fastcgi" > FastCGI< / h4 >
< div class = "level4" >
< p >
2018-06-07 13:48:21 +02:00
By default, LLNG provides a Plack based FastCGI server able to afford all LLNG services using < a href = "https://metacpan.org/pod/Plack::Handler::FCGI" class = "urlextern" title = "https://metacpan.org/pod/Plack::Handler::FCGI" rel = "nofollow" > FCGI< / a > engine.
2018-05-17 21:42:46 +02:00
< / p >
< p >
However, you can use some other FastCGI server engines:
< / p >
< ul >
< li class = "level1" > < div class = "li" > < a href = "https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" class = "urlextern" title = "https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" rel = "nofollow" > AnyEvent::FCGI< / a > < / div >
< / li >
< li class = "level1" > < div class = "li" > < a href = "https://metacpan.org/pod/Plack::Handler::FCGI::EV" class = "urlextern" title = "https://metacpan.org/pod/Plack::Handler::FCGI::EV" rel = "nofollow" > FCGI::EV< / a > < / div >
< / li >
< li class = "level1" > < div class = "li" > < a href = "https://metacpan.org/pod/Plack::Handler::FCGI::Engine" class = "urlextern" title = "https://metacpan.org/pod/Plack::Handler::FCGI::Engine" rel = "nofollow" > FCGI::Engine< / a > < / div >
< / li >
< li class = "level1" > < div class = "li" > < a href = "https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" class = "urlextern" title = "https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" rel = "nofollow" > FCGI::Engine::ProcManager< / a > < / div >
< / li >
< li class = "level1" > < div class = "li" > < a href = "https://metacpan.org/pod/Plack::Handler::FCGI::Async" class = "urlextern" title = "https://metacpan.org/pod/Plack::Handler::FCGI::Async" rel = "nofollow" > FCGI::Async< / a > < / div >
< / li >
< li class = "level1" > < div class = "li" > < a href = "https://github.com/LemonLDAPNG/node-lemonldap-ng-handler#nginx-authorization-server" class = "urlextern" title = "https://github.com/LemonLDAPNG/node-lemonldap-ng-handler#nginx-authorization-server" rel = "nofollow" > LLNG FastCGI server for Node.js< / a > (*)< / div >
< / li >
< / ul >
2018-06-07 13:48:21 +02:00
< div class = "notewarning" > (*) LLNG Node.js handler can only be used as Nginx `auth_request` server, not to serve Portal or Manager
2018-05-17 21:42:46 +02:00
< / div >
< / div >
< h4 id = "uwsgi" > uWSGI< / h4 >
< div class = "level4" >
< ul >
< li class = "level1" > < div class = "li" > uWSGI server < em > (with uwsgi PSGI plugin, see < a href = "psgi.html" class = "wikilink1" title = "documentation:2.0:psgi" > Advanced PSGI usage< / a > )< / em > < / div >
< / li >
< / ul >
< / div >
2018-06-25 23:17:51 +02:00
<!-- EDIT8 SECTION "External servers for Nginx" [2572 - ] --> < / div >
2018-05-17 21:42:46 +02:00
< / body >
< / html >