2020-05-14 23:29:41 +02:00
|
|
|
|
Main features
|
|
|
|
|
|
=============
|
|
|
|
|
|
|
|
|
|
|
|
Full access control
|
|
|
|
|
|
-------------------
|
|
|
|
|
|
|
|
|
|
|
|
LL::NG is a web single-sign-on system, but unlike some systems it can
|
|
|
|
|
|
manage rights on applications based on regular expressions on URL.
|
|
|
|
|
|
|
|
|
|
|
|
Easy to customize
|
|
|
|
|
|
-----------------
|
|
|
|
|
|
|
|
|
|
|
|
LL::NG is designed using `Model–View–Controller software
|
|
|
|
|
|
architecture <http://en.wikipedia.org/wiki/Model%E2%80%93View%E2%80%93Controller>`__,
|
|
|
|
|
|
so you just have to
|
|
|
|
|
|
:doc:`change HTML/CSS files<portalcustom>` to
|
2020-12-26 15:34:54 +01:00
|
|
|
|
customize the portal.
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
|
|
|
Easy to integrate
|
|
|
|
|
|
-----------------
|
|
|
|
|
|
|
|
|
|
|
|
:doc:`Integrating applications<applications>` in
|
2020-12-26 15:34:54 +01:00
|
|
|
|
LL::NG is easy since its dialogue with applications is based on
|
2020-05-18 09:56:39 +02:00
|
|
|
|
:ref:`customizable HTTP headers<headers>`.
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
|
|
|
Unifying authentications (Identity Federation)
|
|
|
|
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
|
|
LL::NG can easily exchange with other authentication systems by using
|
|
|
|
|
|
SAML, OpenID or CAS protocoles. It may be the backbone of a
|
2022-02-09 00:10:59 +01:00
|
|
|
|
heterogeneous architecture.
|
|
|
|
|
|
|
|
|
|
|
|
LL:NG can be set as Identity provider,
|
2020-05-14 23:29:41 +02:00
|
|
|
|
Service Provider or Protocol Proxy
|
|
|
|
|
|
(:doc:`LL::NG as federation protocol proxy<federationproxy>`).
|
|
|
|
|
|
|
2022-02-09 00:10:59 +01:00
|
|
|
|
Its REST / SOAP API can also be used to dialogue directly with your custom
|
2020-05-14 23:29:41 +02:00
|
|
|
|
applications.
|
|
|
|
|
|
|
|
|
|
|
|
Sessions
|
|
|
|
|
|
--------
|
|
|
|
|
|
|
2020-05-18 09:56:39 +02:00
|
|
|
|
.. _session-explorer:
|
|
|
|
|
|
|
2020-05-14 23:29:41 +02:00
|
|
|
|
Session explorer
|
|
|
|
|
|
~~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
|
|
|
|
|
LL::NG Manager has a session explorer module that can be used to browse
|
|
|
|
|
|
opened sessions:
|
|
|
|
|
|
|
|
|
|
|
|
- by users
|
|
|
|
|
|
- by IP *(IPv4 and IPv6)*
|
2022-02-09 00:10:59 +01:00
|
|
|
|
- by double IP (sessions opened by the same user from multiple computers)
|
2020-12-26 15:34:54 +01:00
|
|
|
|
- by date
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
|
|
|
It can be used to delete a session
|
|
|
|
|
|
|
2020-05-18 09:56:39 +02:00
|
|
|
|
.. _session-restrictions:
|
|
|
|
|
|
|
2020-05-14 23:29:41 +02:00
|
|
|
|
Session restrictions
|
|
|
|
|
|
~~~~~~~~~~~~~~~~~~~~
|
|
|
|
|
|
|
2022-02-09 00:10:59 +01:00
|
|
|
|
By default, a user can open several :doc:`sessions<sessions>`.
|
|
|
|
|
|
LL::NG can restrict the following:
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
|
|
|
- Allow only one session per user
|
|
|
|
|
|
- Allow only one IP address per user
|
|
|
|
|
|
- Allow only one user per IP address
|
|
|
|
|
|
|
|
|
|
|
|
Those capabilities can be used simultaneously or separately.
|
|
|
|
|
|
|
|
|
|
|
|
Double cookie
|
|
|
|
|
|
~~~~~~~~~~~~~
|
|
|
|
|
|
|
2022-02-09 00:10:59 +01:00
|
|
|
|
LL::NG can be configured to provides :doc:`2 cookies<ssocookie>`:
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
|
|
|
|
|
- one secured (SSL only) for sensitive applications
|
|
|
|
|
|
- one unsecured for other applications
|
|
|
|
|
|
|
2020-12-26 15:34:54 +01:00
|
|
|
|
So that if the http cookie is stolen, sensitive applications remain secured.
|
2020-05-14 23:29:41 +02:00
|
|
|
|
|
2022-02-09 00:10:59 +01:00
|
|
|
|
|
2020-05-14 23:29:41 +02:00
|
|
|
|
Notifications
|
|
|
|
|
|
-------------
|
|
|
|
|
|
|
2020-12-26 15:34:54 +01:00
|
|
|
|
LL::NG can be used to notify users with a message when authenticating. This can be used to
|
2022-02-09 00:10:59 +01:00
|
|
|
|
inform of a change in access rights, the publication of a new IT charter, etc...
|
|
|
|
|
|
(See :doc:`notifications<notifications>` for more details)
|
