LemonLDAP::NG configuration is build around Apache virtual hosts. Each virtual host is a protected resource, with access rules, headers, POST data and options.
To protect a virtual host in Apache, the LemonLDAP::NG Handler must be activated (see <ahref="../../documentation/1.4/configlocation.html#apache"class="wikilink1"title="documentation:1.4:configlocation">Apache global configuration</a>).
<p><divclass="noteclassic">The <code>ProxyPreserveHost</code> directive will forward the Host header to the protected application.<br/>
To learn more about using Apache as reverse-proxy, see <ahref="http://httpd.apache.org/docs/current/mod/mod_proxy.html"class="urlextern"title="http://httpd.apache.org/docs/current/mod/mod_proxy.html"rel="nofollow">Apache documentation</a>.
<p><divclass="notetip">Some applications need the <code>REMOTE_USER</code> environment variable to get the connected user, which is not set in reverse-proxy mode. In this case, see <ahref="../../documentation/1.4/header_remote_user_conversion.html"class="wikilink1"title="documentation:1.4:header_remote_user_conversion">how convert header into environment variable</a>.
<p><divclass="notetip">You can also use the <ahref="../../documentation/1.4/internalproxy.html"class="wikilink1"title="documentation:1.4:internalproxy">internal proxy</a> to replace Apache mod_proxy configuration.
An apache virtual host protected by LemonLDAP::NG Handler must be registered in LemonLDAP::NG configuration.
</p>
<p>
To do this, use the Manager, and go in <code>Virtual Hosts</code> branch. You can add, delete or modify a virtual host here.
</p>
<p>
A virtual host contains:
</p>
<ul>
<liclass="level1"><divclass="li"> Access rules: check user's right on <acronymtitle="Uniform Resource Locator">URL</acronym> patterns</div>
</li>
<liclass="level1"><divclass="li"><acronymtitle="Hyper Text Transfer Protocol">HTTP</acronym> headers: forge information sent to protected applications</div>
</li>
<liclass="level1"><divclass="li"> POST data: use form replay</div>
</li>
<liclass="level1"><divclass="li"> Options: redirection port and protocol</div>
See <strong><ahref="../../documentation/1.4/writingrulesand_headers.html"class="wikilink1"title="documentation:1.4:writingrulesand_headers">Writing rules and headers</a></strong> to learn how to configure access control and <acronymtitle="Hyper Text Transfer Protocol">HTTP</acronym> headers sent to application by <acronymtitle="LemonLDAP::NG">LL::NG</acronym>.
See <strong><ahref="../../documentation/1.4/formreplay.html"class="wikilink1"title="documentation:1.4:formreplay">Form replay</a></strong> to learn how to configure form replay to POST data on protected applications.
These options are used to build redirection <acronymtitle="Uniform Resource Locator">URL</acronym> (when user is not logged, or for <acronymtitle="Cross Domain Authentication">CDA</acronym> requests). By default, default values are used. These options are only here to override default values.