2016-10-15 19:57:04 +02:00
<!DOCTYPE html>
< html lang = "en" dir = "ltr" >
< head >
< meta charset = "utf-8" / >
< title > documentation:2.0:handlerauthbasic< / title >
< meta name = "generator" content = "DokuWiki" / >
2019-05-12 16:33:56 +02:00
< meta name = "robots" content = "index,follow" / >
2016-10-15 19:57:04 +02:00
< meta name = "keywords" content = "documentation,2.0,handlerauthbasic" / >
< link rel = "search" type = "application/opensearchdescription+xml" href = "lib/exe/opensearch.html" title = "LemonLDAP::NG" / >
< link rel = "start" href = "handlerauthbasic.html" / >
< link rel = "contents" href = "handlerauthbasic.html" title = "Sitemap" / >
< link rel = "stylesheet" type = "text/css" href = "lib/exe/css.php.t.bootstrap3.css" / >
2017-02-07 17:35:26 +01:00
<!-- //if:usedebianlibs
< link rel = "stylesheet" type = "text/css" href = "/javascript/bootstrap/css/bootstrap.min.css" / >
//elsif:useexternallibs
< link rel = "stylesheet" type = "text/css" href = "https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" > < / script >
//elsif:cssminified
< link rel = "stylesheet" type = "text/css" href = "/static/bwr/bootstrap/dist/css/bootstrap.min.css" / >
//else -->
< link rel = "stylesheet" type = "text/css" href = "/static/bwr/bootstrap/dist/css/bootstrap.css" / >
<!-- //endif -->
2016-10-15 19:57:04 +02:00
< script type = "text/javascript" > / * < ! [ C D A T A [ * / v a r N S = ' d o c u m e n t a t i o n : 2 . 0 ' ; v a r J S I N F O = { " i d " : " d o c u m e n t a t i o n : 2 . 0 : h a n d l e r a u t h b a s i c " , " n a m e s p a c e " : " d o c u m e n t a t i o n : 2 . 0 " } ;
/*!]]>*/< / script >
< script type = "text/javascript" charset = "utf-8" src = "lib/exe/js.php.t.bootstrap3.js" > < / script >
2017-02-07 17:35:26 +01:00
<!-- //if:usedebianlibs
< script type = "text/javascript" src = "/javascript/jquery/jquery.min.js" > < / script >
//elsif:useexternallibs
< script type = "text/javascript" src = "http://code.jquery.com/jquery-2.2.0.min.js" > < / script >
//elsif:jsminified
< script type = "text/javascript" src = "/static/bwr/jquery/dist/jquery.min.js" > < / script >
//else -->
< script type = "text/javascript" src = "/static/bwr/jquery/dist/jquery.js" > < / script >
<!-- //endif -->
<!-- //if:usedebianlibs
< script type = "text/javascript" src = "/javascript/jquery-ui/jquery-ui.min.js" > < / script >
//elsif:useexternallibs
< script type = "text/javascript" src = "http://code.jquery.com/ui/1.10.4/jquery-ui.min.js" > < / script >
//elsif:jsminified
2018-03-08 13:29:31 +01:00
< script type = "text/javascript" src = "/static/bwr/jquery-ui/jquery-ui.min.js" > < / script >
2017-02-07 17:35:26 +01:00
//else -->
2018-03-08 13:29:31 +01:00
< script type = "text/javascript" src = "/static/bwr/jquery-ui/jquery-ui.js" > < / script >
2017-02-07 17:35:26 +01:00
<!-- //endif -->
2016-10-15 19:57:04 +02:00
< / head >
< body >
< div class = "dokuwiki export container" >
<!-- TOC START -->
< div id = "dw__toc" >
< h3 class = "toggle" > Table of Contents< / h3 >
< div >
< ul class = "toc" >
< li class = "level1" > < div class = "li" > < a href = "#presentation" > Presentation< / a > < / div > < / li >
< li class = "level1" > < div class = "li" > < a href = "#configuration" > Configuration< / a > < / div >
< ul class = "toc" >
2019-04-09 22:26:40 +02:00
< li class = "level2" > < div class = "li" > < a href = "#portal" > Portal< / a > < / div > < / li >
2017-02-22 13:41:23 +01:00
< li class = "level2" > < div class = "li" > < a href = "#virtual_host" > Virtual host< / a > < / div > < / li >
2016-10-15 19:57:04 +02:00
< li class = "level2" > < div class = "li" > < a href = "#handler_parameters" > Handler parameters< / a > < / div > < / li >
< / ul > < / li >
< / ul >
< / div >
< / div >
<!-- TOC END -->
< h1 class = "sectionedit1" id = "authbasic_handler" > AuthBasic Handler< / h1 >
< div class = "level1" >
< / div >
<!-- EDIT1 SECTION "AuthBasic Handler" [1 - 33] -->
< h2 class = "sectionedit2" id = "presentation" > Presentation< / h2 >
< div class = "level2" >
< p >
2018-06-25 23:17:51 +02:00
The AuthBasic Handler is a special Handler using AuthBasic method to authenticate and grante access to a virtual host.
2016-10-15 19:57:04 +02:00
< / p >
< p >
2018-06-25 23:17:51 +02:00
The Handler sends a WWW-Authenticate header to the client, to request user id and password. Then it checks credentials by using < abbr title = "LemonLDAP::NG" > LL::NG< / abbr > REST web service (REST session service must be enabled in the manager). Once session is granted, the Handler will check authorizations like the standard Handler.
2016-10-15 19:57:04 +02:00
< / p >
< p >
2018-06-25 23:17:51 +02:00
This feature can be useful to allow a third party application to access a virtual host with user credentials by sending a Basic challenge to it.
2016-10-15 19:57:04 +02:00
< / p >
< / div >
2018-06-25 23:17:51 +02:00
<!-- EDIT2 SECTION "Presentation" [34 - 624] -->
2016-10-15 19:57:04 +02:00
< h2 class = "sectionedit3" id = "configuration" > Configuration< / h2 >
< div class = "level2" >
< / div >
2018-06-25 23:17:51 +02:00
<!-- EDIT3 SECTION "Configuration" [625 - 651] -->
2019-04-09 22:26:40 +02:00
< h3 class = "sectionedit4" id = "portal" > Portal< / h3 >
< div class = "level3" >
< p >
< a href = "restservices.html" class = "wikilink1" title = "documentation:2.0:restservices" > REST server< / a > must be enabled on portal.
< / p >
< / div >
<!-- EDIT4 SECTION "Portal" [652 - 726] -->
< h3 class = "sectionedit5" id = "virtual_host" > Virtual host< / h3 >
2016-10-15 19:57:04 +02:00
< div class = "level3" >
2017-02-22 13:41:23 +01:00
< p >
2019-09-23 22:41:16 +02:00
You just have to set " Type: AuthBasic" in the virtualHost options in the manager.
2017-02-22 13:41:23 +01:00
< / p >
2016-10-15 19:57:04 +02:00
< p >
2019-09-23 22:41:16 +02:00
If you want to protect only a virtualHost part, keep type on " Main" and set type in your configuration file:
2016-10-15 19:57:04 +02:00
< / p >
2017-02-22 13:41:23 +01:00
< ul >
< li class = "level1" > < div class = "li" > Apache: use simply a < code > PerlSetVar VHOSTTYPE AuthBasic< / code > < / div >
< / li >
2019-06-28 16:53:45 +02:00
< li class = "level1" > < div class = "li" > Nginx: create another FastCGI with a < code > fastcgi_param VHOSTTYPE AuthBasic;< / code > < em > (and remove error_page 401)< / em > < / div >
2017-02-22 13:41:23 +01:00
< / li >
< / ul >
2016-10-15 19:57:04 +02:00
< / div >
2019-06-28 16:53:45 +02:00
<!-- EDIT5 SECTION "Virtual host" [727 - 1115] -->
2019-04-09 22:26:40 +02:00
< h3 class = "sectionedit6" id = "handler_parameters" > Handler parameters< / h3 >
2017-02-22 13:41:23 +01:00
< div class = "level3" >
2016-10-15 19:57:04 +02:00
< p >
2019-09-23 22:41:16 +02:00
No parameters needed. But you have to allow REST sessions web services, see < a href = "restsessionbackend.html" class = "wikilink1" title = "documentation:2.0:restsessionbackend" > REST sessions backend< / a > , enable local cache (enabled by default in lemonldap-ng.ini) and allow source < abbr title = "Internet Protocol" > IP< / abbr > addresses to access required locations in Portal Virtual Host.
2016-10-15 19:57:04 +02:00
< / p >
2019-09-23 22:41:16 +02:00
< div class = "notewarning" > With AuthBasic handler, you have to disable CSRF token by setting a special rule based on source < abbr title = "Internet Protocol" > IP< / abbr > addresses like this :
2016-10-15 19:57:04 +02:00
< p >
2019-04-09 22:26:40 +02:00
requireToken => $env-> {REMOTE_ADDR} !~ /^127\.0\.[1-3]\.1$/
2016-10-15 19:57:04 +02:00
< / p >
2019-09-23 22:41:16 +02:00
< p >
With AutChoice, you have to declare which authentication module is requested by handler to create global session.
< / p >
< p >
Go to: < code > General Parameters > Authentication parameters > Choice parameters< / code >
< / p >
< p >
and set authentication module' s name :
< / p >
< p >
< strong > AuthBasic handler parameter< / strong > => 2_LDAP (by example)
< / p >
< / div > < div class = "noteimportant" > With HTTPS, you may have to set < strong > LWP::UserAgent object< / strong > with < code > verify_hostname => 0< / code > and < code > SSL_verify_mode => 0< / code > .
< p >
Go to:
< / p >
< p >
< code > General Parameters > Advanced Parameters > Security > Choice parameters > SSL options for server requests< / code >
< / p >
2016-10-15 19:57:04 +02:00
< / div >
2019-04-09 22:26:40 +02:00
< / div >
2019-06-28 16:53:45 +02:00
<!-- EDIT6 SECTION "Handler parameters" [1116 - ] --> < / div >
2016-10-15 19:57:04 +02:00
< / body >
< / html >