Update doc (#1359)

2018-02-21 22:17:33 +01:00 · 2018-02-21 22:17:33 +01:00 · 1a3af1de37
commit 1a3af1de37
parent a129081847
44 changed files with 2729 additions and 3749 deletions
--- a/doc/pages/documentation/current/applications.html
+++ b/doc/pages/documentation/current/applications.html
@ -179,13 +179,16 @@ If none of above methods is available, you can try:
 		<td class="col0 centeralign">  <a href="applications/tomcat.html" class="media" title="documentation:2.0:applications:tomcat"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/tomcat.html" class="wikilink1" title="documentation:2.0:applications:tomcat">Tomcat</a>  </td><td class="col2 centeralign">  ✔  </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
 	</tr>
 	<tr class="row31 rowodd">
-		<td class="col0 centeralign">  <a href="applications/zimbra.html" class="media" title="documentation:2.0:applications:zimbra"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/zimbra.html" class="wikilink1" title="documentation:2.0:applications:zimbra">Zimbra</a>  </td><td class="col2"> </td><td class="col3 centeralign">  ✔  </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+		<td class="col0 centeralign">  <a href="applications/wordpress.html" class="media" title="documentation:2.0:applications:wordpress"><img src="icons/kmultiple.png" class="media" alt="" width="100" /></a>  </td><td class="col1 centeralign">  <a href="applications/wordpress.html" class="wikilink1" title="documentation:2.0:applications:wordpress">Wordpress</a>  </td><td class="col2"> </td><td class="col3"> </td><td class="col4 centeralign">   ✔  </td><td class="col5"> </td><td class="col6"> </td>
 	</tr>
 	<tr class="row32 roweven">
+		<td class="col0 centeralign">  <a href="applications/zimbra.html" class="media" title="documentation:2.0:applications:zimbra"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/zimbra.html" class="wikilink1" title="documentation:2.0:applications:zimbra">Zimbra</a>  </td><td class="col2"> </td><td class="col3 centeralign">  ✔  </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row33 rowodd">
 		<th class="col0 leftalign">  </th><th class="col1 leftalign">  </th><th class="col2 centeralign">  HTTP headers  </th><th class="col3 centeralign">  Specific Handler  </th><th class="col4 centeralign">  <abbr title="Central Authentication Service">CAS</abbr>  </th><th class="col5 leftalign"> <abbr title="Security Assertion Markup Language">SAML</abbr>  </th><th class="col6 centeralign">  OpenID Connect  </th>
 	</tr>
 </table></div>
-<!-- EDIT4 TABLE [1223-5126] -->
+<!-- EDIT4 TABLE [1223-5260] -->
 </div>
 <!-- EDIT3 SECTION "Application list" [1192-] --></div>
 </body>
--- a/doc/pages/documentation/current/applications/img/icons.png
+++ b/doc/pages/documentation/current/applications/img/icons.png
@ -90,7 +90,7 @@
        <form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
        
        <ul class="nav navbar-nav">
-                    <li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=df00727bb453bdfe152489fdb4e33ed5"  class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li>        </ul>
+                    <li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=cf4c71aa95ca9de8db78e281e71fa354"  class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li>        </ul>

      </div>

@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
      
    </div><!-- /site -->

-    <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1516959167" width="2" height="1" alt="" /></div>
+    <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1519247446" width="2" height="1" alt="" /></div>
    <div id="screen__mode" class="no">
      <span class="visible-xs"></span>
      <span class="visible-sm"></span>
--- a/doc/pages/documentation/current/applications/img/loader.gif
+++ b/doc/pages/documentation/current/applications/img/loader.gif
@ -90,7 +90,7 @@
        <form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
        
        <ul class="nav navbar-nav">
-                    <li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=df00727bb453bdfe152489fdb4e33ed5"  class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li>        </ul>
+                    <li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=cf4c71aa95ca9de8db78e281e71fa354"  class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li>        </ul>

      </div>

@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
      
    </div><!-- /site -->

-    <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1516959167" width="2" height="1" alt="" /></div>
+    <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1519247446" width="2" height="1" alt="" /></div>
    <div id="screen__mode" class="no">
      <span class="visible-xs"></span>
      <span class="visible-sm"></span>
--- a/doc/pages/documentation/current/applications/wordpress.html
+++ b/doc/pages/documentation/current/applications/wordpress.html
@ -0,0 +1,154 @@
+<!DOCTYPE html>
+<html lang="en" dir="ltr">
+<head>
+  <meta charset="utf-8" />
+  <title>documentation:2.0:applications:wordpress</title>
+<meta name="generator" content="DokuWiki"/>
+<meta name="robots" content="index,follow"/>
+<meta name="keywords" content="documentation,2.0,applications,wordpress"/>
+<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
+<link rel="start" href="wordpress.html"/>
+<link rel="contents" href="wordpress.html" title="Sitemap"/>
+<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
+<!-- //if:usedebianlibs
+  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
+//elsif:useexternallibs
+  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
+//elsif:cssminified
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
+//else -->
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
+<!-- //endif -->
+<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:wordpress","namespace":"documentation:2.0:applications"};
+/*!]]>*/</script>
+<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script>
+<!-- //if:usedebianlibs
+<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
+//elsif:useexternallibs
+<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
+//elsif:jsminified
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
+//else -->
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
+<!-- //endif -->
+<!-- //if:usedebianlibs
+  <script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
+//elsif:useexternallibs
+  <script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
+//elsif:jsminified
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
+//else -->
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script>
+<!-- //endif -->
+</head>
+<body>
+<div class="dokuwiki export container">
+<!-- TOC START -->
+<div id="dw__toc">
+<h3 class="toggle">Table of Contents</h3>
+<div>
+
+<ul class="toc">
+<li class="level1"><div class="li"><a href="#presentation">Presentation</a></div></li>
+<li class="level1"><div class="li"><a href="#cas">CAS</a></div>
+<ul class="toc">
+<li class="level2"><div class="li"><a href="#plugin_installation">Plugin installation</a></div></li>
+<li class="level2"><div class="li"><a href="#plugin_configuration">Plugin configuration</a></div>
+<ul class="toc">
+<li class="level3"><div class="li"><a href="#general_settings">General settings</a></div></li>
+<li class="level3"><div class="li"><a href="#user_roles_settings">User Roles Settings</a></div></li>
+</ul></li>
+</ul></li>
+</ul>
+</div>
+</div>
+<!-- TOC END -->
+
+<h1 class="sectionedit1" id="wordpress">Wordpress</h1>
+<div class="level1">
+
+<p>
+<img src="wordpress_logo.png" class="mediacenter" alt="" />
+</p>
+
+</div>
+<!-- EDIT1 SECTION "Wordpress" [1-73] -->
+<h2 class="sectionedit2" id="presentation">Presentation</h2>
+<div class="level2">
+
+<p>
+<a href="https://wordpress.org/" class="urlextern" title="https://wordpress.org/"  rel="nofollow">Wordpress</a> is a famous tool to create websites.
+</p>
+
+<p>
+A lot of authentication plugins are available. We propose here to use <abbr title="Central Authentication Service">CAS</abbr> protocol and <a href="https://wordpress.org/plugins/wp-cassify/" class="urlextern" title="https://wordpress.org/plugins/wp-cassify/"  rel="nofollow">WP Cassify</a> plugin.
+</p>
+
+</div>
+<!-- EDIT2 SECTION "Presentation" [74-327] -->
+<h2 class="sectionedit3" id="cas">CAS</h2>
+<div class="level2">
+
+</div>
+<!-- EDIT3 SECTION "CAS" [328-344] -->
+<h3 class="sectionedit4" id="plugin_installation">Plugin installation</h3>
+<div class="level3">
+
+<p>
+Go in Wordpress admin and install <a href="https://wordpress.org/plugins/wp-cassify/" class="urlextern" title="https://wordpress.org/plugins/wp-cassify/"  rel="nofollow">WP Cassify</a> plugin.
+</p>
+
+</div>
+<!-- EDIT4 SECTION "Plugin installation" [345-475] -->
+<h3 class="sectionedit5" id="plugin_configuration">Plugin configuration</h3>
+<div class="level3">
+
+<p>
+The full documentation is available on <a href="https://wpcassify.wordpress.com/" class="urlextern" title="https://wpcassify.wordpress.com/"  rel="nofollow">https://wpcassify.wordpress.com/</a>
+</p>
+
+</div>
+
+<h4 id="general_settings">General settings</h4>
+<div class="level4">
+
+<p>
+Configure <abbr title="Central Authentication Service">CAS</abbr> server and <abbr title="Central Authentication Service">CAS</abbr> version:
+</p>
+<ul>
+<li class="level1"><div class="li"> <abbr title="Central Authentication Service">CAS</abbr> Server base url : <a href="https://auth.example.com/cas/" class="urlextern" title="https://auth.example.com/cas/"  rel="nofollow">https://auth.example.com/cas/</a></div>
+</li>
+<li class="level1"><div class="li"> <abbr title="Central Authentication Service">CAS</abbr> Version protocol: 2</div>
+</li>
+</ul>
+
+<p>
+Other options are correct by default.
+</p>
+
+</div>
+
+<h4 id="user_roles_settings">User Roles Settings</h4>
+<div class="level4">
+
+<p>
+You can assign WP Roles depending on values sent by <abbr title="Central Authentication Service">CAS</abbr>.
+</p>
+
+<p>
+The rules syntax is quite special, you can use it or you can just define macros on <abbr title="LemonLDAP::NG">LL::NG</abbr> side and send them trough <abbr title="Central Authentication Service">CAS</abbr> to keep simple rules on WP side.
+</p>
+
+<p>
+For example create a macro <code>role_wordpress_admin</code> which contains <code>1</code> if the user is admin on WP, and send it in <abbr title="Central Authentication Service">CAS</abbr> attributes.
+</p>
+
+<p>
+Then create this rule on WP side:
+</p>
+<pre class="code">administrator|(CAS{role_wordpress_admin} -EQ &quot;1&quot;)</pre>
+
+</div>
+<!-- EDIT5 SECTION "Plugin configuration" [476-] --></div>
+</body>
+</html>
--- a/doc/pages/documentation/current/restserverplugin
+++ b/doc/pages/documentation/current/restserverplugin
@ -90,7 +90,7 @@
        <form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
        
        <ul class="nav navbar-nav">
-                    <li><a href="/documentation/2.0/restserverplugin?do=login&amp;sectok=df00727bb453bdfe152489fdb4e33ed5"  class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li>        </ul>
+                    <li><a href="/documentation/2.0/restserverplugin?do=login&amp;sectok=cf4c71aa95ca9de8db78e281e71fa354"  class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li>        </ul>

      </div>

@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
      
    </div><!-- /site -->

-    <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Arestserverplugin&amp;1516959187" width="2" height="1" alt="" /></div>
+    <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Arestserverplugin&amp;1519247470" width="2" height="1" alt="" /></div>
    <div id="screen__mode" class="no">
      <span class="visible-xs"></span>
      <span class="visible-sm"></span>
--- a/doc/pages/documentation/current/samlservice.html
+++ b/doc/pages/documentation/current/samlservice.html
@ -4,7 +4,7 @@
  <meta charset="utf-8" />
  <title>documentation:2.0:samlservice</title>
 <meta name="generator" content="DokuWiki"/>
-<meta name="robots" content="index,follow"/>
+<meta name="robots" content="noindex,nofollow"/>
 <meta name="keywords" content="documentation,2.0,samlservice"/>
 <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
 <link rel="start" href="samlservice.html"/>
@ -137,7 +137,7 @@ This documentation explains how configure <abbr title="Security Assertion Markup
 </p>

 <p>
-SAML2 implementation is based on <a href="http://lasso.entrouvert.org" class="urlextern" title="http://lasso.entrouvert.org"  rel="nofollow">Lasso</a>. You will need a very recent version of Lasso (&gt;= 2.3.0).
+SAML2 implementation is based on <a href="http://lasso.entrouvert.org" class="urlextern" title="http://lasso.entrouvert.org"  rel="nofollow">Lasso</a>. You will need a very recent version of Lasso (&gt;= 2.5.0).
 </p>

 </div>
@ -146,7 +146,7 @@ SAML2 implementation is based on <a href="http://lasso.entrouvert.org" class="ur
 <div class="level4">

 <p>
-There are packages available here: <a href="http://deb.entrouvert.org/" class="urlextern" title="http://deb.entrouvert.org/"  rel="nofollow">http://deb.entrouvert.org/</a>.
+You can use official Debian packages or those available here: <a href="http://deb.entrouvert.org/" class="urlextern" title="http://deb.entrouvert.org/"  rel="nofollow">http://deb.entrouvert.org/</a>.
 </p>

 <p>
@ -160,14 +160,14 @@ You will only need to install liblasso-perl package:
 <div class="level4">

 <p>
-RPMs are available in <abbr title="LemonLDAP::NG">LL::NG</abbr> RPM repository (see <a href="installrpm.html#yum_repository" class="wikilink1" title="documentation:2.0:installrpm">yum_repository</a>)
+RPMs are available in <abbr title="LemonLDAP::NG">LL::NG</abbr> RPM “extras” repository (see <a href="installrpm.html#yum_repository" class="wikilink1" title="documentation:2.0:installrpm">yum_repository</a>)
 </p>

 <p>
 Then install lasso and lasso-perl packages:
 </p>
 <pre class="code">yum install lasso lasso-perl</pre>
-<div class="noteimportant">Only EL6 64bits and EL7 64bits package are available.
+<div class="noteimportant">Only 64bits package are available.
 </div>
 </div>

@ -179,7 +179,7 @@ Then install lasso and lasso-perl packages:
 </p>

 </div>
-<!-- EDIT4 SECTION "Lasso" [717-1485] -->
+<!-- EDIT4 SECTION "Lasso" [717-1502] -->
 <h2 class="sectionedit5" id="service_configuration">Service configuration</h2>
 <div class="level2">

@ -189,7 +189,7 @@ Go in Manager and click on <code><abbr title="Security Assertion Markup Language
 <div class="notetip">You can use #PORTAL# in values to replace the portal <abbr title="Uniform Resource Locator">URL</abbr>.
 </div>
 </div>
-<!-- EDIT5 SECTION "Service configuration" [1486-1649] -->
+<!-- EDIT5 SECTION "Service configuration" [1503-1666] -->
 <h3 class="sectionedit6" id="entry_identifier">Entry Identifier</h3>
 <div class="level3">

@ -204,7 +204,7 @@ Your EntityID, often use as metadata <abbr title="Uniform Resource Locator">URL<
 </div><div class="notewarning">If you modify <code>/saml/metadata</code> suffix you have to change corresponding Apache rewrite rule.
 </div>
 </div>
-<!-- EDIT6 SECTION "Entry Identifier" [1650-2047] -->
+<!-- EDIT6 SECTION "Entry Identifier" [1667-2064] -->
 <h3 class="sectionedit7" id="security_parameters">Security parameters</h3>
 <div class="level3">

@ -240,7 +240,7 @@ $ openssl x509 -req -days 3650 -in cert.csr -signkey private.key -out cert.pem</

 </div>
 </div>
-<!-- EDIT7 SECTION "Security parameters" [2048-3310] -->
+<!-- EDIT7 SECTION "Security parameters" [2065-3327] -->
 <h3 class="sectionedit8" id="nameid_formats">NameID formats</h3>
 <div class="level3">

@ -277,7 +277,7 @@ Other NameID formats are automatically managed:
 </ul>

 </div>
-<!-- EDIT8 SECTION "NameID formats" [3311-4069] -->
+<!-- EDIT8 SECTION "NameID formats" [3328-4086] -->
 <h3 class="sectionedit9" id="authentication_contexts">Authentication contexts</h3>
 <div class="level3">

@ -301,7 +301,7 @@ Customizable NameID formats are:
 </ul>

 </div>
-<!-- EDIT9 SECTION "Authentication contexts" [4070-4793] -->
+<!-- EDIT9 SECTION "Authentication contexts" [4087-4810] -->
 <h3 class="sectionedit10" id="organization">Organization</h3>
 <div class="level3">
 <div class="noteclassic">This concerns all parameters for the Organization metadata section:
@ -321,7 +321,7 @@ Customizable NameID formats are:
 </ul>

 </div>
-<!-- EDIT10 SECTION "Organization" [4794-5305] -->
+<!-- EDIT10 SECTION "Organization" [4811-5322] -->
 <h3 class="sectionedit11" id="service_provider">Service Provider</h3>
 <div class="level3">
 <div class="noteclassic">This concerns all parameters for the Service Provider metadata section: 
@ -404,7 +404,7 @@ The only authorized binding is SOAP. This should be set as Default.
 </p>

 </div>
-<!-- EDIT11 SECTION "Service Provider" [5306-6360] -->
+<!-- EDIT11 SECTION "Service Provider" [5323-6377] -->
 <h3 class="sectionedit12" id="identity_provider">Identity Provider</h3>
 <div class="level3">
 <div class="noteclassic">This concerns all parameters for the Service Provider metadata section:
@ -489,7 +489,7 @@ The only authorized binding is SOAP. This should be set as Default.
 </p>

 </div>
-<!-- EDIT12 SECTION "Identity Provider" [6361-7349] -->
+<!-- EDIT12 SECTION "Identity Provider" [6378-7366] -->
 <h3 class="sectionedit13" id="attribute_authority">Attribute Authority</h3>
 <div class="level3">
 <div class="noteclassic">This concerns all parameters for the Attribute Authority metadata section
@ -512,7 +512,7 @@ Response Location should be empty, as SOAP responses are directly returned (sync
 </p>

 </div>
-<!-- EDIT13 SECTION "Attribute Authority" [7350-7761] -->
+<!-- EDIT13 SECTION "Attribute Authority" [7367-7778] -->
 <h3 class="sectionedit14" id="advanced">Advanced</h3>
 <div class="level3">

@ -571,6 +571,6 @@ Configuration parameters are:
 </ul>

 </div>
-<!-- EDIT14 SECTION "Advanced" [7762-] --></div>
+<!-- EDIT14 SECTION "Advanced" [7779-] --></div>
 </body>
 </html>
--- a/doc/pages/documentation/current/selinux.html
+++ b/doc/pages/documentation/current/selinux.html
@ -50,7 +50,8 @@

 <ul class="toc">
 <li class="level1"><div class="li"><a href="#disk_cache_sessions_an_configuration">Disk cache (sessions an configuration)</a></div></li>
-<li class="level1"><div class="li"><a href="#access_to_ldap">Access to LDAP</a></div></li>
+<li class="level1"><div class="li"><a href="#ldap">LDAP</a></div></li>
+<li class="level1"><div class="li"><a href="#databases">Databases</a></div></li>
 <li class="level1"><div class="li"><a href="#memcache">Memcache</a></div></li>
 <li class="level1"><div class="li"><a href="#proxy_http">Proxy HTTP</a></div></li>
 </ul>
@ -77,24 +78,30 @@ To persist the rule:
 <pre class="code">semanage fcontext -a -t http_sys_content_t /tmp</pre>

 </div>
-<!-- EDIT2 SECTION "Disk cache (sessions an configuration)" [103-290] -->
-<h2 class="sectionedit3" id="access_to_ldap">Access to LDAP</h2>
+<!-- EDIT2 SECTION "Disk cache (sessions an configuration)" [103-291] -->
+<h2 class="sectionedit3" id="ldap">LDAP</h2>
 <div class="level2">
 <pre class="code">setsebool -P httpd_can_connect_ldap 1</pre>

 </div>
-<!-- EDIT3 SECTION "Access to LDAP" [291-370] -->
-<h2 class="sectionedit4" id="memcache">Memcache</h2>
+<!-- EDIT3 SECTION "LDAP" [292-361] -->
+<h2 class="sectionedit4" id="databases">Databases</h2>
+<div class="level2">
+<pre class="code">setsebool -P httpd_can_network_connect_db 1</pre>
+
+</div>
+<!-- EDIT4 SECTION "Databases" [362-442] -->
+<h2 class="sectionedit5" id="memcache">Memcache</h2>
 <div class="level2">
 <pre class="code">setsebool -P httpd_can_network_memcache 1</pre>

 </div>
-<!-- EDIT4 SECTION "Memcache" [371-448] -->
-<h2 class="sectionedit5" id="proxy_http">Proxy HTTP</h2>
+<!-- EDIT5 SECTION "Memcache" [443-520] -->
+<h2 class="sectionedit6" id="proxy_http">Proxy HTTP</h2>
 <div class="level2">
 <pre class="code">setsebool -P httpd_can_network_relay 1</pre>

 </div>
-<!-- EDIT5 SECTION "Proxy HTTP" [449-] --></div>
+<!-- EDIT6 SECTION "Proxy HTTP" [521-] --></div>
 </body>
 </html>
--- a/doc/pages/documentation/current/sqlconfbackend.html
+++ b/doc/pages/documentation/current/sqlconfbackend.html
@ -4,7 +4,7 @@
  <meta charset="utf-8" />
  <title>documentation:2.0:sqlconfbackend</title>
 <meta name="generator" content="DokuWiki"/>
-<meta name="robots" content="noindex,nofollow"/>
+<meta name="robots" content="index,follow"/>
 <meta name="keywords" content="documentation,2.0,sqlconfbackend"/>
 <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
 <link rel="start" href="sqlconfbackend.html"/>
--- a/doc/pages/documentation/current/start.html
+++ b/doc/pages/documentation/current/start.html
@ -4,7 +4,7 @@
  <meta charset="utf-8" />
  <title>documentation:2.0:start</title>
 <meta name="generator" content="DokuWiki"/>
-<meta name="robots" content="index,follow"/>
+<meta name="robots" content="noindex,nofollow"/>
 <meta name="keywords" content="documentation,2.0,start"/>
 <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
 <link rel="start" href="start.html"/>
@ -341,16 +341,19 @@
 		<td class="col0"> <a href="u2f.html" class="wikilink1" title="documentation:2.0:u2f">U2F</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign">  ✔  </td><td class="col2"></td><td class="col3"></td>
 	</tr>
 	<tr class="row32 roweven">
-		<td class="col0"> <a href="external2f.html" class="wikilink1" title="documentation:2.0:external2f">External Second Factor</a> <em>(OTP, SMS,…)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign">  ✔  </td><td class="col2"></td><td class="col3"></td>
+		<td class="col0"> <a href="totp2f.html" class="wikilink1" title="documentation:2.0:totp2f">TOTP</a> <em>(Google Authenticator,…)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign">  ✔  </td><td class="col2"></td><td class="col3"></td>
 	</tr>
 	<tr class="row33 rowodd">
-		<th class="col0"> Auth addons </th><th class="col1 centeralign">  Authentication  </th><td class="col2"></td><td class="col3"></td>
+		<td class="col0"> <a href="external2f.html" class="wikilink1" title="documentation:2.0:external2f">External Second Factor</a> <em>(OTP, SMS,…)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign">  ✔  </td><td class="col2"></td><td class="col3"></td>
 	</tr>
 	<tr class="row34 roweven">
+		<th class="col0"> Auth addons </th><th class="col1 centeralign">  Authentication  </th><td class="col2"></td><td class="col3"></td>
+	</tr>
+	<tr class="row35 rowodd">
 		<td class="col0"> <a href="autosignin.html" class="wikilink1" title="documentation:2.0:autosignin">Auto Signin</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign">  ✔  </td><td class="col2"></td><td class="col3"></td>
 	</tr>
 </table></div>
-<!-- EDIT9 TABLE [2221-4231] -->
+<!-- EDIT9 TABLE [2221-4313] -->
 <p>
 </div></div>
 </p>
@ -394,13 +397,13 @@
 		<td class="col0"> <a href="issuerdbget.html" class="wikilink1" title="documentation:2.0:issuerdbget">Get parameters provider</a> <em>(for poor applications)</em> </td><td class="col1 leftalign">   </td><td class="col2 centeralign">  ✔  </td>
 	</tr>
 </table></div>
-<!-- EDIT10 TABLE [4577-4938] -->
+<!-- EDIT10 TABLE [4659-5020] -->
 <p>
 </div></div>
 </p>

 </div>
-<!-- EDIT8 SECTION "Portal" [1685-4966] -->
+<!-- EDIT8 SECTION "Portal" [1685-5048] -->
 <h3 class="sectionedit11" id="handlers">Handlers</h3>
 <div class="level3">

@ -441,7 +444,7 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
 		<td class="col0"> <a href="applications/zimbra.html" class="wikilink1" title="documentation:2.0:applications:zimbra">Zimbra PreAuth</a> </td><td class="col1 centeralign">  ✔  </td><td class="col2 centeralign">  ✔  </td><td class="col3 leftalign">  </td><td class="col4 leftalign">  </td>
 	</tr>
 </table></div>
-<!-- EDIT12 TABLE [5205-6038] -->
+<!-- EDIT12 TABLE [5287-6120] -->
 <p>
 <em>(*): <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js handler</a> has not yet reached the same level of functionality.</em>
 </p>
@ -451,7 +454,7 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
 </p>

 </div>
-<!-- EDIT11 SECTION "Handlers" [4967-6161] -->
+<!-- EDIT11 SECTION "Handlers" [5049-6243] -->
 <h3 class="sectionedit13" id="llng_databases">LLNG databases</h3>
 <div class="level3">

@ -497,7 +500,7 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
 		<td class="col0 centeralign">  <a href="restconfbackend.html" class="wikilink1" title="documentation:2.0:restconfbackend">REST</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a>  </td><td class="col1 centeralign">  ✔  </td><td class="col2 leftalign"> Proxy backend to be used in conjunction with another configuration backend. <br/><strong>Can be used to secure another backend</strong> for remote servers.  </td>
 	</tr>
 </table></div>
-<!-- EDIT14 TABLE [6460-7442] --><div class="notetip">You can not start with an empty configuration, so read <a href="changeconfbackend.html" class="wikilink1" title="documentation:2.0:changeconfbackend">how to change configuration backend</a> to convert your existing configuration into another one.
+<!-- EDIT14 TABLE [6542-7524] --><div class="notetip">You can not start with an empty configuration, so read <a href="changeconfbackend.html" class="wikilink1" title="documentation:2.0:changeconfbackend">how to change configuration backend</a> to convert your existing configuration into another one.
 </div>
 <p>
 </div></div>
@ -552,13 +555,13 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
 <strong>Can be used to secure another backend</strong> for remote servers.  </td>
 	</tr>
 </table></div>
-<!-- EDIT15 TABLE [8307-9986] -->
+<!-- EDIT15 TABLE [8389-10068] -->
 <p>
 </div></div>
 </p>

 </div>
-<!-- EDIT13 SECTION "LLNG databases" [6162-10014] -->
+<!-- EDIT13 SECTION "LLNG databases" [6244-10096] -->
 <h2 class="sectionedit16" id="applications_protection">Applications protection</h2>
 <div class="level2">

@ -587,7 +590,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
 </p>

 </div>
-<!-- EDIT16 SECTION "Applications protection" [10015-10505] -->
+<!-- EDIT16 SECTION "Applications protection" [10097-10587] -->
 <h3 class="sectionedit17" id="well_known_compatible_applications">Well known compatible applications</h3>
 <div class="level3">
 <div class="noteclassic">Here is a list of well known applications that are compatible with <abbr title="LemonLDAP::NG">LL::NG</abbr>. A full list is available on <a href="applications.html" class="wikilink1" title="documentation:2.0:applications">vendor applications page</a>.
@ -662,6 +665,12 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
 </div>
 </p>

+<p>
+<div class="col-sm-3">
+<a href="applications/wordpress.html" class="media" title="documentation:2.0:applications:wordpress"><img src="icons/kmultiple.png" class="mediacenter" title="Wordpress" alt="Wordpress" /></a>
+</div>
+</p>
+
 <p>
 <div class="col-sm-3">
 <a href="applications/zimbra.html" class="media" title="documentation:2.0:applications:zimbra"><img src="icons/kmultiple.png" class="mediacenter" title="Zimbra" alt="Zimbra" /></a>
@ -673,7 +682,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
 </p>

 </div>
-<!-- EDIT17 SECTION "Well known compatible applications" [10506-12444] -->
+<!-- EDIT17 SECTION "Well known compatible applications" [10588-12668] -->
 <h2 class="sectionedit18" id="advanced_features">Advanced features</h2>
 <div class="level2">

@ -709,6 +718,8 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
 </li>
 <li class="level1"><div class="li"> <a href="servertoserver.html" class="wikilink1" title="documentation:2.0:servertoserver">Handling server webservice calls</a></div>
 </li>
+<li class="level1"><div class="li"> <a href="https://github.com/lemonldap-ng-controller/lemonldap-ng-controller" class="urlextern" title="https://github.com/lemonldap-ng-controller/lemonldap-ng-controller"  rel="nofollow">LemonLDAP::NG kubernetes controller</a></div>
+</li>
 <li class="level1"><div class="li"> <a href="safejail.html" class="wikilink1" title="documentation:2.0:safejail">Safe jail</a></div>
 </li>
 <li class="level1"><div class="li"> <a href="loginhistory.html" class="wikilink1" title="documentation:2.0:loginhistory">Login history</a></div>
@ -724,7 +735,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
 </p>

 </div>
-<!-- EDIT18 SECTION "Advanced features" [12445-13382] -->
+<!-- EDIT18 SECTION "Advanced features" [12669-13717] -->
 <h2 class="sectionedit19" id="mini_howtos">Mini howtos</h2>
 <div class="level2">

@ -755,7 +766,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
 </p>

 </div>
-<!-- EDIT19 SECTION "Mini howtos" [13383-14052] -->
+<!-- EDIT19 SECTION "Mini howtos" [13718-14387] -->
 <h2 class="sectionedit20" id="exploitation">Exploitation</h2>
 <div class="level2">

@ -788,7 +799,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
 </p>

 </div>
-<!-- EDIT20 SECTION "Exploitation" [14053-14473] -->
+<!-- EDIT20 SECTION "Exploitation" [14388-14808] -->
 <h2 class="sectionedit21" id="bug_report">Bug report</h2>
 <div class="level2">

@ -797,7 +808,7 @@ See <a href="bugreport.html" class="wikilink1" title="bugreport">How to report a
 </p>

 </div>
-<!-- EDIT21 SECTION "Bug report" [14474-14538] -->
+<!-- EDIT21 SECTION "Bug report" [14809-14873] -->
 <h2 class="sectionedit22" id="developer_corner">Developer corner</h2>
 <div class="level2">

@ -817,12 +828,18 @@ To develop a portal plugin, see manpages:
 <ul>
 <li class="level1"><div class="li"> Lemonldap::NG::Portal</div>
 </li>
-<li class="level1"><div class="li"> Lemonldap::NG::Portal::Auth::Base</div>
+<li class="level1"><div class="li"> Lemonldap::NG::Portal::Auth</div>
+</li>
+<li class="level1"><div class="li"> Lemonldap::NG::Portal::UserDB</div>
+</li>
+<li class="level1"><div class="li"> Lemonldap::NG::Portal::Main::SecondFactor</div>
 </li>
 <li class="level1"><div class="li"> Lemonldap::NG::Portal::Main::Issuer</div>
 </li>
 <li class="level1"><div class="li"> Lemonldap::NG::Portal::Main::Plugin</div>
 </li>
+<li class="level1"><div class="li"> Lemonldap::NG::Portal::Main::Request <em>(the request object)</em></div>
+</li>
 </ul>

 <p>
@ -862,6 +879,6 @@ To translate this doc (Manager help):
 </ul>

 </div>
-<!-- EDIT22 SECTION "Developer corner" [14539-] --></div>
+<!-- EDIT22 SECTION "Developer corner" [14874-] --></div>
 </body>
 </html>
--- a/doc/pages/documentation/current/totp2f.html
+++ b/doc/pages/documentation/current/totp2f.html
@ -0,0 +1,132 @@
+<!DOCTYPE html>
+<html lang="en" dir="ltr">
+<head>
+  <meta charset="utf-8" />
+  <title>documentation:2.0:totp2f</title>
+<meta name="generator" content="DokuWiki"/>
+<meta name="robots" content="noindex,nofollow"/>
+<meta name="keywords" content="documentation,2.0,totp2f"/>
+<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
+<link rel="start" href="totp2f.html"/>
+<link rel="contents" href="totp2f.html" title="Sitemap"/>
+<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
+<!-- //if:usedebianlibs
+  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
+//elsif:useexternallibs
+  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
+//elsif:cssminified
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
+//else -->
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
+<!-- //endif -->
+<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:totp2f","namespace":"documentation:2.0"};
+/*!]]>*/</script>
+<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
+<!-- //if:usedebianlibs
+<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
+//elsif:useexternallibs
+<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
+//elsif:jsminified
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
+//else -->
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
+<!-- //endif -->
+<!-- //if:usedebianlibs
+  <script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
+//elsif:useexternallibs
+  <script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
+//elsif:jsminified
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
+//else -->
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script>
+<!-- //endif -->
+</head>
+<body>
+<div class="dokuwiki export container">
+<!-- TOC START -->
+<div id="dw__toc">
+<h3 class="toggle">Table of Contents</h3>
+<div>
+
+<ul class="toc">
+<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div></li>
+<li class="level1"><div class="li"><a href="#assistance">Assistance</a></div></li>
+<li class="level1"><div class="li"><a href="#developer_corner">Developer corner</a></div></li>
+</ul>
+</div>
+</div>
+<!-- TOC END -->
+
+<h1 class="sectionedit1" id="totp_2nd_factor_authentication_u2f">TOTP 2nd Factor Authentication (U2F)</h1>
+<div class="level1">
+
+<p>
+<a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm" class="urlextern" title="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm"  rel="nofollow">Time based One Time Password</a> (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time. This is currently what <a href="https://en.wikipedia.org/wiki/Google_Authenticator" class="urlextern" title="https://en.wikipedia.org/wiki/Google_Authenticator"  rel="nofollow">Google Authenticator</a> or <a href="https://freeotp.github.io/" class="urlextern" title="https://freeotp.github.io/"  rel="nofollow">FreeOTP</a> use.
+</p>
+
+<p>
+LLNG can propose to users to register this kind of software to increase authentication level.
+</p>
+<div class="notetip">Note that it&#039;s a second factor, not an authentication module. Users are authenticated by both login form and TOTP.
+</div>
+</div>
+<!-- EDIT1 SECTION "TOTP 2nd Factor Authentication (U2F)" [1-633] -->
+<h2 class="sectionedit2" id="configuration">Configuration</h2>
+<div class="level2">
+
+<p>
+In the manager (advanced parameters), you just have to enable it:
+</p>
+<ul>
+<li class="level1"><div class="li"> TOTP ⇒ Activation: set it to “on”</div>
+</li>
+<li class="level1"><div class="li"> TOTP ⇒ Self registration: set it to “on” <em>(to display this application on the menu, create an application that points to <a href="https://auth.your.domain/totpregister.html" class="urlextern" title="https://auth.your.domain/totpregister.html"  rel="nofollow">https://auth.your.domain/totpregister.html</a>)</em></div>
+</li>
+<li class="level1"><div class="li"> TOTP ⇒ Authentication level: you can overwrite here auth level for TOTP registered users. Leave it blank keeps auth level provided by first authentication module <em>(default: 2 for user/password based modules)</em></div>
+</li>
+<li class="level1"><div class="li"> TOTP ⇒ Issuer: default to portal hostname</div>
+</li>
+<li class="level1"><div class="li"> TOTP ⇒ Interval: interval for TOTP algorithm (default: 30)</div>
+</li>
+<li class="level1"><div class="li"> TOTP ⇒ Range: number of additional intervals to test (default: 1)</div>
+</li>
+<li class="level1"><div class="li"> TOTP ⇒ Digits: number of digit of codes (default: 6)</div>
+</li>
+</ul>
+<div class="noteimportant">If you want to use a custom rule for “activation” and want to keep self-registration, you must include this in your rule that <code>$_totp2fSecret</code> is set, else TOTP will be required even if users are not registered. This is automatically done when “activation” is simply set to “on”.
+</div>
+</div>
+<!-- EDIT2 SECTION "Configuration" [634-1701] -->
+<h2 class="sectionedit3" id="assistance">Assistance</h2>
+<div class="level2">
+
+<p>
+If a user lost its key, you may remove it&#039;s persistent session using the session explorer.
+</p>
+
+</div>
+<!-- EDIT3 SECTION "Assistance" [1702-1817] -->
+<h2 class="sectionedit4" id="developer_corner">Developer corner</h2>
+<div class="level2">
+
+<p>
+If you have another TOTP registration interface, you have to populate session (using exported variables) to set these keys:
+</p>
+<div class="table sectionedit5"><table class="inline table table-bordered table-striped">
+	<thead>
+	<tr class="row0 roweven">
+		<th class="col0"> Name </th><th class="col1"> Value </th>
+	</tr>
+	</thead>
+	<tr class="row1 rowodd">
+		<td class="col0"> _totp2fSecret </td><td class="col1"> key handle value, base32 encoded </td>
+	</tr>
+	<tr class="row2 roweven">
+		<td class="col0"> _u2fUserKey </td><td class="col1"> user key value, base64 encoded </td>
+	</tr>
+</table></div>
+<!-- EDIT5 TABLE [1973-2091] -->
+</div>
+<!-- EDIT4 SECTION "Developer corner" [1818-] --></div>
+</body>
+</html>
--- a/doc/pages/documentation/current/u2f.html
+++ b/doc/pages/documentation/current/u2f.html
@ -51,6 +51,7 @@
 <ul class="toc">
 <li class="level1"><div class="li"><a href="#prerequisites_and_dependencies">Prerequisites and dependencies</a></div></li>
 <li class="level1"><div class="li"><a href="#configuration">Configuration</a></div></li>
+<li class="level1"><div class="li"><a href="#browser_compatibility">Browser compatibility</a></div></li>
 <li class="level1"><div class="li"><a href="#assistance">Assistance</a></div></li>
 <li class="level1"><div class="li"><a href="#developer_corner">Developer corner</a></div></li>
 </ul>
@ -78,9 +79,10 @@ LLNG can propose to users to register their keys. When done, registered user can
 <p>
 This feature uses <a href="https://metacpan.org/pod/Crypt::U2F::Server::Simple" class="urlextern" title="https://metacpan.org/pod/Crypt::U2F::Server::Simple"  rel="nofollow">Crypt::U2F::Server::Simple</a> that is available only via CPAN for now. Before compiling it, you must install Yubico&#039;s C library headers (called libu2f-server-dev on Debian).
 </p>
-
+<div class="noteimportant">An HTTPS portal is required to use U2F
 </div>
-<!-- EDIT2 SECTION "Prerequisites and dependencies" [522-811] -->
+</div>
+<!-- EDIT2 SECTION "Prerequisites and dependencies" [522-873] -->
 <h2 class="sectionedit3" id="configuration">Configuration</h2>
 <div class="level2">

@ -90,7 +92,7 @@ In the manager (advanced parameters), you just have to enable it:
 <ul>
 <li class="level1"><div class="li"> U2F ⇒ Activation: set it to “on”</div>
 </li>
-<li class="level1"><div class="li"> U2F ⇒ Self registration: set it to “on” <em>(to display this application on the menu, create an application that points to <a href="http://auth.your.domain/u2fregister.html" class="urlextern" title="http://auth.your.domain/u2fregister.html"  rel="nofollow">http://auth.your.domain/u2fregister.html</a>)</em></div>
+<li class="level1"><div class="li"> U2F ⇒ Self registration: set it to “on” <em>(to display this application on the menu, create an application that points to <a href="https://auth.your.domain/u2fregister.html" class="urlextern" title="https://auth.your.domain/u2fregister.html"  rel="nofollow">https://auth.your.domain/u2fregister.html</a>)</em></div>
 </li>
 <li class="level1"><div class="li"> U2F ⇒ Authentication level: you can overwrite here auth level for U2F registered users. Leave it blank keeps auth level provided by first authentication module <em>(default: 2 for user/password based modules)</em></div>
 </li>
@ -98,8 +100,29 @@ In the manager (advanced parameters), you just have to enable it:
 <div class="noteimportant">If you want to use a custom rule for “activation” and want to keep self-registration, you must include this in your rule: <code>$_u2fKeyHandle and $_u2fUserKey</code>, else U2F will be required even if users are not registered. This is automatically done when “activation” is simply set to “on”.
 </div>
 </div>
-<!-- EDIT3 SECTION "Configuration" [812-1637] -->
-<h2 class="sectionedit4" id="assistance">Assistance</h2>
+<!-- EDIT3 SECTION "Configuration" [874-1701] -->
+<h2 class="sectionedit4" id="browser_compatibility">Browser compatibility</h2>
+<div class="level2">
+<ul>
+<li class="level1"><div class="li"> Chrome/Chromium &gt;= 38</div>
+</li>
+<li class="level1"><div class="li"> Firefox :</div>
+<ul>
+<li class="level2"><div class="li"> 38 to 56 with <a href="https://addons.mozilla.org/fr/firefox/addon/u2f-support-add-on/" class="urlextern" title="https://addons.mozilla.org/fr/firefox/addon/u2f-support-add-on/"  rel="nofollow">U2F Support Add-on</a></div>
+</li>
+<li class="level2"><div class="li"> 57 to 58, with “security.webauth.u2f” set to “true” in “about:config” <em>(see <a href="https://www.yubico.com/2017/11/how-to-navigate-fido-u2f-in-firefox-quantum/" class="urlextern" title="https://www.yubico.com/2017/11/how-to-navigate-fido-u2f-in-firefox-quantum/"  rel="nofollow">Yubico explanations</a>)</em></div>
+</li>
+<li class="level2"><div class="li"> probably enabled by default for versions &gt;= 59</div>
+</li>
+</ul>
+</li>
+<li class="level1"><div class="li"> Opera &gt;= 40</div>
+</li>
+</ul>
+
+</div>
+<!-- EDIT4 SECTION "Browser compatibility" [1702-2139] -->
+<h2 class="sectionedit5" id="assistance">Assistance</h2>
 <div class="level2">

 <p>
@ -107,14 +130,14 @@ If a user lost its key, you may remove it&#039;s persistent session using the se
 </p>

 </div>
-<!-- EDIT4 SECTION "Assistance" [1638-1753] -->
-<h2 class="sectionedit5" id="developer_corner">Developer corner</h2>
+<!-- EDIT5 SECTION "Assistance" [2140-2255] -->
+<h2 class="sectionedit6" id="developer_corner">Developer corner</h2>
 <div class="level2">

 <p>
 If you have another U2F registration interface, you have to populate session (using exported variables) to set these keys:
 </p>
-<div class="table sectionedit6"><table class="inline table table-bordered table-striped">
+<div class="table sectionedit7"><table class="inline table table-bordered table-striped">
 	<thead>
 	<tr class="row0 roweven">
 		<th class="col0"> Name </th><th class="col1"> Value </th>
@ -127,12 +150,12 @@ If you have another U2F registration interface, you have to populate session (us
 		<td class="col0"> _u2fUserKey </td><td class="col1"> user key value, base64 encoded </td>
 	</tr>
 </table></div>
-<!-- EDIT6 TABLE [1908-2026] -->
+<!-- EDIT7 TABLE [2410-2528] -->
 <p>
 Note that both “origin” and “appId” are fixed to portal <abbr title="Uniform Resource Locator">URL</abbr>.
 </p>

 </div>
-<!-- EDIT5 SECTION "Developer corner" [1754-] --></div>
+<!-- EDIT6 SECTION "Developer corner" [2256-] --></div>
 </body>
 </html>
--- a/omegat.files/fr/fr-level1.tmx
+++ b/omegat.files/fr/fr-level1.tmx
--- a/omegat.files/fr/fr-level2.tmx
+++ b/omegat.files/fr/fr-level2.tmx
--- a/omegat.files/fr/fr-omegat.tmx
+++ b/omegat.files/fr/fr-omegat.tmx
--- a/omegat.files/fr/omegat/project_stats.txt
+++ b/omegat.files/fr/omegat/project_stats.txt
@ -1,11 +1,11 @@
-24/10/17 13:02
+21/02/18 22:15
 Données du projet

                           	Segments	 Mots	Caractères (sans espaces)	Caractères (avec espaces)	
-Total :                    	   16149	70628	                   490916	                   535965	
-Restants :                 	    8573	32459	                   257983	                   273935	
-Segments uniques :         	    7825	51192	                   329450	                   369099	
-Segments uniques restants :	    3958	21472	                   157096	                   171487	
+Total :                    	   16932	74241	                   516725	                   564312	
+Restants :                 	    9361	36855	                   288223	                   307414	
+Segments uniques :         	    8256	53976	                   347912	                   389948	
+Segments uniques restants :	    4507	25145	                   180875	                   198389	


 Statistiques par fichiers :
@ -14,27 +14,28 @@ Nom du fichier
 index.html                                                                                                                 	             5	                4	               4	                        3	        19	           18	          15	                   14	                            165	                               152	                              132	                                       119	                            169	                               156	                              134	                                       121	
 pages/documentation/current/activedirectoryminihowto.html                                                                  	            24	               13	              23	                       12	       122	           31	         121	                   30	                            939	                               346	                              910	                                       317	                           1021	                               346	                              992	                                       317	
 pages/documentation/current/applications/adfs.html                                                                         	            32	               21	              19	                       17	       196	          168	         164	                  159	                           1152	                               949	                              924	                                       881	                           1290	                              1075	                             1053	                                      1007	
-pages/documentation/current/applications/alfresco.html                                                                     	            89	               62	              68	                       50	       415	          243	         365	                  208	                           3298	                              2300	                             2885	                                      1984	                           3498	                              2369	                             3082	                                      2053	
-pages/documentation/current/applications/authbasic.html                                                                    	            45	               18	              30	                       10	       370	           63	         337	                   43	                           2292	                               582	                             1984	                                       396	                           2576	                               601	                             2268	                                       415	
+pages/documentation/current/applications/alfresco.html                                                                     	           319	              267	             270	                      248	      1444	         1220	        1312	                 1161	                          10955	                              9627	                             9869	                                      9025	                          12189	                             10703	                            11067	                                     10100	
+pages/documentation/current/applications/authbasic.html                                                                    	            45	               18	              31	                       10	       370	           63	         338	                   43	                           2292	                               582	                             1997	                                       396	                           2576	                               601	                             2281	                                       415	
+pages/documentation/current/applications/aws.html                                                                          	            91	               77	              66	                       64	       807	          768	         719	                  716	                           4667	                              4382	                             3885	                                      3870	                           5292	                              4982	                             4486	                                      4470	
 pages/documentation/current/applications/bugzilla_logo.png_documentation_2.0_applications_bugzilla.html                    	            38	               34	              24	                       23	        88	           82	          58	                   56	                            761	                               714	                              503	                                       473	                            770	                               723	                              512	                                       482	
-pages/documentation/current/applications/bugzilla.html                                                                     	            95	               56	              70	                       43	       268	          131	         217	                  102	                           2421	                              1502	                             1949	                                      1230	                           2575	                              1555	                             2092	                                      1279	
-pages/documentation/current/applications/cornerstone.html                                                                  	            84	               37	              49	                       26	       423	          165	         345	                  139	                           2980	                              1492	                             2347	                                      1252	                           3207	                              1529	                             2552	                                      1287	
+pages/documentation/current/applications/bugzilla.html                                                                     	            95	               56	              70	                       44	       268	          131	         217	                  103	                           2421	                              1502	                             1958	                                      1244	                           2575	                              1555	                             2101	                                      1293	
+pages/documentation/current/applications/cornerstone.html                                                                  	            84	               37	              48	                       26	       423	          165	         342	                  139	                           2980	                              1492	                             2325	                                      1252	                           3207	                              1529	                             2528	                                      1287	
 pages/documentation/current/applications/csod_logo.png_documentation_2.0_applications_cornerstone.html                     	            38	               35	               8	                        8	        88	           84	          25	                   25	                            747	                               730	                              242	                                       242	                            756	                               739	                              248	                                       248	
 pages/documentation/current/applications/django.html                                                                       	            21	               12	              10	                        5	        79	           44	          53	                   24	                            626	                               389	                              393	                                       213	                            656	                               396	                              423	                                       220	
 pages/documentation/current/applications/dokuwiki_logo.png_documentation_2.0_applications_dokuwiki.html                    	            38	               34	               9	                        8	        88	           82	          27	                   25	                            762	                               715	                              302	                                       272	                            771	                               724	                              308	                                       278	
-pages/documentation/current/applications/dokuwiki.html                                                                     	           104	               59	              35	                       13	       386	          135	         229	                   28	                           3138	                              1589	                             1581	                                       433	                           3388	                              1640	                             1757	                                       438	
+pages/documentation/current/applications/dokuwiki.html                                                                     	           110	               83	              41	                       31	       380	          239	         213	                  115	                           3270	                              2425	                             1642	                                      1124	                           3495	                              2534	                             1788	                                      1183	
 pages/documentation/current/applications/drupal_logo.png_documentation_2.0_applications_drupal.html                        	            38	               34	               9	                        8	        88	           82	          27	                   25	                            735	                               690	                              284	                                       256	                            744	                               699	                              290	                                       262	
-pages/documentation/current/applications/drupal.html                                                                       	           129	               75	              47	                       25	       493	          196	         278	                   81	                           3988	                              2143	                             1952	                                       853	                           4288	                              2224	                             2149	                                       885	
+pages/documentation/current/applications/drupal.html                                                                       	           129	               75	              53	                       28	       493	          196	         305	                   86	                           3988	                              2143	                             2168	                                       950	                           4288	                              2224	                             2383	                                       982	
 pages/documentation/current/applications/fusiondirectory.html                                                              	            37	               27	              14	                       14	       121	           93	          61	                   61	                           1135	                               965	                              615	                                       615	                           1180	                               995	                              643	                                       643	
 pages/documentation/current/applications/glpi.html                                                                         	            27	               16	              15	                        8	       168	           65	         139	                   41	                           1239	                               602	                              989	                                       392	                           1345	                               620	                             1095	                                       410	
 pages/documentation/current/applications/googleapps_logo.png_documentation_2.0_applications_googleapps.html                	            38	               34	              10	                        9	        88	           82	          28	                   26	                            788	                               739	                              320	                                       288	                            797	                               748	                              326	                                       294	
 pages/documentation/current/applications/googleapps.html                                                                   	           144	               34	              72	                       16	       823	           81	         582	                   44	                           5922	                              1084	                             4040	                                       705	                           6412	                              1087	                             4423	                                       706	
-pages/documentation/current/applications/grr.html                                                                          	            21	               12	               9	                        5	        73	           32	          46	                   13	                            464	                               266	                              259	                                       113	                            495	                               266	                              288	                                       113	
+pages/documentation/current/applications/grr.html                                                                          	            45	               34	              22	                       19	       151	          123	         101	                   84	                           1049	                               878	                              633	                                       552	                           1132	                               945	                              705	                                       610	
 pages/documentation/current/applications/http_logo.png_documentation_2.0_applications_authbasic.html                       	            38	               34	               7	                        7	        89	           83	          25	                   25	                            736	                               693	                              235	                                       235	                            745	                               702	                              241	                                       241	
 pages/documentation/current/applications/liferay_logo.png_documentation_2.0_applications_liferay.html                      	            38	               34	              10	                        9	        89	           83	          29	                   27	                            749	                               703	                              296	                                       267	                            758	                               712	                              302	                                       273	
 pages/documentation/current/applications/liferay.html                                                                      	           139	               67	              66	                       23	       562	          193	         390	                   91	                           4454	                              2375	                             2857	                                      1271	                           4774	                              2423	                             3092	                                      1275	
 pages/documentation/current/applications/limesurvey_logo.png_documentation_2.0_applications_limesurvey.html                	            38	               34	              10	                        9	        89	           83	          29	                   27	                            790	                               741	                              320	                                       288	                            799	                               750	                              326	                                       294	
-pages/documentation/current/applications/limesurvey.html                                                                   	           139	               56	              76	                       16	       470	          149	         329	                   57	                           3892	                              1533	                             2549	                                       578	                           4197	                              1602	                             2782	                                       603	
+pages/documentation/current/applications/limesurvey.html                                                                   	           100	               53	              63	                       35	       439	          293	         365	                  254	                           3311	                              2360	                             2571	                                      1916	                           3588	                              2553	                             2838	                                      2106	
 pages/documentation/current/applications/mediawiki_logo.png_documentation_2.0_applications_mediawiki.html                  	            38	               34	               8	                        7	        89	           83	          27	                   25	                            775	                               727	                              306	                                       275	                            784	                               736	                              312	                                       281	
 pages/documentation/current/applications/mediawiki.html                                                                    	           140	               82	              55	                       30	       694	          428	         476	                  303	                           6002	                              3982	                             3768	                                      2604	                           6469	                              4284	                             4155	                                      2862	
 pages/documentation/current/applications/my_domain_salesforce-resize-web.png_documentation_2.0_applications_salesforce.html	            38	               35	              11	                       11	        89	           85	          30	                   30	                            918	                               901	                              404	                                       404	                            927	                               910	                              410	                                       410	
@ -42,33 +43,38 @@ pages/documentation/current/applications/nextcloud.html
 pages/documentation/current/applications/nginx.html                                                                        	            19	               12	              10	                        6	        96	           33	          76	                   17	                            596	                               284	                              439	                                       154	                            650	                               284	                              493	                                       154	
 pages/documentation/current/applications/obm_logo.png_documentation_2.0_applications_obm.html                              	            38	               34	              10	                        9	        87	           81	          27	                   25	                            698	                               656	                              265	                                       240	                            707	                               665	                              271	                                       246	
 pages/documentation/current/applications/obm.html                                                                          	           232	               52	             149	                       13	       587	          120	         414	                   32	                           5649	                              1216	                             4172	                                       308	                           6864	                              1267	                             5315	                                       318	
+pages/documentation/current/applications/office365.html                                                                    	            73	               54	              37	                       37	       401	          352	         291	                  291	                           3073	                              2706	                             2145	                                      2145	                           3288	                              2894	                             2329	                                      2329	
 pages/documentation/current/applications/phpldapadmin_logo.png_documentation_2.0_applications_phpldapadmin.html            	            38	               34	               9	                        8	        89	           83	          28	                   26	                            815	                               764	                              333	                                       299	                            824	                               773	                              339	                                       305	
 pages/documentation/current/applications/phpldapadmin.html                                                                 	            90	               52	              24	                        8	       327	          120	         171	                   18	                           2803	                              1442	                             1238	                                       323	                           2998	                              1489	                             1354	                                       326	
-pages/documentation/current/applications/roundcube.html                                                                    	            44	               24	              19	                        9	       161	           55	         114	                   23	                           1248	                               566	                              815	                                       261	                           1337	                               573	                              902	                                       266	
+pages/documentation/current/applications/roundcube.html                                                                    	            44	               24	              18	                        8	       161	           55	         113	                   22	                           1248	                               566	                              803	                                       249	                           1337	                               573	                              890	                                       254	
 pages/documentation/current/applications/salesforce.html                                                                   	           124	               40	              77	                       20	       761	          112	         638	                   69	                           4852	                              1367	                             3813	                                       901	                           5433	                              1399	                             4345	                                       931	
 pages/documentation/current/applications/salesforce-logo.jpg_documentation_2.0_applications_salesforce.html                	            38	               35	               8	                        8	        88	           84	          18	                   18	                            792	                               775	                              196	                                       196	                            801	                               784	                              198	                                       198	
 pages/documentation/current/applications/saml_sso_settings-resize-web.png_documentation_2.0_applications_salesforce.html   	            38	               35	               5	                        5	        88	           84	          11	                   11	                            895	                               878	                              198	                                       198	                            904	                               887	                              199	                                       199	
+pages/documentation/current/applications/sap.html                                                                          	            25	               17	              11	                        9	        96	           73	          56	                   47	                            934	                               724	                              589	                                       495	                            943	                               733	                              597	                                       503	
+pages/documentation/current/applications/saplogo.gif_documentation_2.0_applications_sap.html                               	            38	               35	               9	                        9	        89	           85	          27	                   27	                            689	                               672	                              221	                                       221	                            698	                               681	                              227	                                       227	
+pages/documentation/current/applications/screenshot_dokuwiki_configuration.png_documentation_2.0_applications_dokuwiki.html	            38	               35	               7	                        7	        89	           85	          18	                   18	                            924	                               907	                              230	                                       230	                            933	                               916	                              232	                                       232	
 pages/documentation/current/applications/simplesamlphp.html                                                                	           161	              134	             103	                      101	       837	          766	         653	                  646	                           6166	                              5601	                             4583	                                      4518	                           6664	                              6084	                             5039	                                      4972	
 pages/documentation/current/applications/spring_logo.png_documentation_2.0_applications_spring.html                        	            38	               34	              10	                        9	        88	           82	          28	                   26	                            736	                               691	                              288	                                       260	                            745	                               700	                              294	                                       266	
 pages/documentation/current/applications/spring.html                                                                       	            37	               11	              21	                        3	       183	           29	         143	                   11	                           1896	                               289	                             1521	                                       132	                           1974	                               289	                             1599	                                       132	
 pages/documentation/current/applications/sympa_logo.png_documentation_2.0_applications_sympa.html                          	            38	               34	               9	                        8	        89	           83	          28	                   26	                            723	                               679	                              277	                                       250	                            732	                               688	                              283	                                       256	
 pages/documentation/current/applications/sympa.html                                                                        	           107	               55	              37	                       12	       392	          129	         230	                   31	                           3018	                              1443	                             1507	                                       382	                           3361	                              1492	                             1771	                                       390	
 pages/documentation/current/applications/tomcat_logo.png_documentation_2.0_applications_tomcat.html                        	            38	               35	              10	                       10	        87	           83	          27	                   27	                            736	                               719	                              288	                                       288	                            745	                               728	                              294	                                       294	
-pages/documentation/current/applications/tomcat.html                                                                       	            87	               18	              50	                        4	       431	           44	         365	                   15	                           2884	                               457	                             2276	                                       170	                           3164	                               460	                             2551	                                       171	
+pages/documentation/current/applications/tomcat.html                                                                       	            87	               18	              52	                        5	       431	           44	         368	                   17	                           2884	                               457	                             2314	                                       200	                           3164	                               460	                             2589	                                       201	
 pages/documentation/current/applications/user_federation_id-resize-web.png_documentation_2.0_applications_salesforce.html  	            38	               35	               5	                        5	        87	           83	          10	                   10	                            902	                               885	                              200	                                       200	                            911	                               894	                              201	                                       201	
+pages/documentation/current/applications/wordpress.html                                                                    	            65	               49	              31	                       30	       260	          226	         177	                  176	                           1825	                              1530	                             1071	                                      1068	                           1977	                              1666	                             1199	                                      1196	
 pages/documentation/current/applications/zimbra_logo.png_documentation_2.0_applications_zimbra.html                        	            38	               34	               9	                        8	        87	           81	          26	                   24	                            737	                               692	                              285	                                       257	                            746	                               701	                              291	                                       263	
 pages/documentation/current/applications/zimbra.html                                                                       	            97	               24	              46	                       10	       523	           84	         388	                   53	                           3623	                               784	                             2461	                                       484	                           3962	                               818	                             2761	                                       516	
-pages/documentation/current/applications.html                                                                              	           175	              115	              70	                       45	       424	          284	         172	                   94	                           3948	                              2858	                             1646	                                      1072	                           4015	                              2879	                             1701	                                      1089	
-pages/documentation/current/authad.html                                                                                    	            53	               17	              33	                        7	       343	           39	         308	                   15	                           2015	                               328	                             1726	                                       135	                           2286	                               332	                             1993	                                       137	
+pages/documentation/current/applications.html                                                                              	           291	              207	              66	                       62	       756	          656	         256	                  253	                           6668	                              5925	                             2020	                                      1992	                           6874	                              6090	                             2166	                                      2138	
+pages/documentation/current/authad.html                                                                                    	            53	               17	              32	                        7	       343	           39	         308	                   15	                           2015	                               328	                             1725	                                       135	                           2286	                               332	                             1992	                                       137	
 pages/documentation/current/authapache.html                                                                                	            85	               32	              42	                       19	       378	           88	         291	                   59	                           2607	                               730	                             1855	                                       477	                           2839	                               760	                             2075	                                       505	
-pages/documentation/current/authcas.html                                                                                   	            76	               25	              33	                       17	       372	          145	         265	                  123	                           2422	                               910	                             1486	                                       712	                           2682	                              1007	                             1704	                                       809	
+pages/documentation/current/authcas.html                                                                                   	            76	               25	              30	                       15	       372	          145	         260	                  119	                           2422	                               910	                             1448	                                       677	                           2682	                              1007	                             1666	                                       774	
 pages/documentation/current/authchoice.html                                                                                	            55	               13	              30	                        5	       252	           37	         210	                   17	                           1588	                               316	                             1228	                                       146	                           1767	                               323	                             1401	                                       153	
-pages/documentation/current/authcombination.html                                                                           	           187	              140	             123	                      112	      1019	          872	         885	                  810	                           5963	                              4986	                             4843	                                      4444	                           6768	                              5692	                             5599	                                      5137	
+pages/documentation/current/authcombination.html                                                                           	           187	              140	             122	                      112	      1019	          872	         883	                  810	                           5963	                              4986	                             4832	                                      4444	                           6768	                              5692	                             5587	                                      5137	
 pages/documentation/current/authcustom.html                                                                                	            26	               16	              10	                       10	       107	           99	          83	                   83	                            689	                               619	                              490	                                       490	                            756	                               686	                              557	                                       557	
 pages/documentation/current/authdbi.html                                                                                   	           179	               49	             107	                       38	       739	          289	         618	                  253	                           4728	                              1835	                             3733	                                      1562	                           5229	                              2045	                             4208	                                      1760	
 pages/documentation/current/authdemo.html                                                                                  	            50	               12	              22	                        4	       186	           39	         141	                   19	                           1165	                               304	                              803	                                       130	                           1277	                               314	                              911	                                       140	
 pages/documentation/current/authfacebook.html                                                                              	            54	               18	              31	                       11	       309	          104	         253	                   82	                           1967	                               669	                             1457	                                       476	                           2176	                               734	                             1659	                                       541	
-pages/documentation/current/authkerberos.html                                                                              	            41	               29	              13	                       13	       162	          137	          97	                   97	                           1161	                               992	                              620	                                       620	                           1258	                              1076	                              700	                                       700	
+pages/documentation/current/authkerberos.html                                                                              	            62	               47	              32	                       30	       296	          263	         225	                  219	                           1997	                              1752	                             1420	                                      1357	                           2202	                              1942	                             1605	                                      1540	
 pages/documentation/current/authldap.html                                                                                  	           145	               39	              80	                       15	       882	          136	         722	                   88	                           5673	                              1258	                             4347	                                       792	                           6306	                              1318	                             4932	                                       850	
 pages/documentation/current/authlinkedin.html                                                                              	            40	               28	              19	                       19	       187	          162	         136	                  136	                           1301	                              1097	                              859	                                       859	                           1407	                              1197	                              959	                                       959	
 pages/documentation/current/authmulti.html                                                                                 	            15	               12	               3	                        2	        48	           42	          21	                   18	                            362	                               326	                              125	                                       104	                            378	                               340	                              141	                                       118	
@ -76,18 +82,19 @@ pages/documentation/current/authnull.html
 pages/documentation/current/authopenid.html                                                                                	            63	               19	              32	                        5	       280	           73	         214	                   41	                           1810	                               547	                             1217	                                       228	                           1991	                               577	                             1388	                                       258	
 pages/documentation/current/authopenidconnect_franceconnect.html                                                           	            59	               29	              36	                       15	       337	          114	         271	                   70	                           2712	                              1438	                             2092	                                       955	                           2895	                              1445	                             2263	                                       960	
 pages/documentation/current/authopenidconnect_google.html                                                                  	            71	               33	              34	                       16	       373	           88	         236	                   33	                           2655	                              1043	                             1583	                                       441	                           2879	                              1045	                             1750	                                       441	
-pages/documentation/current/authopenidconnect.html                                                                         	           248	              105	             142	                       63	      1071	          308	         861	                  200	                           6955	                              2855	                             5142	                                      1714	                           7659	                              2965	                             5813	                                      1817	
+pages/documentation/current/authopenidconnect.html                                                                         	           248	              105	             141	                       62	      1071	          308	         859	                  198	                           6955	                              2855	                             5129	                                      1701	                           7659	                              2965	                             5799	                                      1803	
 pages/documentation/current/authpam.html                                                                                   	            43	               25	              19	                       15	       148	           96	          93	                   69	                           1092	                               755	                              661	                                       521	                           1170	                               804	                              724	                                       567	
 pages/documentation/current/authproxy.html                                                                                 	            62	               29	              29	                       20	       297	          174	         231	                  151	                           1950	                              1161	                             1424	                                       972	                           2147	                              1276	                             1605	                                      1085	
 pages/documentation/current/authradius.html                                                                                	            46	               13	              15	                        4	       190	           29	         105	                    8	                           1313	                               279	                              689	                                        92	                           1426	                               281	                              769	                                        92	
-pages/documentation/current/authremote.html                                                                                	           101	               31	              55	                       11	       591	           85	         491	                   41	                           3785	                               941	                             2927	                                       491	                           4221	                               959	                             3339	                                       507	
+pages/documentation/current/authremote.html                                                                                	           101	               31	              53	                        9	       591	           85	         487	                   37	                           3785	                               941	                             2872	                                       436	                           4221	                               959	                             3284	                                       452	
 pages/documentation/current/authrest.html                                                                                  	            68	               43	              26	                       26	       246	          205	         154	                  154	                           1566	                              1230	                              869	                                       869	                           1709	                              1355	                              978	                                       978	
-pages/documentation/current/authsaml.html                                                                                  	           147	               39	              73	                       18	       943	          198	         745	                  152	                           5653	                              1452	                             4154	                                      1014	                           6393	                              1578	                             4805	                                      1138	
+pages/documentation/current/authsaml.html                                                                                  	           147	               39	              72	                       18	       943	          198	         744	                  152	                           5653	                              1452	                             4150	                                      1014	                           6393	                              1578	                             4801	                                      1138	
 pages/documentation/current/authslave.html                                                                                 	            54	               13	              22	                        5	       282	           61	         211	                   41	                           1643	                               410	                             1123	                                       235	                           1850	                               440	                             1305	                                       265	
 pages/documentation/current/authssl.html                                                                                   	           205	              135	             132	                       92	      1032	          522	         847	                  423	                           7064	                              4071	                             5578	                                      3207	                           7703	                              4331	                             6171	                                      3455	
 pages/documentation/current/authtwitter.html                                                                               	            44	                9	              18	                        3	       206	           23	         132	                    7	                           1404	                               204	                              786	                                        74	                           1532	                               204	                              886	                                        74	
 pages/documentation/current/authwebid.html                                                                                 	            70	               16	              30	                        5	       304	           45	         188	                   20	                           2066	                               460	                             1247	                                       250	                           2238	                               468	                             1372	                                       256	
 pages/documentation/current/authyubikey.html                                                                               	            49	               13	              25	                        7	       247	           66	         181	                   50	                           1570	                               420	                             1004	                                       290	                           1736	                               457	                             1146	                                       327	
+pages/documentation/current/autosignin.html                                                                                	            25	               18	              13	                       12	        96	           87	          72	                   71	                            603	                               543	                              418	                                       414	                            659	                               598	                              473	                                       469	
 pages/documentation/current/browseablesessionbackend.html                                                                  	           186	               79	             132	                       65	       892	          372	         779	                  334	                           5990	                              2741	                             5106	                                      2464	                           6585	                              2979	                             5671	                                      2689	
 pages/documentation/current/captcha.html                                                                                   	            25	               11	              15	                        5	       158	           44	         137	                   28	                            866	                               291	                              700	                                       165	                            985	                               309	                              819	                                       183	
 pages/documentation/current/cda.html                                                                                       	            50	               23	              22	                       11	       267	          115	         199	                   82	                           1668	                               760	                             1072	                                       463	                           1848	                               824	                             1238	                                       525	
@ -95,8 +102,8 @@ pages/documentation/current/changeconfbackend.html
 pages/documentation/current/configapache.html                                                                              	            34	               19	              25	                       13	       194	           65	         173	                   49	                           1284	                               470	                             1125	                                       339	                           1390	                               501	                             1231	                                       370	
 pages/documentation/current/configlocation.html                                                                            	           456	              253	             334	                      175	      2318	          915	        2025	                  754	                          16255	                              7892	                            13863	                                      6344	                          18069	                              8480	                            15516	                                      6854	
 pages/documentation/current/confignginx.html                                                                               	            46	               32	              24	                       17	       260	          193	         204	                  148	                           1923	                              1524	                             1524	                                      1189	                           2048	                              1605	                             1634	                                      1255	
-pages/documentation/current/configvhost.html                                                                               	           248	              147	             108	                       62	      1000	          440	         618	                  236	                           7971	                              4616	                             4385	                                      2304	                           8686	                              4861	                             4835	                                      2429	
-pages/documentation/current/customfunctions.html                                                                           	            71	               41	              46	                       25	       372	          156	         307	                  117	                           2599	                              1232	                             2070	                                       855	                           2841	                              1313	                             2294	                                       932	
+pages/documentation/current/configvhost.html                                                                               	           248	              147	             105	                       60	      1000	          440	         614	                  232	                           7971	                              4616	                             4339	                                      2261	                           8686	                              4861	                             4789	                                      2386	
+pages/documentation/current/customfunctions.html                                                                           	            71	               41	              45	                       24	       372	          156	         304	                  114	                           2599	                              1232	                             2044	                                       829	                           2841	                              1313	                             2268	                                       906	
 pages/documentation/current/customhandlers.html                                                                            	            58	               54	              42	                       42	       430	          419	         380	                  380	                           2693	                              2586	                             2349	                                      2349	                           2980	                              2873	                             2619	                                      2619	
 pages/documentation/current/devopshandler.html                                                                             	            76	               70	              39	                       39	       325	          305	         242	                  242	                           2255	                              2132	                             1480	                                      1480	                           2467	                              2328	                             1650	                                      1650	
 pages/documentation/current/docker.html                                                                                    	            33	               19	              19	                       10	       166	           80	         131	                   53	                           1243	                               711	                              927	                                       468	                           1319	                               733	                             1003	                                       490	
@ -148,14 +155,14 @@ pages/documentation/current/icons/xeyes.png_documentation_2.0_start.html
 pages/documentation/current/idpcas.html                                                                                    	            62	               18	              27	                        5	       397	           66	         306	                   30	                           2380	                               584	                             1558	                                       246	                           2679	                               598	                             1829	                                       260	
 pages/documentation/current/idpopenid.html                                                                                 	            97	               32	              43	                        6	       518	           88	         357	                   28	                           3290	                               774	                             2014	                                       206	                           3613	                               791	                             2298	                                       221	
 pages/documentation/current/idpopenidconnect.html                                                                          	           241	              136	             122	                       79	       787	          261	         562	                  167	                           5527	                              2640	                             3817	                                      1731	                           6028	                              2740	                             4254	                                      1828	
-pages/documentation/current/idpsaml.html                                                                                   	           167	               64	              44	                       11	       875	          237	         477	                  118	                           5927	                              2190	                             2875	                                       938	                           6494	                              2247	                             3246	                                       993	
-pages/documentation/current/installdeb.html                                                                                	           135	               47	              98	                       37	       594	          171	         506	                  144	                           3992	                              1297	                             3373	                                      1098	                           4368	                              1382	                             3720	                                      1180	
+pages/documentation/current/idpsaml.html                                                                                   	           139	               40	              43	                       12	       801	          184	         464	                  122	                           5232	                              1606	                             2809	                                       960	                           5787	                              1666	                             3169	                                      1018	
+pages/documentation/current/installdeb.html                                                                                	           136	               49	              99	                       39	       598	          178	         510	                  151	                           4035	                              1381	                             3416	                                      1182	                           4414	                              1471	                             3766	                                      1269	
 pages/documentation/current/installrpm.html                                                                                	           143	               41	              56	                       12	       676	          166	         352	                   84	                           4535	                              1318	                             2419	                                       612	                           4962	                              1360	                             2660	                                       636	
 pages/documentation/current/installsles.html                                                                               	           177	               88	              65	                       57	      1171	          676	         718	                  611	                           8827	                              5662	                             5678	                                      5031	                           9780	                              6230	                             6321	                                      5583	
 pages/documentation/current/installtarball.html                                                                            	           115	               29	              79	                       13	       588	           92	         495	                   50	                           3848	                               855	                             3200	                                       507	                           4228	                               869	                             3549	                                       519	
 pages/documentation/current/issuerdbget.html                                                                               	            51	               37	              25	                       25	       327	          273	         236	                  236	                           2061	                              1753	                             1429	                                      1429	                           2282	                              1937	                             1613	                                      1613	
 pages/documentation/current/jsonfileconfbackend.html                                                                       	            23	               13	               6	                        3	       101	           31	          31	                    7	                            759	                               342	                              249	                                        98	                            816	                               342	                              268	                                        98	
-pages/documentation/current/kerberos.html                                                                                  	           264	              106	             159	                       72	      1416	          391	        1122	                  302	                           8871	                              3574	                             6742	                                      2720	                           9890	                              3788	                             7625	                                      2904	
+pages/documentation/current/kerberos.html                                                                                  	           197	              109	             121	                       72	       964	          453	         790	                  364	                           6138	                              3513	                             4744	                                      2672	                           6833	                              3802	                             5369	                                      2931	
 pages/documentation/current/ldapconfbackend.html                                                                           	            64	               16	              36	                        5	       397	           64	         344	                   39	                           2743	                               627	                             2261	                                       399	                           2996	                               645	                             2505	                                       415	
 pages/documentation/current/ldapminihowto.html                                                                             	            28	               15	              11	                        3	        94	           35	          55	                    7	                            700	                               381	                              338	                                        80	                            741	                               381	                              375	                                        80	
 pages/documentation/current/ldapsessionbackend.html                                                                        	            62	               17	              12	                        3	       257	           64	         128	                   38	                           1854	                               565	                              814	                                       288	                           1988	                               585	                              908	                                       308	
@ -180,11 +187,11 @@ pages/documentation/current/passwordstore.html
 pages/documentation/current/performances.html                                                                              	           301	              195	             208	                      150	      1756	          896	        1339	                  779	                          10930	                              5737	                             8144	                                      4876	                          12181	                              6342	                             9136	                                      5415	
 pages/documentation/current/portal.html                                                                                    	           120	               71	              51	                       17	       488	          200	         339	                   83	                           3537	                              1906	                             2037	                                       635	                           3820	                              1960	                             2310	                                       688	
 pages/documentation/current/portalcustom.html                                                                              	           138	               70	              99	                       55	       980	          503	         888	                  470	                           5385	                              2874	                             4681	                                      2585	                           6196	                              3269	                             5454	                                      2976	
-pages/documentation/current/portalmenu.html                                                                                	            50	               16	              32	                        6	       294	           81	         254	                   57	                           1855	                               589	                             1503	                                       372	                           2069	                               636	                             1714	                                       419	
+pages/documentation/current/portalmenu.html                                                                                	            55	               20	              33	                        8	       334	          129	         283	                  101	                           2129	                               889	                             1649	                                       603	                           2376	                               975	                             1888	                                       689	
 pages/documentation/current/portalservers.html                                                                             	            44	               34	              19	                       19	       145	          133	          96	                   96	                           1025	                               926	                              619	                                       619	                           1106	                              1007	                              690	                                       690	
-pages/documentation/current/prereq.html                                                                                    	           148	               91	             105	                       73	       503	          332	         401	                  285	                           3864	                              2792	                             3119	                                      2409	                           4112	                              2962	                             3339	                                      2571	
+pages/documentation/current/prereq.html                                                                                    	           148	               91	             103	                       72	       503	          332	         399	                  284	                           3864	                              2792	                             3108	                                      2403	                           4112	                              2962	                             3328	                                      2565	
 pages/documentation/current/public_pages.html                                                                              	            38	               33	              21	                       21	       196	          187	         138	                  138	                           1316	                              1254	                              874	                                       874	                           1393	                              1329	                              949	                                       949	
-pages/documentation/current/rbac.html                                                                                      	            87	               56	              55	                       41	       472	          336	         386	                  294	                           2881	                              2006	                             2250	                                      1723	                           3195	                              2225	                             2532	                                      1931	
+pages/documentation/current/rbac.html                                                                                      	            87	               56	              56	                       42	       472	          336	         389	                  297	                           2881	                              2006	                             2272	                                      1745	                           3195	                              2225	                             2554	                                      1953	
 pages/documentation/current/redirections.html                                                                              	            49	               20	              30	                       12	       476	          213	         426	                  193	                           2837	                              1376	                             2457	                                      1200	                           3229	                              1530	                             2831	                                      1354	
 pages/documentation/current/register.html                                                                                  	            33	               27	              17	                       17	       193	          182	         158	                  158	                           1049	                               965	                              752	                                       752	                           1194	                              1106	                              893	                                       893	
 pages/documentation/current/resetpassword.html                                                                             	            72	               26	              46	                       12	       586	          182	         528	                  149	                           3210	                              1057	                             2702	                                       734	                           3678	                              1188	                             3161	                                       865	
@ -192,11 +199,11 @@ pages/documentation/current/restconfbackend.html
 pages/documentation/current/restservices.html                                                                              	            20	               17	               7	                        7	        86	           81	          56	                   56	                            566	                               538	                              302	                                       302	                            611	                               583	                              347	                                       347	
 pages/documentation/current/restsessionbackend.html                                                                        	            70	               48	              36	                       33	       420	          363	         359	                  330	                           2751	                              2334	                             2221	                                      1990	                           3057	                              2612	                             2518	                                      2266	
 pages/documentation/current/safejail.html                                                                                  	            35	               13	              17	                        1	       125	           31	          85	                    3	                            852	                               302	                              485	                                        26	                            916	                               302	                              549	                                        26	
-pages/documentation/current/samlservice.html                                                                               	           307	               90	             160	                       47	      1577	          345	        1183	                  253	                          10037	                              2551	                             7072	                                      1737	                          11188	                              2763	                             8041	                                      1934	
+pages/documentation/current/samlservice.html                                                                               	           307	               92	             160	                       49	      1579	          364	        1185	                  272	                          10052	                              2669	                             7087	                                      1855	                          11205	                              2898	                             8058	                                      2069	
 pages/documentation/current/securetoken.html                                                                               	            54	               28	              20	                       10	       312	          123	         233	                   89	                           2046	                               977	                             1454	                                       673	                           2282	                              1050	                             1660	                                       744	
-pages/documentation/current/security.html                                                                                  	           247	              104	             152	                       62	      1404	          484	        1175	                  378	                           9244	                              4011	                             7211	                                      2823	                          10262	                              4303	                             8176	                                      3102	
+pages/documentation/current/security.html                                                                                  	           247	              104	             151	                       62	      1404	          484	        1174	                  378	                           9244	                              4011	                             7207	                                      2823	                          10262	                              4303	                             8172	                                      3102	
 pages/documentation/current/selfmadeapplication.html                                                                       	            79	               52	              49	                       38	       313	          222	         246	                  188	                           2138	                              1458	                             1464	                                      1085	                           2326	                              1600	                             1647	                                      1225	
-pages/documentation/current/selinux.html                                                                                   	            30	               28	              17	                       17	        88	           85	          55	                   55	                            630	                               615	                              411	                                       411	                            672	                               657	                              444	                                       444	
+pages/documentation/current/selinux.html                                                                                   	            36	               30	              19	                       19	       101	           94	          66	                   66	                            730	                               689	                              492	                                       492	                            779	                               738	                              534	                                       534	
 pages/documentation/current/server_to_server.png_documentation_2.0_servertoserver.html                                     	            38	               35	              13	                       13	        89	           85	          44	                   44	                            790	                               773	                              404	                                       404	                            799	                               782	                              411	                                       411	
 pages/documentation/current/servertoserver.html                                                                            	            31	               29	              18	                       18	       185	          182	         157	                  157	                           1128	                              1113	                              862	                                       862	                           1263	                              1248	                              997	                                       997	
 pages/documentation/current/sessions.html                                                                                  	            51	               26	              31	                       14	       371	          154	         327	                  124	                           2163	                              1008	                             1800	                                       745	                           2452	                              1106	                             2085	                                       843	
@ -204,13 +211,14 @@ pages/documentation/current/soapconfbackend.html
 pages/documentation/current/soapminihowto.html                                                                             	            35	               19	              14	                        5	       162	           67	         107	                   33	                           1087	                               560	                              621	                                       209	                           1182	                               584	                              706	                                       233	
 pages/documentation/current/soapservices.html                                                                              	            44	               22	              22	                        4	       247	          103	         177	                   41	                           1736	                               750	                             1174	                                       238	                           1895	                               805	                             1310	                                       272	
 pages/documentation/current/soapsessionbackend.html                                                                        	            56	               31	              18	                       13	       386	          247	         265	                  180	                           2545	                              1653	                             1623	                                      1123	                           2838	                              1840	                             1856	                                      1277	
-pages/documentation/current/sqlconfbackend.html                                                                            	            69	               32	              44	                       20	       319	          122	         258	                   92	                           2082	                               915	                             1574	                                       639	                           2299	                               976	                             1776	                                       695	
-pages/documentation/current/sqlsessionbackend.html                                                                         	           136	               44	              65	                       24	       601	          197	         392	                  137	                           4037	                              1290	                             2385	                                       801	                           4368	                              1415	                             2663	                                       907	
+pages/documentation/current/sqlconfbackend.html                                                                            	           110	               88	              69	                       60	       416	          349	         321	                  269	                           2740	                              2403	                             2049	                                      1796	                           3016	                              2637	                             2287	                                      1993	
+pages/documentation/current/sqlsessionbackend.html                                                                         	           136	               44	              62	                       22	       601	          197	         388	                  135	                           4037	                              1290	                             2353	                                       784	                           4368	                              1415	                             2630	                                       890	
 pages/documentation/current/ssocookie.html                                                                                 	            60	               17	              32	                        4	       436	           67	         364	                   36	                           2393	                               502	                             1871	                                       238	                           2740	                               530	                             2195	                                       266	
-pages/documentation/current/start.html                                                                                     	           819	              512	             185	                      128	      1927	         1343	         845	                  553	                          16839	                             12839	                             5766	                                      4005	                          17533	                             13181	                             6315	                                      4326	
+pages/documentation/current/start.html                                                                                     	           844	              536	             195	                      138	      1993	         1408	         880	                  588	                          17509	                             13495	                             6065	                                      4304	                          18212	                             13846	                             6623	                                      4634	
 pages/documentation/current/status.html                                                                                    	            62	               21	              30	                        7	       312	           71	         248	                   41	                           2008	                               539	                             1486	                                       300	                           2182	                               565	                             1654	                                       324	
-pages/documentation/current/u2f.html                                                                                       	            55	               47	              29	                       29	       352	          337	         291	                  291	                           2186	                              2063	                             1680	                                      1680	                           2441	                              2312	                             1925	                                      1925	
-pages/documentation/current/upgrade.html                                                                                   	           167	              149	              81	                       81	       869	          835	         674	                  674	                           5622	                              5338	                             3825	                                      3825	                           6239	                              5946	                             4396	                                      4396	
+pages/documentation/current/totp2f.html                                                                                    	            54	               49	              30	                       30	       338	          332	         288	                  288	                           2152	                              2107	                             1670	                                      1670	                           2407	                              2362	                             1921	                                      1921	
+pages/documentation/current/u2f.html                                                                                       	            69	               61	              31	                       31	       421	          406	         273	                  273	                           2742	                              2619	                             1680	                                      1680	                           3036	                              2907	                             1899	                                      1899	
+pages/documentation/current/upgrade.html                                                                                   	           186	              162	              94	                       94	      1005	          956	         793	                  793	                           6327	                              5947	                             4425	                                      4425	                           7056	                              6660	                             5099	                                      5099	
 pages/documentation/current/variables.html                                                                                 	           174	               53	              97	                       32	       524	          136	         402	                   91	                           3315	                              1013	                             2342	                                       612	                           3640	                              1072	                             2642	                                       667	
 pages/documentation/current/writingrulesand_headers.html                                                                   	           183	              105	              99	                       53	       916	          558	         741	                  443	                           6016	                              3895	                             4348	                                      2666	                           6668	                              4285	                             4968	                                      3046	
 pages/documentation/current/yamlconfbackend.html                                                                           	            18	               14	               4	                        4	        76	           51	          27	                   27	                            570	                               431	                              191	                                       191	                            609	                               450	                              210	                                       210	
--- a/po-doc/fr/pages/documentation/current/applications.html
+++ b/po-doc/fr/pages/documentation/current/applications.html
@ -43,184 +43,158 @@

 </head>
 <body>
-<div class="dokuwiki export container"><!-- TOC START -->
-
-<div id="dw__toc">
-<h3 class="toggle">Table of Contents</h3>
-<div>
-
-<ul class="toc">
-<li class="level1"><div class="li"><a href="#known_supported_applications">Applications connues pour être supportées</a></div>
-<ul class="toc">
-<li class="level2"><div class="li"><a href="#mail_agenda_groupware">Mail, Agenda, Groupware</a></div></li>
-<li class="level2"><div class="li"><a href="#wiki">Wiki</a></div></li>
-<li class="level2"><div class="li"><a href="#cms_portal_ecm">CMS, Portal, ECM</a></div></li>
-<li class="level2"><div class="li"><a href="#bugtracker_service_management">Bugtracker, gestion de services</a></div></li>
-<li class="level2"><div class="li"><a href="#other">Autres</a></div></li>
-</ul>
-</li>
-<li class="level1"><div class="li"><a href="#frameworks">Frameworks</a></div></li>
-<li class="level1"><div class="li"><a href="#connectors">Connecteurs</a></div></li>
-<li class="level1"><div class="li"><a href="#saml_connectors">Connecteurs SAML</a></div></li>
-</ul>
-</div>
-</div><!-- TOC END -->
-
+<div class="dokuwiki export container">

 <h1 class="sectionedit1" id="applications">Applications</h1>
 <div class="level1">

 </div><!-- EDIT1 SECTION "Applications" [1-28] -->

-<h2 class="sectionedit2" id="known_supported_applications">Applications connues pour être supportées</h2>
+<h2 class="sectionedit2" id="how_to_integrate">How to integrate</h2>
 <div class="level2">

 <p>
-Les applications listées ci-dessous sont connues pour être faciles à intégrer à <abbr title="LemonLDAP::NG">LL::NG</abbr>. As <abbr title="LemonLDAP::NG">LL::NG</abbr> works like classic WebSSO (like Siteminder™), <strong>many other applications are easy to integrate</strong>.
+
+To integrate a Web application in <abbr title="LemonLDAP::NG">LL::NG</abbr>, you have the following possibilities:
+
 </p>
+<ul>
+<li class="level1"><div class="li">  Protect the application with the Handler, and push user identity trough HTTP headers. This is how main Access Manager products, like CA SiteMinder, are working. This also how Apache authentication modules are working, so if your application is compatible with Apache authentication (often called “external authentifcation”), then you can use the Handler.</div>
+</li>
+<li class="level1"><div class="li">  Specific Handler: some applications can require a specific Handler, to manage preauthentication process for example.</div>
+</li>
+<li class="level1"><div class="li"> <abbr title="Central Authentication Service">CAS</abbr>: your application is a <abbr title="Central Authentication Service">CAS</abbr> client, you can configure <abbr title="LemonLDAP::NG">LL::NG</abbr> as a <a href="idpcas.html" class="wikilink1" title="documentation:2.0:idpcas">CAS server</a>.</div>
+</li>
+<li class="level1"><div class="li"> <abbr title="Security Assertion Markup Language">SAML</abbr>: your application is a <abbr title="Security Assertion Markup Language">SAML</abbr> Service Provider, you can configure <abbr title="LemonLDAP::NG">LL::NG</abbr> as a <a href="idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">SAML Identity Provider</a>.</div>
+</li>
+<li class="level1"><div class="li">  OpenID Connect: your application is a OpenID Connect Relying Party, you can configure <abbr title="LemonLDAP::NG">LL::NG</abbr> as a <a href="idpopenidconnect.html" class="wikilink1" title="documentation:2.0:idpopenidconnect">OpenID Connect Provider</a>.</div>
+</li>
+</ul>

-</div><!-- EDIT2 SECTION "Known supported applications" [29-252] -->
+<p>

-<h3 class="sectionedit3" id="mail_agenda_groupware">Mail, Agenda, Groupware</h3>
-<div class="level3">
+If none of above methods is available, you can try:
+
+</p>
+<ul>
+<li class="level1"><div class="li"> <a href="applications/authbasic.html" class="wikilink1" title="documentation:2.0:applications:authbasic">HTTP Auth-Basic</a>: replay Auth Basic authentication</div>
+</li>
+<li class="level1"><div class="li"> <a href="formreplay.html" class="wikilink1" title="documentation:2.0:formreplay">Form replay</a>: replay form based authentication</div>
+</li>
+</ul>
+
+</div><!-- EDIT2 SECTION "How to integrate" [29-1191] -->
+
+<h2 class="sectionedit3" id="application_list">Application list</h2>
+<div class="level2">
 <div class="table sectionedit4"><table class="inline table table-bordered table-striped">
 	<thead>
 	<tr class="row0 roweven">
-		<th class="col0 centeralign">    OBM    </th><th class="col1 centeralign">    Sympa    </th><th class="col2 centeralign">    Zimbra    </th><th class="col3 centeralign">    RoundCube    </th>
+		<th class="col0 leftalign">  </th><th class="col1 leftalign">  </th><th class="col2 centeralign">    HTTP headers    </th><th class="col3 centeralign">    Specific Handler    </th><th class="col4 centeralign">  <abbr title="Central Authentication Service">CAS</abbr>  </th><th class="col5 leftalign"> <abbr title="Security Assertion Markup Language">SAML</abbr>  </th><th class="col6 centeralign">    OpenID Connect    </th>
 	</tr>
 	</thead>
 	<tr class="row1 rowodd">
-		<td class="col0 centeralign">  <a href="applications/obm.html" class="media" title="documentation:2.0:applications:obm"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/sympa.html" class="media" title="documentation:2.0:applications:sympa"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col2 centeralign">  <a href="applications/zimbra.html" class="media" title="documentation:2.0:applications:zimbra"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col3 centeralign">  <a href="applications/roundcube.html" class="media" title="documentation:2.0:applications:roundcube"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td>
-	</tr>
-</table></div><!-- EDIT4 TABLE [288-584] -->
-
-</div><!-- EDIT3 SECTION "Mail, Agenda, Groupware" [253-585] -->
-
-<h3 class="sectionedit5" id="wiki">Wiki</h3>
-<div class="level3">
-<div class="table sectionedit6"><table class="inline table table-bordered table-striped">
-	<thead>
-	<tr class="row0 roweven">
-		<th class="col0 centeralign">    Dokuwiki    </th><th class="col1 centeralign">    Mediawiki    </th>
-	</tr>
-	</thead>
-	<tr class="row1 rowodd">
-		<td class="col0 centeralign">  <a href="applications/dokuwiki.html" class="media" title="documentation:2.0:applications:dokuwiki"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/mediawiki.html" class="media" title="documentation:2.0:applications:mediawiki"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td>
-	</tr>
-</table></div><!-- EDIT6 TABLE [602-768] -->
-
-</div><!-- EDIT5 SECTION "Wiki" [586-769] -->
-
-<h3 class="sectionedit7" id="cms_portal_ecm">CMS, Portal, ECM</h3>
-<div class="level3">
-<div class="table sectionedit8"><table class="inline table table-bordered table-striped">
-	<thead>
-	<tr class="row0 roweven">
-		<th class="col0 centeralign">    Drupal    </th><th class="col1 centeralign">    Liferay    </th><th class="col2 centeralign">    Alfresco    </th>
-	</tr>
-	</thead>
-	<tr class="row1 rowodd">
-		<td class="col0 centeralign">  <a href="applications/drupal.html" class="media" title="documentation:2.0:applications:drupal"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">   <a href="applications/liferay.html" class="media" title="documentation:2.0:applications:liferay"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col2 centeralign">  <a href="applications/alfresco.html" class="media" title="documentation:2.0:applications:alfresco"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td>
-	</tr>
-</table></div><!-- EDIT8 TABLE [798-1033] -->
-
-</div><!-- EDIT7 SECTION "CMS, Portal, ECM" [770-1034] -->
-
-<h3 class="sectionedit9" id="bugtracker_service_management">Bugtracker, gestion de services</h3>
-<div class="level3">
-<div class="table sectionedit10"><table class="inline table table-bordered table-striped">
-	<thead>
-	<tr class="row0 roweven">
-		<th class="col0 centeralign">    Bugzilla    </th><th class="col1 centeralign">    GLPI    </th>
-	</tr>
-	</thead>
-	<tr class="row1 rowodd">
-		<td class="col0 centeralign">  <a href="applications/bugzilla.html" class="media" title="documentation:2.0:applications:bugzilla"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/glpi.html" class="media" title="documentation:2.0:applications:glpi"><img src="icons/kmultiple.png" class="media" alt="" width="100" /></a>  </td>
-	</tr>
-</table></div><!-- EDIT10 TABLE [1077-1233] -->
-
-</div><!-- EDIT9 SECTION "Bugtracker, Service Management" [1035-1234] -->
-
-<h3 class="sectionedit11" id="other">Autres</h3>
-<div class="level3">
-<div class="table sectionedit12"><table class="inline table table-bordered table-striped">
-	<thead>
-	<tr class="row0 roweven">
-		<th class="col0 centeralign">    GRR    </th><th class="col1 centeralign">    phpLDAPadmin    </th><th class="col2 centeralign">    LimeSurvey    </th><th class="col3 centeralign">    SAP    </th>
-	</tr>
-	</thead>
-	<tr class="row1 rowodd">
-		<td class="col0 centeralign">  <a href="applications/grr.html" class="media" title="documentation:2.0:applications:grr"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/phpldapadmin.html" class="media" title="documentation:2.0:applications:phpldapadmin"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col2 centeralign">  <a href="applications/limesurvey.html" class="media" title="documentation:2.0:applications:limesurvey"><img src="icons/kmultiple.png" class="media" title="LimeSurvey" alt="LimeSurvey" width="120" /></a>  </td><td class="col3 centeralign">  <a href="http://help.sap.com/saphelp_nw70/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm" class="media" title="http://help.sap.com/saphelp_nw70/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm"  rel="nofollow"><img src="icons/kmultiple.png" class="media" title="SAP" alt="SAP" /></a>  </td>
+		<td class="col0 centeralign">  <a href="applications/adfs.html" class="media" title="documentation:2.0:applications:adfs"><img src="icons/kmultiple.png" class="media" alt="" width="200" /></a>  </td><td class="col1 centeralign">  <a href="applications/adfs.html" class="wikilink1" title="documentation:2.0:applications:adfs">ADFS</a>  </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign">    ✔    </td><td class="col6"> </td>
 	</tr>
 	<tr class="row2 roweven">
-		<th class="col0 centeralign">    FusionDirectory    </th><th class="col1"> </th><th class="col2"> </th><th class="col3"> </th>
+		<td class="col0 centeralign">  <a href="applications/alfresco.html" class="media" title="documentation:2.0:applications:alfresco"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/alfresco.html" class="wikilink1" title="documentation:2.0:applications:alfresco">Alfresco</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign">    ✔    </td><td class="col6"> </td>
 	</tr>
 	<tr class="row3 rowodd">
-		<td class="col0 centeralign">  <a href="applications/fusiondirectory.html" class="media" title="documentation:2.0:applications:fusiondirectory"><img src="icons/kmultiple.png" class="media" title="fusiondirectory-logo.jpg" alt="fusiondirectory-logo.jpg" width="120" /></a>  </td><td class="col1"> </td><td class="col2"> </td><td class="col3"> </td>
+		<td class="col0 centeralign">  <a href="applications/aws.html" class="media" title="documentation:2.0:applications:aws"><img src="icons/kmultiple.png" class="media" title="logo_amazon_web_services.jpg" alt="logo_amazon_web_services.jpg" /></a>  </td><td class="col1 centeralign">  <a href="applications/aws.html" class="wikilink1" title="documentation:2.0:applications:aws">Amazon Web Services</a>  </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign">    ✔    </td><td class="col6"> </td>
 	</tr>
-</table></div><!-- EDIT12 TABLE [1252-1777] -->
+	<tr class="row4 roweven">
+		<td class="col0 centeralign">  <a href="applications/bugzilla.html" class="media" title="documentation:2.0:applications:bugzilla"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/bugzilla.html" class="wikilink1" title="documentation:2.0:applications:bugzilla">Bugzilla</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row5 rowodd">
+		<td class="col0 centeralign">  <a href="applications/cornerstone.html" class="media" title="documentation:2.0:applications:cornerstone"><img src="icons/kmultiple.png" class="media" alt="" width="200" /></a>  </td><td class="col1 centeralign">  <a href="applications/cornerstone.html" class="wikilink1" title="documentation:2.0:applications:cornerstone">Cornerstone</a>  </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign">    ✔    </td><td class="col6"> </td>
+	</tr>
+	<tr class="row6 roweven">
+		<td class="col0 centeralign">  <a href="applications/django.html" class="media" title="documentation:2.0:applications:django"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/django.html" class="wikilink1" title="documentation:2.0:applications:django">Django</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row7 rowodd">
+		<th class="col0 leftalign">  </th><th class="col1 leftalign">  </th><th class="col2 centeralign">    HTTP headers    </th><th class="col3 centeralign">    Specific Handler    </th><th class="col4 centeralign">  <abbr title="Central Authentication Service">CAS</abbr>  </th><th class="col5 leftalign"> <abbr title="Security Assertion Markup Language">SAML</abbr>  </th><th class="col6 centeralign">    OpenID Connect    </th>
+	</tr>
+	<tr class="row8 roweven">
+		<td class="col0 centeralign">  <a href="applications/dokuwiki.html" class="media" title="documentation:2.0:applications:dokuwiki"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/dokuwiki.html" class="wikilink1" title="documentation:2.0:applications:dokuwiki">Dokuwiki</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row9 rowodd">
+		<td class="col0 centeralign">  <a href="applications/drupal.html" class="media" title="documentation:2.0:applications:drupal"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/drupal.html" class="wikilink1" title="documentation:2.0:applications:drupal">Drupal</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row10 roweven">
+		<td class="col0 centeralign">  <a href="applications/fusiondirectory.html" class="media" title="documentation:2.0:applications:fusiondirectory"><img src="icons/kmultiple.png" class="media" title="fusiondirectory-logo.jpg" alt="fusiondirectory-logo.jpg" width="120" /></a>  </td><td class="col1 centeralign">  <a href="applications/fusiondirectory.html" class="wikilink1" title="documentation:2.0:applications:fusiondirectory">FusionDirectory</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row11 rowodd">
+		<td class="col0 centeralign">  <a href="applications/glpi.html" class="media" title="documentation:2.0:applications:glpi"><img src="icons/kmultiple.png" class="media" alt="" width="100" /></a>  </td><td class="col1 centeralign">  <a href="applications/glpi.html" class="wikilink1" title="documentation:2.0:applications:glpi">GLPI</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row12 roweven">
+		<td class="col0 centeralign">  <a href="applications/googleapps.html" class="media" title="documentation:2.0:applications:googleapps"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/googleapps.html" class="wikilink1" title="documentation:2.0:applications:googleapps">Google Apps</a>  </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign">    ✔    </td><td class="col6"> </td>
+	</tr>
+	<tr class="row13 rowodd">
+		<th class="col0 leftalign">  </th><th class="col1 leftalign">  </th><th class="col2 centeralign">    HTTP headers    </th><th class="col3 centeralign">    Specific Handler    </th><th class="col4 centeralign">  <abbr title="Central Authentication Service">CAS</abbr>  </th><th class="col5 leftalign"> <abbr title="Security Assertion Markup Language">SAML</abbr>  </th><th class="col6 centeralign">    OpenID Connect    </th>
+	</tr>
+	<tr class="row14 roweven">
+		<td class="col0 centeralign">  <a href="applications/grr.html" class="media" title="documentation:2.0:applications:grr"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/grr.html" class="wikilink1" title="documentation:2.0:applications:grr">GRR</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row15 rowodd">
+		<td class="col0 centeralign">  <a href="applications/liferay.html" class="media" title="documentation:2.0:applications:liferay"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/liferay.html" class="wikilink1" title="documentation:2.0:applications:liferay">Liferay</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"></td>
+	</tr>
+	<tr class="row16 roweven">
+		<td class="col0 centeralign">  <a href="applications/limesurvey.html" class="media" title="documentation:2.0:applications:limesurvey"><img src="icons/kmultiple.png" class="media" title="LimeSurvey" alt="LimeSurvey" width="120" /></a>  </td><td class="col1 centeralign">  <a href="applications/limesurvey.html" class="wikilink1" title="documentation:2.0:applications:limesurvey">LimeSurvey</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"></td>
+	</tr>
+	<tr class="row17 rowodd">
+		<td class="col0 centeralign">  <a href="applications/mediawiki.html" class="media" title="documentation:2.0:applications:mediawiki"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/mediawiki.html" class="wikilink1" title="documentation:2.0:applications:mediawiki">Mediawiki</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row18 roweven">
+		<td class="col0 centeralign">  <a href="applications/nextcloud.html" class="media" title="documentation:2.0:applications:nextcloud"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/nextcloud.html" class="wikilink1" title="documentation:2.0:applications:nextcloud">NextCloud</a>  </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign">    ✔    </td><td class="col6"> </td>
+	</tr>
+	<tr class="row19 rowodd">
+		<th class="col0 leftalign">  </th><th class="col1 leftalign">  </th><th class="col2 centeralign">    HTTP headers    </th><th class="col3 centeralign">    Specific Handler    </th><th class="col4 centeralign">  <abbr title="Central Authentication Service">CAS</abbr>  </th><th class="col5 leftalign"> <abbr title="Security Assertion Markup Language">SAML</abbr>  </th><th class="col6 centeralign">    OpenID Connect    </th>
+	</tr>
+	<tr class="row20 roweven">
+		<td class="col0 centeralign">  <a href="applications/obm.html" class="media" title="documentation:2.0:applications:obm"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/obm.html" class="wikilink1" title="documentation:2.0:applications:obm">OBM</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row21 rowodd">
+		<td class="col0 centeralign">  <a href="applications/office365.html" class="media" title="documentation:2.0:applications:office365"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/office365.html" class="wikilink1" title="documentation:2.0:applications:office365">Office 365</a>  </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign">    ✔    </td><td class="col6"> </td>
+	</tr>
+	<tr class="row22 roweven">
+		<td class="col0 centeralign">  <a href="applications/phpldapadmin.html" class="media" title="documentation:2.0:applications:phpldapadmin"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/phpldapadmin.html" class="wikilink1" title="documentation:2.0:applications:phpldapadmin">phpLDAPAdmin</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row23 rowodd">
+		<td class="col0 centeralign">  <a href="applications/roundcube.html" class="media" title="documentation:2.0:applications:roundcube"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/roundcube.html" class="wikilink1" title="documentation:2.0:applications:roundcube">Roundcube</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row24 roweven">
+		<td class="col0 centeralign">  <a href="applications/salesforce.html" class="media" title="documentation:2.0:applications:salesforce"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/salesforce.html" class="wikilink1" title="documentation:2.0:applications:salesforce">SalesForce</a>  </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign">    ✔    </td><td class="col6"> </td>
+	</tr>
+	<tr class="row25 rowodd">
+		<td class="col0 centeralign">  <a href="applications/sap.html" class="media" title="documentation:2.0:applications:sap"><img src="icons/kmultiple.png" class="media" title="SAP" alt="SAP" /></a>  </td><td class="col1 centeralign">  <a href="applications/sap.html" class="wikilink1" title="documentation:2.0:applications:sap">SAP</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign">    ✔    </td><td class="col6"> </td>
+	</tr>
+	<tr class="row26 roweven">
+		<td class="col0 centeralign">  <a href="applications/simplesamlphp.html" class="media" title="documentation:2.0:applications:simplesamlphp"><img src="icons/kmultiple.png" class="media" alt="" width="200" /></a>  </td><td class="col1 centeralign">  <a href="applications/simplesamlphp.html" class="wikilink1" title="documentation:2.0:applications:simplesamlphp">simpleSAMLphp</a>  </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign">    ✔    </td><td class="col6"> </td>
+	</tr>
+	<tr class="row27 rowodd">
+		<th class="col0 leftalign">  </th><th class="col1 leftalign">  </th><th class="col2 centeralign">    HTTP headers    </th><th class="col3 centeralign">    Specific Handler    </th><th class="col4 centeralign">  <abbr title="Central Authentication Service">CAS</abbr>  </th><th class="col5 leftalign"> <abbr title="Security Assertion Markup Language">SAML</abbr>  </th><th class="col6 centeralign">    OpenID Connect    </th>
+	</tr>
+	<tr class="row28 roweven">
+		<td class="col0 centeralign">  <a href="applications/spring.html" class="media" title="documentation:2.0:applications:spring"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/spring.html" class="wikilink1" title="documentation:2.0:applications:spring">Spring</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row29 rowodd">
+		<td class="col0 centeralign">  <a href="applications/sympa.html" class="media" title="documentation:2.0:applications:sympa"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/sympa.html" class="wikilink1" title="documentation:2.0:applications:sympa">Sympa</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row30 roweven">
+		<td class="col0 centeralign">  <a href="applications/tomcat.html" class="media" title="documentation:2.0:applications:tomcat"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/tomcat.html" class="wikilink1" title="documentation:2.0:applications:tomcat">Tomcat</a>  </td><td class="col2 centeralign">    ✔    </td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row31 rowodd">
+		<td class="col0 centeralign">  <a href="applications/wordpress.html" class="media" title="documentation:2.0:applications:wordpress"><img src="icons/kmultiple.png" class="media" alt="" width="100" /></a>  </td><td class="col1 centeralign">  <a href="applications/wordpress.html" class="wikilink1" title="documentation:2.0:applications:wordpress">Wordpress</a>  </td><td class="col2"> </td><td class="col3"> </td><td class="col4 centeralign">      ✔    </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row32 roweven">
+		<td class="col0 centeralign">  <a href="applications/zimbra.html" class="media" title="documentation:2.0:applications:zimbra"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/zimbra.html" class="wikilink1" title="documentation:2.0:applications:zimbra">Zimbra</a>  </td><td class="col2"> </td><td class="col3 centeralign">    ✔    </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
+	</tr>
+	<tr class="row33 rowodd">
+		<th class="col0 leftalign">  </th><th class="col1 leftalign">  </th><th class="col2 centeralign">    HTTP headers    </th><th class="col3 centeralign">    Specific Handler    </th><th class="col4 centeralign">  <abbr title="Central Authentication Service">CAS</abbr>  </th><th class="col5 leftalign"> <abbr title="Security Assertion Markup Language">SAML</abbr>  </th><th class="col6 centeralign">    OpenID Connect    </th>
+	</tr>
+</table></div><!-- EDIT4 TABLE [1223-5260] -->

-</div><!-- EDIT11 SECTION "Other" [1235-1777] -->
-
-<h2 class="sectionedit13" id="frameworks">Frameworks</h2>
-<div class="level2">
-<div class="table sectionedit14"><table class="inline table table-bordered table-striped">
-	<thead>
-	<tr class="row0 roweven">
-		<th class="col0 centeralign">    Java (Spring)    </th><th class="col1 centeralign">    Python (Django)    </th>
-	</tr>
-	</thead>
-	<tr class="row1 rowodd">
-		<td class="col0 centeralign">  <a href="applications/spring.html" class="media" title="documentation:2.0:applications:spring"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/django.html" class="media" title="documentation:2.0:applications:django"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td>
-	</tr>
-</table></div><!-- EDIT14 TABLE [1802-1969] -->
-
-</div><!-- EDIT13 SECTION "Frameworks" [1778-1970] -->
-
-<h2 class="sectionedit15" id="connectors">Connecteurs</h2>
-<div class="level2">
-<div class="table sectionedit16"><table class="inline table table-bordered table-striped">
-	<thead>
-	<tr class="row0 roweven">
-		<th class="col0 centeralign">    HTTP Auth-Basic    </th><th class="col1 centeralign">    Tomcat    </th><th class="col2 centeralign">    Nginx    </th>
-	</tr>
-	</thead>
-	<tr class="row1 rowodd">
-		<td class="col0 centeralign">  <a href="applications/authbasic.html" class="media" title="documentation:2.0:applications:authbasic"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/tomcat.html" class="media" title="documentation:2.0:applications:tomcat"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col2 centeralign">  <a href="applications/nginx.html" class="media" title="documentation:2.0:applications:nginx"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td>
-	</tr>
-	<tr class="row2 roweven">
-		<th class="col0 centeralign" colspan="3">  Quelques applications l'utilisant  </th>
-	</tr>
-	<tr class="row3 rowodd">
-		<td class="col0 centeralign">  <a href="http://en.wikipedia.org/wiki/Outlook_Web_App" class="urlextern" title="http://en.wikipedia.org/wiki/Outlook_Web_App"  rel="nofollow">Outlook Web App</a> <br/>
-<a href="http://en.wikipedia.org/wiki/IBM_Lotus_iNotes" class="urlextern" title="http://en.wikipedia.org/wiki/IBM_Lotus_iNotes"  rel="nofollow">IBM Lotus iNotes</a>  </td><td class="col1 centeralign">  <a href="http://www.lambdaprobe.org" class="urlextern" title="http://www.lambdaprobe.org"  rel="nofollow">Probe</a> <br/>
-<a href="http://fr.lutece.paris.fr" class="urlextern" title="http://fr.lutece.paris.fr"  rel="nofollow">Lutece</a>  </td><td class="col2"> </td>
-	</tr>
-</table></div><!-- EDIT16 TABLE [1995-2486] -->
-
-</div><!-- EDIT15 SECTION "Connectors" [1971-2487] -->
-
-<h2 class="sectionedit17" id="saml_connectors">Connecteurs SAML</h2>
-<div class="level2">
-<div class="noteclassic">Ceci nécessite de configurer <abbr title="LemonLDAP::NG">LL::NG</abbr> comme <a href="idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">fournisseur d'identité SAML</a>.
-</div><div class="table sectionedit18"><table class="inline table table-bordered table-striped">
-	<thead>
-	<tr class="row0 roweven">
-		<th class="col0 centeralign">    Google Apps    </th><th class="col1 centeralign">    Cornerstone    </th><th class="col2 centeralign">    SalesForce    </th><th class="col3 centeralign">    simpleSAMLphp    </th>
-	</tr>
-	</thead>
-	<tr class="row1 rowodd">
-		<td class="col0 centeralign">  <a href="applications/googleapps.html" class="media" title="documentation:2.0:applications:googleapps"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/cornerstone.html" class="media" title="documentation:2.0:applications:cornerstone"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a>  </td><td class="col2 centeralign">  <a href="applications/salesforce.html" class="media" title="documentation:2.0:applications:salesforce"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a>  </td><td class="col3 centeralign">  <a href="applications/simplesamlphp.html" class="media" title="documentation:2.0:applications:simplesamlphp"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a>  </td>
-	</tr>
-	<tr class="row2 roweven">
-		<th class="col0 centeralign">    NextCloud    </th><th class="col1 centeralign">    ADFS    </th><th class="col2 leftalign">  </th><th class="col3 leftalign">  </th>
-	</tr>
-	<tr class="row3 rowodd">
-		<td class="col0 centeralign">  <a href="applications/nextcloud.html" class="media" title="documentation:2.0:applications:nextcloud"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/adfs.html" class="media" title="documentation:2.0:applications:adfs"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col2 leftalign">  </td><td class="col3 leftalign">  </td>
-	</tr>
-</table></div><!-- EDIT18 TABLE [2607-3149] -->
-
-</div><!-- EDIT17 SECTION "SAML connectors" [2488-] -->
+</div><!-- EDIT3 SECTION "Application list" [1192-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/applications/alfresco.html
+++ b/po-doc/fr/pages/documentation/current/applications/alfresco.html
@ -51,10 +51,21 @@

 <ul class="toc">
 <li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
-<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
+<li class="level1"><div class="li"><a href="#http_headers">HTTP headers</a></div>
 <ul class="toc">
 <li class="level2"><div class="li"><a href="#alfresco1">Alfresco</a></div></li>
-<li class="level2"><div class="li"><a href="#llng">LL::NG</a></div></li>
+<li class="level2"><div class="li"><a href="#llng">LL::NG</a></div>
+<ul class="toc">
+<li class="level3"><div class="li"><a href="#headers">En-têtes</a></div></li>
+<li class="level3"><div class="li"><a href="#rules">Règles</a></div></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="level1"><div class="li"><a href="#saml2">SAML2</a></div>
+<ul class="toc">
+<li class="level2"><div class="li"><a href="#alfresco2">Alfresco</a></div></li>
+<li class="level2"><div class="li"><a href="#llng1">LL::NG</a></div></li>
 </ul>
 </li>
 <li class="level1"><div class="li"><a href="#other_resources">Autres documents</a></div></li>
@ -82,14 +93,27 @@
 <p>
 Depuis la version 4.0, il permet facilement de configurer un <abbr title="Authentification unique (Single Sign On)">SSO</abbr> grace au sous-système d'authentification.
 </p>
-<div class="noteimportant">Pour les versions plus anciennes, se référer à cette documentation : <a href="https://wiki.alfresco.com/wiki/SSO" class="urlextern" title="https://wiki.alfresco.com/wiki/SSO"  rel="nofollow">https://wiki.alfresco.com/wiki/SSO</a>
-</div>
-</div><!-- EDIT2 SECTION "Presentation" [72-395] -->

-<h2 class="sectionedit3" id="configuration">Configuration</h2>
+<p>
+
+Authentication against <abbr title="LemonLDAP::NG">LL::NG</abbr> can be done trough:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  HTTP headers (<abbr title="LemonLDAP::NG">LL::NG</abbr> Handler)</div>
+</li>
+<li class="level1"><div class="li"> <abbr title="Security Assertion Markup Language">SAML</abbr> 2 (<abbr title="LemonLDAP::NG">LL::NG</abbr> as SAML2 IDP)</div>
+</li>
+</ul>
+<div class="notetip">Alfresco now recommends SAML2 method
+
+</div>
+</div><!-- EDIT2 SECTION "Presentation" [72-430] -->
+
+<h2 class="sectionedit3" id="http_headers">HTTP headers</h2>
 <div class="level2">

-</div><!-- EDIT3 SECTION "Configuration" [396-422] -->
+</div><!-- EDIT3 SECTION "HTTP headers" [431-456] -->

 <h3 class="sectionedit4" id="alfresco1">Alfresco</h3>
 <div class="level3">
@ -106,9 +130,7 @@ Les fichiers suivants sont nécessaires dans l'installation Alfresco :
 </ul>

 <p>
-
-The first will allow one to configure <abbr title="Authentification unique (Single Sign On)">SSO</abbr> for the alfresco webapp, and the other for the share webapp. 
- 
+Le premier autorise la configuration du <abbr title="Authentification unique (Single Sign On)">SSO</abbr> pour la webapp Alfresco et l'autre pour la webapp partagée. 
 </p>

 <p>
@ -165,29 +187,416 @@ Un redémarrage de Tomcat est nécessaire pour appliquer les changements.
 </p>
 <div class="notewarning">On peut ensuite se connecter avec un simple en-tête HTTP. Il faut restreindre l'accès à Alfresco à <abbr title="LemonLDAP::NG">LL::NG</abbr>.
 </div>
-</div><!-- EDIT4 SECTION "Alfresco" [423-3123] -->
+</div><!-- EDIT4 SECTION "Alfresco" [457-3153] -->

 <h3 class="sectionedit5" id="llng">LL::NG</h3>
 <div class="level3">

+</div>
+
+<h4 id="headers">En-têtes</h4>
+<div class="level4">
+
 <p>
 Renseigner simplement l'en-tête <code>Auth-User</code> avec l'attribut qui contient le nom de login, par exemple <code>$uid</code>.
 </p>

+</div>
+
+<h4 id="rules">Règles</h4>
+<div class="level4">
+
 <p>
-On peut intercepter les déconnexions avec cette règle : <code>^/share/page/dologout ⇒ logout_app_sso</code>
+
+Set the default rule to what you need.
+
 </p>

-</div><!-- EDIT5 SECTION "LL::NG" [3124-3336] -->
+<p>

-<h2 class="sectionedit6" id="other_resources">Autres documents</h2>
+Other rules:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  Unprotect access to some resources: <code>^/share/res ⇒ unprotect</code></div>
+</li>
+<li class="level1"><div class="li">  Catch logout: <code>^/share/page/dologout ⇒ logout_app_sso</code></div>
+</li>
+</ul>
+
+</div><!-- EDIT5 SECTION "LL::NG" [3154-3493] -->
+
+<h2 class="sectionedit6" id="saml2">SAML2</h2>
+<div class="level2">
+
+</div><!-- EDIT6 SECTION "SAML2" [3494-3513] -->
+
+<h3 class="sectionedit7" id="alfresco2">Alfresco</h3>
+<div class="level3">
+
+<p>
+
+Install <abbr title="Security Assertion Markup Language">SAML</abbr> Alfresco module package:
+
+</p>
+<pre class="code">cp alfresco-saml-repo-1.0.1.amp &lt;ALFRESCO_HOME&gt;/amps
+cp alfresco-saml-share-1.0.1.amp &lt;ALFRESCO_HOME&gt;/amps_share
+./bin/apply_amp.sh</pre>
+
+<p>
+
+Generate <abbr title="Security Assertion Markup Language">SAML</abbr> certificate:
+
+</p>
+<pre class="code">keytool -genkeypair -alias my-saml-key -keypass change-me -storepass change-me -keystore my-saml.keystore -storetype JCEKS</pre>
+
+<p>
+
+Export the keystore:
+
+</p>
+<pre class="code">mv my-saml.keystore alf_data/keystore
+cat &lt;&lt;EOT &gt; alf_data/keystore/my-saml.keystore-metadata.properties
+aliases=my-saml-key
+keystore.password=change-me
+my-saml-key.password=change-me
+EOT
+cat &lt;&lt;EOT &gt;&gt; tomcat/shared/classes/alfresco-global.properties
+
+saml.keystore.location=\${dir.keystore}/my-saml.keystore
+saml.keystore.keyMetaData.location=\${dir.keystore}/my-saml.keystore-metadata.properties
+EOT</pre>
+
+<p>
+
+Edit then <code>share-config-custom.xml</code>:
+
+</p>
+<pre class="code file xml">    ...
+        <span class="sc3"><span class="re1">&lt;config</span> <span class="re0">evaluator</span>=<span class="st0">"string-compare"</span> <span class="re0">condition</span>=<span class="st0">"CSRFPolicy"</span> <span class="re0">replace</span>=<span class="st0">"true"</span><span class="re2">&gt;</span></span>
+&nbsp;
+&nbsp;
+&nbsp;
+        <span class="sc-1">&lt;!--</span>
+<span class="sc-1">            If using https make a CSRFPolicy with replace="true" and override the properties section.</span>
+<span class="sc-1">            Note, localhost is there to allow local checks to succeed.</span>
+&nbsp;
+&nbsp;
+&nbsp;
+<span class="sc-1">            I.e.</span>
+<span class="sc-1">            &lt;properties&gt;</span>
+<span class="sc-1">                &lt;token&gt;Alfresco-CSRFToken&lt;/token&gt;</span>
+<span class="sc-1">                &lt;referer&gt;https://your-domain.com/.*|http://localhost:8080/.*&lt;/referer&gt;</span>
+<span class="sc-1">                &lt;origin&gt;https://your-domain.com|http://localhost:8080&lt;/origin&gt;</span>
+<span class="sc-1">            &lt;/properties&gt;</span>
+<span class="sc-1">        --&gt;</span>
+&nbsp;
+&nbsp;
+&nbsp;
+            <span class="sc3"><span class="re1">&lt;filter<span class="re2">&gt;</span></span></span>
+&nbsp;
+&nbsp;
+&nbsp;
+                <span class="sc-1">&lt;!-- SAML SPECIFIC CONFIG -  START --&gt;</span>
+&nbsp;
+&nbsp;
+&nbsp;
+                <span class="sc-1">&lt;!--</span>
+<span class="sc-1">                 Since we have added the CSRF filter with filter-mapping of "/*" we will catch all public GET's to avoid them</span>
+<span class="sc-1">                 having to pass through the remaining rules.</span>
+<span class="sc-1">                 --&gt;</span>
+                <span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>GET<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/res/.*<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
+                <span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
+&nbsp;
+&nbsp;
+&nbsp;
+                <span class="sc-1">&lt;!-- Incoming posts from IDPs do not require a token --&gt;</span>
+                <span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>POST<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/page/saml-authnresponse|/page/saml-logoutresponse|/page/saml-logoutrequest<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
+                <span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
+&nbsp;
+&nbsp;
+&nbsp;
+                <span class="sc-1">&lt;!-- SAML SPECIFIC CONFIG -  STOP --&gt;</span>
+&nbsp;
+&nbsp;
+&nbsp;
+                <span class="sc-1">&lt;!-- EVERYTHING BELOW FROM HERE IS COPIED FROM share-security-config.xml --&gt;</span>
+&nbsp;
+&nbsp;
+&nbsp;
+                <span class="sc-1">&lt;!--</span>
+<span class="sc-1">                 Certain webscripts shall not be allowed to be accessed directly form the browser.</span>
+<span class="sc-1">                 Make sure to throw an error if they are used.</span>
+<span class="sc-1">                 --&gt;</span>
+                <span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/proxy/alfresco/remoteadm/.*<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"throwError"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"message"</span><span class="re2">&gt;</span></span>It is not allowed to access this url from your browser<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                <span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
+&nbsp;
+&nbsp;
+&nbsp;
+                <span class="sc-1">&lt;!--</span>
+<span class="sc-1">                 Certain Repo webscripts should be allowed to pass without a token since they have no Share knowledge.</span>
+<span class="sc-1">                 TODO: Refactor the publishing code so that form that is posted to this URL is a Share webscript with the right tokens.</span>
+<span class="sc-1">                 --&gt;</span>
+                <span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>POST<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/proxy/alfresco/api/publishing/channels/.+<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertReferer"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"referer"</span><span class="re2">&gt;</span></span>{referer}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertOrigin"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"origin"</span><span class="re2">&gt;</span></span>{origin}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                <span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
+&nbsp;
+&nbsp;
+&nbsp;
+                <span class="sc-1">&lt;!--</span>
+<span class="sc-1">                 Certain Surf POST requests from the WebScript console must be allowed to pass without a token since</span>
+<span class="sc-1">                 the Surf WebScript console code can't be dependent on a Share specific filter.</span>
+<span class="sc-1">                 --&gt;</span>
+                <span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>POST<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/page/caches/dependency/clear|/page/index|/page/surfBugStatus|/page/modules/deploy|/page/modules/module|/page/api/javascript/debugger|/page/console<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertReferer"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"referer"</span><span class="re2">&gt;</span></span>{referer}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertOrigin"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"origin"</span><span class="re2">&gt;</span></span>{origin}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                <span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
+&nbsp;
+&nbsp;
+&nbsp;
+                <span class="sc-1">&lt;!-- Certain Share POST requests does NOT require a token --&gt;</span>
+                <span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>POST<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/page/dologin(\?.+)?|/page/site/[^/]+/start-workflow|/page/start-workflow|/page/context/[^/]+/start-workflow<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertReferer"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"referer"</span><span class="re2">&gt;</span></span>{referer}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertOrigin"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"origin"</span><span class="re2">&gt;</span></span>{origin}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                <span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
+&nbsp;
+&nbsp;
+&nbsp;
+                <span class="sc-1">&lt;!-- Assert logout is done from a valid domain, if so clear the token when logging out --&gt;</span>
+                <span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>POST<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/page/dologout(\?.+)?<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertReferer"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"referer"</span><span class="re2">&gt;</span></span>{referer}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertOrigin"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"origin"</span><span class="re2">&gt;</span></span>{origin}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"clearToken"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"session"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"cookie"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                <span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
+&nbsp;
+&nbsp;
+&nbsp;
+                <span class="sc-1">&lt;!-- Make sure the first token is generated --&gt;</span>
+                <span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;session<span class="re2">&gt;</span></span></span>
+                            <span class="sc3"><span class="re1">&lt;attribute</span> <span class="re0">name</span>=<span class="st0">"_alf_USER_ID"</span><span class="re2">&gt;</span></span>.+<span class="sc3"><span class="re1">&lt;/attribute<span class="re2">&gt;</span></span></span>
+                            <span class="sc3"><span class="re1">&lt;attribute</span> <span class="re0">name</span>=<span class="st0">"{token}"</span><span class="re2">/&gt;</span></span>
+                            <span class="sc-1">&lt;!-- empty attribute element indicates null, meaning the token has not yet been set --&gt;</span>
+                        <span class="sc3"><span class="re1">&lt;/session<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"generateToken"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"session"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"cookie"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                <span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
+&nbsp;
+&nbsp;
+&nbsp;
+                <span class="sc-1">&lt;!-- Refresh token on new "page" visit when a user is logged in --&gt;</span>
+                <span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>GET<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/page/.*<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;session<span class="re2">&gt;</span></span></span>
+                            <span class="sc3"><span class="re1">&lt;attribute</span> <span class="re0">name</span>=<span class="st0">"_alf_USER_ID"</span><span class="re2">&gt;</span></span>.+<span class="sc3"><span class="re1">&lt;/attribute<span class="re2">&gt;</span></span></span>
+                            <span class="sc3"><span class="re1">&lt;attribute</span> <span class="re0">name</span>=<span class="st0">"{token}"</span><span class="re2">&gt;</span></span>.+<span class="sc3"><span class="re1">&lt;/attribute<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;/session<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"generateToken"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"session"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"cookie"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                <span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
+&nbsp;
+&nbsp;
+&nbsp;
+                <span class="sc-1">&lt;!--</span>
+<span class="sc-1">                 Verify multipart requests from logged in users contain the token as a parameter</span>
+<span class="sc-1">                 and also correct referer &amp; origin header if available</span>
+<span class="sc-1">                 --&gt;</span>
+                <span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>POST<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;header</span> <span class="re0">name</span>=<span class="st0">"Content-Type"</span><span class="re2">&gt;</span></span>multipart/.+<span class="sc3"><span class="re1">&lt;/header<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;session<span class="re2">&gt;</span></span></span>
+                            <span class="sc3"><span class="re1">&lt;attribute</span> <span class="re0">name</span>=<span class="st0">"_alf_USER_ID"</span><span class="re2">&gt;</span></span>.+<span class="sc3"><span class="re1">&lt;/attribute<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;/session<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertToken"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"session"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"parameter"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertReferer"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"referer"</span><span class="re2">&gt;</span></span>{referer}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertOrigin"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"origin"</span><span class="re2">&gt;</span></span>{origin}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                <span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
+&nbsp;
+&nbsp;
+&nbsp;
+                <span class="sc-1">&lt;!--</span>
+<span class="sc-1">                 Verify that all remaining state changing requests from logged in users' requests contains a token in the</span>
+<span class="sc-1">                 header and correct referer &amp; origin headers if available. We "catch" all content types since just setting it to</span>
+<span class="sc-1">                 "application/json.*" since a webscript that doesn't require a json request body otherwise would be</span>
+<span class="sc-1">                 successfully executed using i.e."text/plain".</span>
+<span class="sc-1">                 --&gt;</span>
+                <span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>POST|PUT|DELETE<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;session<span class="re2">&gt;</span></span></span>
+                            <span class="sc3"><span class="re1">&lt;attribute</span> <span class="re0">name</span>=<span class="st0">"_alf_USER_ID"</span><span class="re2">&gt;</span></span>.+<span class="sc3"><span class="re1">&lt;/attribute<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;/session<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertToken"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"session"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"header"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertReferer"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"referer"</span><span class="re2">&gt;</span></span>{referer}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertOrigin"</span><span class="re2">&gt;</span></span>
+                        <span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"origin"</span><span class="re2">&gt;</span></span>{origin}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
+                    <span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
+                <span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
+            <span class="sc3"><span class="re1">&lt;/filter<span class="re2">&gt;</span></span></span>
+        <span class="sc3"><span class="re1">&lt;/config<span class="re2">&gt;</span></span></span>
+    ...</pre>
+
+<p>
+
+Configure <abbr title="Security Assertion Markup Language">SAML</abbr> service provider using the Alfresco admin console (/alfresco/s/enterprise/admin/admin-saml).
+
+</p>
+
+<p>
+
+Set the following parameters:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  Enable <abbr title="Security Assertion Markup Language">SAML</abbr> Authentication (<abbr title="Authentification unique (Single Sign On)">SSO</abbr>): on</div>
+</li>
+<li class="level1"><div class="li">  Authentication service <abbr title="Uniform Resource Locator">URL</abbr>: <a href="https://auth.example.com/saml/singleSignOn" class="urlextern" title="https://auth.example.com/saml/singleSignOn"  rel="nofollow">https://auth.example.com/saml/singleSignOn</a></div>
+</li>
+<li class="level1"><div class="li">  Single Logout <abbr title="Uniform Resource Locator">URL</abbr>: <a href="https://auth.example.com/saml/singleLogout" class="urlextern" title="https://auth.example.com/saml/singleLogout"  rel="nofollow">https://auth.example.com/saml/singleLogout</a></div>
+</li>
+<li class="level1"><div class="li">  Single logout return <abbr title="Uniform Resource Locator">URL</abbr>: <a href="https://auth.example.com/saml/singleLogoutReturn" class="urlextern" title="https://auth.example.com/saml/singleLogoutReturn"  rel="nofollow">https://auth.example.com/saml/singleLogoutReturn</a></div>
+</li>
+<li class="level1"><div class="li">  Entity identification: <a href="http://alfresco.myecm.org:8080/share" class="urlextern" title="http://alfresco.myecm.org:8080/share"  rel="nofollow">http://alfresco.myecm.org:8080/share</a></div>
+</li>
+<li class="level1"><div class="li">  User ID mapping: Subject/NameID</div>
+</li>
+</ul>
+
+<p>
+
+To finish with Alfresco configuration, tick the “Enable <abbr title="Security Assertion Markup Language">SAML</abbr> authentication (<abbr title="Authentification unique (Single Sign On)">SSO</abbr>)” box.
+
+</p>
+
+</div><!-- EDIT7 SECTION "Alfresco" [3514-14172] -->
+
+<h3 class="sectionedit8" id="llng1">LL::NG</h3>
+<div class="level3">
+
+<p>
+
+Configure <abbr title="Security Assertion Markup Language">SAML</abbr> service and set a certificate as signature public key in metadata.
+
+</p>
+
+<p>
+
+Export Alfresco <abbr title="Security Assertion Markup Language">SAML</abbr> Metadata from admin console and import them in <abbr title="LemonLDAP::NG">LL::NG</abbr>.
+
+</p>
+
+<p>
+
+In the authentication response option, set:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  Default NameID Format: Unspecified</div>
+</li>
+<li class="level1"><div class="li">  Force NameID session key: uid</div>
+</li>
+</ul>
+
+<p>
+
+And you can define these exported attributes:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  GivenName</div>
+</li>
+<li class="level1"><div class="li">  Surname</div>
+</li>
+<li class="level1"><div class="li">  Email</div>
+</li>
+</ul>
+
+</div><!-- EDIT8 SECTION "LL::NG" [14173-14551] -->
+
+<h2 class="sectionedit9" id="other_resources">Autres documents</h2>
 <div class="level2">
 <ul>
 <li class="level1"><div class="li"> <a href="https://www.youtube.com/watch?v=5tS0XrC_-rw" class="urlextern" title="https://www.youtube.com/watch?v=5tS0XrC_-rw"  rel="nofollow">DevCon 2012: Unlocking the Secrets of Alfresco Authentication, Mehdi Belmekki</a></div>
 </li>
+<li class="level1"><div class="li"> <a href="https://community.alfresco.com/blogs/alfresco-premier-services/2017/08/03/setting-up-alfresco-saml-authentication-lemonldapng" class="urlextern" title="https://community.alfresco.com/blogs/alfresco-premier-services/2017/08/03/setting-up-alfresco-saml-authentication-lemonldapng"  rel="nofollow">Setting up Alfresco SAML authentication with LemonLDAP::NG</a></div>
+</li>
 </ul>

-</div><!-- EDIT6 SECTION "Other resources" [3337-] -->
+</div><!-- EDIT9 SECTION "Other resources" [14552-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/applications/aws.html
+++ b/po-doc/fr/pages/documentation/current/applications/aws.html
@ -0,0 +1,128 @@
+<!DOCTYPE html>
+<html lang="fr" dir="ltr">
+<head>
+    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
+  <meta charset="utf-8" />
+  <title>documentation:2.0:applications:aws</title><!-- //if:usedebianlibs
+  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
+//elsif:useexternallibs
+  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
+//elsif:cssminified
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
+//else --><!-- //endif -->
+<meta name="generator" content="DokuWiki"/>
+<meta name="robots" content="index,follow"/>
+<meta name="keywords" content="documentation,2.0,applications,aws"/>
+<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
+<link rel="start" href="aws.html"/>
+<link rel="contents" href="aws.html" title="Sitemap"/>
+<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
+
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
+
+<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:aws","namespace":"documentation:2.0:applications"};
+/*!]]>*/</script>
+<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
+<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
+//elsif:useexternallibs
+<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
+//elsif:jsminified
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
+//else -->
+
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
+  <script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
+//elsif:useexternallibs
+  <script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
+//elsif:jsminified
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
+//else -->
+
+
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script><!-- //endif -->
+
+</head>
+<body>
+<div class="dokuwiki export container">
+
+<h1 class="sectionedit1" id="amazon_web_services">Amazon Web Services</h1>
+<div class="level1">
+
+<p>
+<a href="https://aws.amazon.com" class="urlextern" title="https://aws.amazon.com"  rel="nofollow">Amazon Web Services</a> allows to delegate authentication through SAML2.
+
+</p>
+
+</div><!-- EDIT1 SECTION "Amazon Web Services" [1-132] -->
+
+<h2 class="sectionedit2" id="saml">SAML</h2>
+<div class="level2">
+<ul>
+<li class="level1"><div class="li">  Make sure you have followed the steps <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html" class="urlextern" title="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html"  rel="nofollow">here</a>.</div>
+</li>
+<li class="level1"><div class="li">  Go to <a href="https://your.portal.com/saml/metadata" class="urlextern" title="https://your.portal.com/saml/metadata"  rel="nofollow">https://your.portal.com/saml/metadata</a> and save the resulting file locally.</div>
+</li>
+<li class="level1"><div class="li">  In each AWS account, go to IAM → Identity providers → Create Provider.</div>
+</li>
+<li class="level1"><div class="li">  Select <code><abbr title="Security Assertion Markup Language">SAML</abbr></code> as the provider type</div>
+</li>
+<li class="level1"><div class="li">  Choose a name (best if kept consistent between accounts), and then choose the metadata file you saved above.</div>
+</li>
+<li class="level1"><div class="li">  Looking again at the links on the left side of the page, go to Roles → Create role</div>
+</li>
+<li class="level1"><div class="li">  Choose <code><abbr title="Security Assertion Markup Language">SAML</abbr> / Saml 2.0 federation</code></div>
+</li>
+<li class="level1"><div class="li">  Select the provider you just configured, click <code>Allow programmatic and AWSManagement Console access</code> which will fill in the rest of the form for you, then click next.</div>
+</li>
+<li class="level1"><div class="li">  Set whatever permissions you need to and then click <code>Review</code>.</div>
+</li>
+<li class="level1"><div class="li">  Choose a name for the role.  These will shown to people when they log in, so make them descriptive.  We have different accounts for different regions of the world, so I put the region into the role name so people know which account is which.</div>
+</li>
+</ul>
+<div class="noteclassic">If you have only one role, the configuration is simple. If you have multiple roles for different people, it is a little trickier. As you will see, the <abbr title="Security Assertion Markup Language">SAML</abbr> attributes are not dynamic, so you have to set them in the session when a user logs in or use a custom function. In this example, I wanted to avoid managing custom functions on all the servers, so the <abbr title="Security Assertion Markup Language">SAML</abbr> attributes are set in the session. We also use LDAP for user information, so I will describe that. In our LDAP tree, each user has attributes which are used quite heavily for dynamic groups and authorisation. You will want something similar, using whatever attribute makes sense to you. Par exemple :<pre class="code file ldif">  <span class="re0">dn</span>:<span class="re1"> uid=user,ou=people,dc=your,dc=com</span>
+  ...
+  <span class="re0">ou</span>:<span class="re1"> sysadmin</span>
+  <span class="re0">ou</span>:<span class="re1"> database</span>
+  <span class="re0">ou</span>:<span class="re1"> root</span></pre>
+
+</div><ul>
+<li class="level1"><div class="li">  Assuming you use the web interface to manage lemonldap, go to General Parameters → Authentication parameters → LDAP parameters → Exported variables. Here set the key to the LDAP attribute and the value to something sensible. I keep them the same to make it easy.</div>
+</li>
+<li class="level1"><div class="li">  Now go to *Variables → Macros*.  Here set up variables which will be computed based on the attributes you exported above.  You will need to emit strings in this format <code>arn:aws:iam::account-number:role/role-name1,arn:aws:iam::account-number:saml-provider/provider-name</code>. The parts you need to change are <code>account-number</code>, <code>role-name1</code> and <code>provier-name</code>. The last two will be the provider name and role names you just set up in AWS.</div>
+</li>
+<li class="level1"><div class="li">  Perl works in here, so something like this is valid:  <code>aws_eu_role</code> →  <code>$ou =~ sysadmin ? “arn:aws…” : “arn:…”</code></div>
+</li>
+<li class="level1"><div class="li">  If it easier, split multiple roles into different macros.  Then tie all the variables you define together into one string concatenating them  with whatever is in General Parameters → Advanced Parameters → Separator. Actually click into this field and move around with the arrow keys to see if there is a space, since spaces can be part of the separator.</div>
+</li>
+<li class="level1"><div class="li">  Remember macros are defined alphanumerically, so you want one right at the end, like <code>z_aws_roles</code> → <code>join(“; ”, $role_name1, $role_name2, …)</code></div>
+</li>
+<li class="level1"><div class="li">  On the left again, click <code><abbr title="Security Assertion Markup Language">SAML</abbr> service providers</code>, then <code>Add <abbr title="Security Assertion Markup Language">SAML</abbr> SP</code>.</div>
+</li>
+<li class="level1"><div class="li">  Enter a name, click ok, then select it on the left.  Select <code>Metadata</code>, then enter `<a href="https://signin.aws.amazon.com/static/saml-metadata.xml" class="urlextern" title="https://signin.aws.amazon.com/static/saml-metadata.xml"  rel="nofollow">https://signin.aws.amazon.com/static/saml-metadata.xml</a>` in the <code><abbr title="Uniform Resource Locator">URL</abbr></code> field, then click load.</div>
+</li>
+<li class="level1"><div class="li">  Click <code>Exported attributes</code> on the left, then <code>Add attribute</code> twice to add two attributes. The first field is the name of a variable set in the user's session:</div>
+<ul>
+<li class="level2"><div class="li"> <code>_whatToTrace</code> → <code><a href="https://aws.amazon.com/SAML/Attributes/RoleSessionName" class="urlextern" title="https://aws.amazon.com/SAML/Attributes/RoleSessionName"  rel="nofollow">https://aws.amazon.com/SAML/Attributes/RoleSessionName</a></code> (leave the rest)</div>
+</li>
+<li class="level2"><div class="li"> <code>z_aws_roles</code> (the macro name you defined above) → <code><a href="https://aws.amazon.com/SAML/Attributes/Role" class="urlextern" title="https://aws.amazon.com/SAML/Attributes/Role"  rel="nofollow">https://aws.amazon.com/SAML/Attributes/Role</a></code> (leave the rest)</div>
+</li>
+</ul>
+</li>
+<li class="level1"><div class="li">  On the left, select Options → Security →  Enable use of IDP initiated <abbr title="Uniform Resource Locator">URL</abbr> → On</div>
+</li>
+<li class="level1"><div class="li">  Select General Parameters → Portal → Menu → Categories and applications</div>
+</li>
+<li class="level1"><div class="li">  Select a category or create a new one if you need to.  Then click <code>New application</code>.    </div>
+</li>
+<li class="level1"><div class="li">  Enter a name etc.  For the <abbr title="Uniform Resource Locator">URL</abbr>, use <code><a href="https://your.portal.com/saml/singleSignOn?IDPInitiated=1&amp;sp=urn:amazon:webservices" class="urlextern" title="https://your.portal.com/saml/singleSignOn?IDPInitiated=1&amp;sp=urn:amazon:webservices"  rel="nofollow">https://your.portal.com/saml/singleSignOn?IDPInitiated=1&amp;sp=urn:amazon:webservices</a></code></div>
+</li>
+<li class="level1"><div class="li">  Display application should be set to <code>Enabled</code></div>
+</li>
+<li class="level1"><div class="li">  Go to your portal, click on the link, and check that it works!</div>
+</li>
+</ul>
+
+</div><!-- EDIT2 SECTION "SAML" [133-] -->
+</div>
+</body>
+</html>
--- a/po-doc/fr/pages/documentation/current/applications/dokuwiki.html
+++ b/po-doc/fr/pages/documentation/current/applications/dokuwiki.html
@ -51,10 +51,10 @@

 <ul class="toc">
 <li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
-<li class="level1"><div class="li"><a href="#installation">Installation</a></div></li>
-<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
+<li class="level1"><div class="li"><a href="#http_headers">HTTP headers</a></div>
 <ul class="toc">
-<li class="level2"><div class="li"><a href="#dokuwiki_local_configuration">Configuration locale Dokuwiki</a></div></li>
+<li class="level2"><div class="li"><a href="#plugin_installation">Plugin installation</a></div></li>
+<li class="level2"><div class="li"><a href="#dokuwiki_configuration">Dokuwiki configuration</a></div></li>
 <li class="level2"><div class="li"><a href="#dokuwiki_virtual_host">Dokuwiki virtual host</a></div></li>
 <li class="level2"><div class="li"><a href="#dokuwiki_virtual_host_in_manager">Hôte virtuel Dokuwiki dans le manager</a></div></li>
 </ul></li>
@ -80,37 +80,49 @@
 </p>
 <div class="notetip">Le wiki LemonLDAP::NG est un Dokuwiki !
 </div>
-<p>
-Il faut installer le plugin Dokuwiki disponible sur la <a href="../download.html#contributions" class="wikilink1" title="Téléchargement">page de téléchargement</a>. Ce plugin utilise la variable d'environnement <code>REMOTE_USER</code> pour récupérer le nom d'utilisateur connecté.
-</p>
+</div><!-- EDIT2 SECTION "Presentation" [65-559] -->

-</div><!-- EDIT2 SECTION "Presentation" [65-750] -->
-
-<h2 class="sectionedit3" id="installation">Installation</h2>
+<h2 class="sectionedit3" id="http_headers">HTTP headers</h2>
 <div class="level2">

 <p>
-<a href="../download.html#contributions" class="wikilink1" title="Téléchargement">Télécharger</a> le plugin et le copier dans le répertoire dokuwiki <code>inc/auth/</code> :
+
+You need to install a Dokuwiki plugin, available on <a href="https://www.dokuwiki.org/plugins" class="urlextern" title="https://www.dokuwiki.org/plugins"  rel="nofollow">Dokuwiki plugins registry</a>: <a href="https://www.dokuwiki.org/plugin:authlemonldap" class="urlextern" title="https://www.dokuwiki.org/plugin:authlemonldap"  rel="nofollow">https://www.dokuwiki.org/plugin:authlemonldap</a>
 </p>
-<pre class="code">cp lemonldap.class.php inc/auth/
-cp lemonldapuserdatabackend.class.php inc/auth/</pre>

-</div><!-- EDIT3 SECTION "Installation" [751-977] -->
+</div><!-- EDIT3 SECTION "HTTP headers" [560-748] -->

-<h2 class="sectionedit4" id="configuration">Configuration</h2>
-<div class="level2">
-
-</div><!-- EDIT4 SECTION "Configuration" [978-1004] -->
-
-<h3 class="sectionedit5" id="dokuwiki_local_configuration">Configuration locale Dokuwiki</h3>
+<h3 class="sectionedit4" id="plugin_installation">Plugin installation</h3>
 <div class="level3">

 <p>
-Éditer la configuration locale Dokuwiki (<code>conf/local.php</code>) et indiquer <code>lemonldap</code> comme type d'authentification :
-</p>
-<pre class="code file php"><span class="re0">$conf</span><span class="br0">[</span>authtype<span class="br0">]</span> <span class="sy0">=</span> lemonldap<span class="sy0">;</span></pre>

-</div><!-- EDIT5 SECTION "Dokuwiki local configuration" [1005-1194] -->
+Install the plugin using the <a href="https://www.dokuwiki.org/plugin:plugin" class="urlextern" title="https://www.dokuwiki.org/plugin:plugin"  rel="nofollow">Plugin Manager</a>.
+
+</p>
+
+</div><!-- EDIT4 SECTION "Plugin installation" [749-868] -->
+
+<h3 class="sectionedit5" id="dokuwiki_configuration">Dokuwiki configuration</h3>
+<div class="level3">
+
+<p>
+
+As administrator, go in Dokuwiki parameters and set:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  Authentication backend: authlemonldap</div>
+</li>
+<li class="level1"><div class="li">  Manager: set which users and/or groups will be admin</div>
+</li>
+</ul>
+
+<p>
+<a href="screenshot_dokuwiki_configuration.png_documentation_2.0_applications_dokuwiki.html" class="media" title="applications:screenshot_dokuwiki_configuration.png"><img src="screenshot_dokuwiki_configuration.png" class="mediacenter" alt="" /></a>
+</p>
+
+</div><!-- EDIT5 SECTION "Dokuwiki configuration" [869-1114] -->

 <h3 class="sectionedit6" id="dokuwiki_virtual_host">Dokuwiki virtual host</h3>
 <div class="level3">
@ -118,8 +130,7 @@ cp lemonldapuserdatabackend.class.php inc/auth/</pre>
 <p>
 Configurer l'hôte virtuel Dokuwiki comme n'importe quel autre <a href="../configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">hôte virtuel protégé</a>.
 </p>
-<div class="noteimportant">Si Dokuwiki est protégé par un reverse-proxy <abbr title="LemonLDAP::NG">LL::NG</abbr>, <a href="../header_remote_user_conversion.html" class="wikilink1" title="documentation:2.0:header_remote_user_conversion">convertir l'en-tête en variable d'environnement REMOTE_USER</a>.
-</div><ul>
+<ul>
 <li class="level1"><div class="li"> Pour Apache:</div>
 </li>
 </ul>
@ -170,7 +181,7 @@ Configurer l'hôte virtuel Dokuwiki comme n'importe quel autre <a href="../confi
  }
 }</pre>

-</div><!-- EDIT6 SECTION "Dokuwiki virtual host" [1195-2630] -->
+</div><!-- EDIT6 SECTION "Dokuwiki virtual host" [1115-2376] -->

 <h3 class="sectionedit7" id="dokuwiki_virtual_host_in_manager">Hôte virtuel Dokuwiki dans le manager</h3>
 <div class="level3">
@ -180,14 +191,28 @@ Aller dans le manager et <a href="../configvhost.html#lemonldapng_configuration"
 </p>

 <p>
-Configurer simplement la <a href="../writingrulesand_headers.html#rules" class="wikilink1" title="documentation:2.0:writingrulesand_headers">règle d'accès</a>.
+Configurer les <a href="../writingrulesand_headers.html#rules" class="wikilink1" title="documentation:2.0:writingrulesand_headers">règles d'accès</a>.
 </p>

 <p>
-Si <abbr title="LemonLDAP::NG">LL::NG</abbr> est utilisé par reverse-proxy, configurer l'<a href="../writingrulesand_headers.html#headers" class="wikilink1" title="documentation:2.0:writingrulesand_headers">en-tête</a> <code>Auth-User</code>, aucun autre en-tête n'est utile.
-</p>

-</div><!-- EDIT7 SECTION "Dokuwiki virtual host in Manager" [2631-] -->
+Configure the <a href="../writingrulesand_headers.html#headers" class="wikilink1" title="documentation:2.0:writingrulesand_headers">headers</a>:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  Auth-User $uid</div>
+</li>
+<li class="level1"><div class="li">  Auth-Cn: $cn</div>
+</li>
+<li class="level1"><div class="li">  Auth-Mail: $mail</div>
+</li>
+<li class="level1"><div class="li">  Auth-Groups: encode_base64($groups,'')</div>
+</li>
+</ul>
+<div class="noteimportant">To allow execution of encode_base64() method, you must deactivate the <a href="../safejail.html" class="wikilink1" title="documentation:2.0:safejail">Safe jail</a>.
+
+</div>
+</div><!-- EDIT7 SECTION "Dokuwiki virtual host in Manager" [2377-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/applications/grr.html
+++ b/po-doc/fr/pages/documentation/current/applications/grr.html
@ -43,7 +43,23 @@

 </head>
 <body>
-<div class="dokuwiki export container">
+<div class="dokuwiki export container"><!-- TOC START -->
+
+<div id="dw__toc">
+<h3 class="toggle">Table of Contents</h3>
+<div>
+
+<ul class="toc">
+<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
+<li class="level1"><div class="li"><a href="#http_header">HTTP header</a></div>
+<ul class="toc">
+<li class="level2"><div class="li"><a href="#configuration">Configuration</a></div></li>
+<li class="level2"><div class="li"><a href="#grr_virtual_host_in_llng">GRR virtual host in LL::NG</a></div></li>
+</ul></li>
+</ul>
+</div>
+</div><!-- TOC END -->
+

 <h1 class="sectionedit1" id="grr">GRR</h1>
 <div class="level1">
@ -63,14 +79,74 @@

 </div><!-- EDIT2 SECTION "Presentation" [62-150] -->

-<h3 class="sectionedit3" id="configuration">Configuration</h3>
+<h2 class="sectionedit3" id="http_header">HTTP header</h2>
+<div class="level2">
+
+</div><!-- EDIT3 SECTION "HTTP header" [151-175] -->
+
+<h3 class="sectionedit4" id="configuration">Configuration</h3>
 <div class="level3">

 <p>
-GRR dispose d'une page de configuration du <abbr title="Authentification unique (Single Sign On)">SSO</abbr> dans son panneau de configuration. Il suffit de choisir si l'utilisateur authentifié sera un "utilisateur" ou un "invité".
+GRR dispose d'une page de configuration du <abbr title="Authentification unique (Single Sign On)">SSO</abbr> dans son panneau de configuration.
 </p>

-</div><!-- EDIT3 SECTION "Configuration" [151-] -->
+<p>
+
+Do not use Lemonldap mode, which is for a very old Lemonldap version, but HTTP authentication.
+
+</p>
+
+<p>
+
+Set the default profile of connected users and which headers contains surname, firstname and mail.
+
+</p>
+
+<p>
+<img src="screenshot_grr_configuration.png" class="mediacenter" alt="" />
+</p>
+
+<p>
+
+GRR will check the username in REMOTE_USER, so use <a href="../header_remote_user_conversion.html" class="wikilink1" title="documentation:2.0:header_remote_user_conversion">remote header conversion</a> if you are in proxy mode.
+
+</p>
+
+</div><!-- EDIT4 SECTION "Configuration" [176-660] -->
+
+<h3 class="sectionedit5" id="grr_virtual_host_in_llng">GRR virtual host in LL::NG</h3>
+<div class="level3">
+
+<p>
+
+Access rules:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  ^/index.php ⇒ accept</div>
+</li>
+<li class="level1"><div class="li">  default ⇒ unprotect</div>
+</li>
+</ul>
+
+<p>
+
+Headers:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  Auth-User $uid</div>
+</li>
+<li class="level1"><div class="li">  Auth-Sn: $sn</div>
+</li>
+<li class="level1"><div class="li">  Auth-GivenName: $givenName</div>
+</li>
+<li class="level1"><div class="li">  Auth-Mail: $mail</div>
+</li>
+</ul>
+
+</div><!-- EDIT5 SECTION "GRR virtual host in LL::NG" [661-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/applications/img/icons.png
+++ b/po-doc/fr/pages/documentation/current/applications/img/icons.png
@ -90,7 +90,7 @@
        <form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
        
        <ul class="nav navbar-nav">
-                    <li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=fa0cc1a85fc0d1baf3a61bfee1cba736"  class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li>        </ul>
+                    <li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=cf4c71aa95ca9de8db78e281e71fa354"  class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li>        </ul>

      </div>

@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
      
    </div><!-- /site -->

-    <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1508842909" width="2" height="1" alt="" /></div>
+    <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1519247446" width="2" height="1" alt="" /></div>
    <div id="screen__mode" class="no">
      <span class="visible-xs"></span>
      <span class="visible-sm"></span>
--- a/po-doc/fr/pages/documentation/current/applications/img/loader.gif
+++ b/po-doc/fr/pages/documentation/current/applications/img/loader.gif
@ -90,7 +90,7 @@
        <form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
        
        <ul class="nav navbar-nav">
-                    <li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=fa0cc1a85fc0d1baf3a61bfee1cba736"  class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li>        </ul>
+                    <li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=cf4c71aa95ca9de8db78e281e71fa354"  class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li>        </ul>

      </div>

@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
      
    </div><!-- /site -->

-    <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1508842909" width="2" height="1" alt="" /></div>
+    <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1519247446" width="2" height="1" alt="" /></div>
    <div id="screen__mode" class="no">
      <span class="visible-xs"></span>
      <span class="visible-sm"></span>
--- a/po-doc/fr/pages/documentation/current/applications/limesurvey.html
+++ b/po-doc/fr/pages/documentation/current/applications/limesurvey.html
@ -51,7 +51,7 @@

 <ul class="toc">
 <li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
-<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
+<li class="level1"><div class="li"><a href="#http_headers">HTTP Headers</a></div>
 <ul class="toc">
 <li class="level2"><div class="li"><a href="#limesurvey_configuration">Configuration de LimeSurvey</a></div></li>
 <li class="level2"><div class="li"><a href="#limesurvey_virtual_host">Hôte virtuel LimeSurvey</a></div></li>
@ -79,59 +79,80 @@
 <div class="level2">

 <p>
-<a href="http://www.limesurvey.org" class="urlextern" title="http://www.limesurvey.org"  rel="nofollow">LimeSurvey</a> est un logiciel de sondage écrit en PHP. LimeSurvey has a webserver authentication mode that allows one to integrate it directly into LemonLDAP::NG.
+<a href="http://www.limesurvey.org" class="urlextern" title="http://www.limesurvey.org"  rel="nofollow">LimeSurvey</a> est un logiciel de sondage écrit en PHP. 
+</p>
+
+</div><!-- EDIT2 SECTION "Presentation" [71-180] -->
+
+<h2 class="sectionedit3" id="http_headers">HTTP Headers</h2>
+<div class="level2">
+
+<p>
+
+LimeSurvey has a webserver authentication mode that allows one to integrate it directly into LemonLDAP::NG.
+
 </p>

 <p>
-Pour une meilleure integration, LimeSurvey doit être configuré pour créer automatiquement les utilisateurs inconnus et utiliser les en-têtes HTTP pour remplir le nom, le mail et les rôles. Par exemple, en utilisant 3 rôles :
+
+To have a stronger integration, we will configure LimeSurvey to autocreate unknown users and use HTTP headers to fill name and mail.
+
 </p>
-<ul>
-<li class="level1"><div class="li"> User : peut répondre aux surveillances</div>
-</li>
-<li class="level1"><div class="li"> Admin : peut créer des surveillances</div>
-</li>
-<li class="level1"><div class="li"> Superadmin : personne ne peut l'arrêter !</div>
-</li>
-</ul>
-
-</div><!-- EDIT2 SECTION "Presentation" [71-561] -->
-
-<h2 class="sectionedit3" id="configuration">Configuration</h2>
-<div class="level2">
 <div class="noteclassic">On suppose que LimeSurvey est installé dans /var/www/html/limesurvey
 </div>
-</div><!-- EDIT3 SECTION "Configuration" [562-670] -->
+</div><!-- EDIT3 SECTION "HTTP Headers" [181-531] -->

 <h3 class="sectionedit4" id="limesurvey_configuration">Configuration de LimeSurvey</h3>
 <div class="level3">

 <p>
-La configuration est effectuée via config.php:
+
+In Administration panel, go in Configuration &gt; Parameters &gt; Extensions manager. Select the WebServer module and configure it.
+
 </p>
-<pre class="code">vi /var/www/html/limesurvey/config.php</pre>
-<pre class="code file php"><span class="co1">//==================================</span>
-<span class="co1">// WebSSO</span>
-<span class="co1">//==================================</span>
-&nbsp;
-<span class="re0">$useWebserverAuth</span> <span class="sy0">=</span> <span class="kw4">true</span><span class="sy0">;</span>
-<span class="re0">$WebserverAuth_autocreateUser</span> <span class="sy0">=</span> <span class="kw4">true</span><span class="sy0">;</span>
-<span class="re0">$WebserverAuth_autouserprofile</span> <span class="sy0">=</span> <a href="http://www.php.net/array"><span class="kw3">Array</span></a><span class="br0">(</span>
- <span class="st_h">'full_name'</span> <span class="sy0">=&gt;</span> <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st_h">'HTTP_AUTH_CN'</span><span class="br0">]</span><span class="sy0">,</span>
- <span class="st_h">'email'</span> <span class="sy0">=&gt;</span> <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st_h">'HTTP_AUTH_MAIL'</span><span class="br0">]</span><span class="sy0">,</span>
- <span class="st_h">'lang'</span> <span class="sy0">=&gt;</span> <span class="st_h">'en'</span><span class="sy0">,</span>
- <span class="st_h">'htmleditormode'</span> <span class="sy0">=&gt;</span> <span class="st_h">'inline'</span><span class="sy0">,</span>
- <span class="st_h">'templatelist'</span> <span class="sy0">=&gt;</span> <span class="st_h">'default,basic,MyOrgTemplate'</span><span class="sy0">,</span>
- <span class="st_h">'create_survey'</span> <span class="sy0">=&gt;</span> <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st_h">'HTTP_AUTH_ADMIN'</span><span class="br0">]</span> <span class="sy0">||</span> <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st_h">'HTTP_AUTH_SUPERADMIN'</span><span class="br0">]</span><span class="sy0">,</span>
- <span class="st_h">'create_user'</span> <span class="sy0">=&gt;</span>  <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st_h">'HTTP_AUTH_SUPERADMIN'</span><span class="br0">]</span><span class="sy0">,</span>
- <span class="st_h">'delete_user'</span> <span class="sy0">=&gt;</span>  <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st_h">'HTTP_AUTH_SUPERADMIN'</span><span class="br0">]</span><span class="sy0">,</span>
- <span class="st_h">'superadmin'</span> <span class="sy0">=&gt;</span> <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st_h">'HTTP_AUTH_SUPERADMIN'</span><span class="br0">]</span><span class="sy0">,</span>
- <span class="st_h">'configurator'</span> <span class="sy0">=&gt;</span>  <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st_h">'HTTP_AUTH_SUPERADMIN'</span><span class="br0">]</span><span class="sy0">,</span>
- <span class="st_h">'manage_template'</span> <span class="sy0">=&gt;</span>  <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st_h">'HTTP_AUTH_SUPERADMIN'</span><span class="br0">]</span><span class="sy0">,</span>
- <span class="st_h">'manage_label'</span> <span class="sy0">=&gt;</span>  <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st_h">'HTTP_AUTH_SUPERADMIN'</span><span class="br0">]</span>
-<span class="br0">)</span><span class="sy0">;</span></pre>
-<div class="notetip">On utilise les en-têtes HTTP pour trouver le profil utilisateur par défaut.
+
+<p>
+<img src="screenshot_limesurvey_configuration.png" class="mediacenter" title="
+" alt="
+" />
+</p>
+
+<p>
+
+This is enough for the authentication part.
+
+</p>
+<div class="notetip">If you are blocked, you can deactivate the plugin with this request in database:
+
+<pre class="code">update lime_plugins SET active=0 where name="Authwebserver";</pre>
+
 </div>
-</div><!-- EDIT4 SECTION "LimeSurvey configuration" [671-1676] -->
+<p>
+
+To configure account autocreation, you need to edit application/config/config.php:
+The configuration is done in config.php:
+
+</p>
+<pre class="code">vi /var/www/html/limesurvey/application/config/config.php</pre>
+<pre class="code file php">        <span class="st_h">'config'</span><span class="sy0">=&gt;</span><a href="http://www.php.net/array"><span class="kw3">array</span></a><span class="br0">(</span>
+        <span class="co1">// debug: Set this to 1 if you are looking for errors. If you still get no errors after enabling this</span>
+        <span class="co1">// then please check your error-logs - either in your hosting provider admin panel or in some /logs directory</span>
+        <span class="co1">// on your webspace.</span>
+        <span class="co1">// LimeSurvey developers: Set this to 2 to additionally display STRICT PHP error messages and get full access to standard templates</span>
+                <span class="st_h">'debug'</span><span class="sy0">=&gt;</span><span class="nu0">0</span><span class="sy0">,</span>
+                <span class="st_h">'debugsql'</span><span class="sy0">=&gt;</span><span class="nu0">0</span><span class="sy0">,</span> <span class="co1">// Set this to 1 to enanble sql logging, only active when debug = 2</span>
+                <span class="co1">// Update default LimeSurvey config here</span>
+                <span class="st_h">'auth_webserver_autocreate_user'</span> <span class="sy0">=&gt;</span> <span class="kw4">true</span><span class="sy0">,</span>
+                <span class="st_h">'auth_webserver_autocreate_profile'</span> <span class="sy0">=&gt;</span> <a href="http://www.php.net/array"><span class="kw3">Array</span></a><span class="br0">(</span><span class="st_h">'full_name'</span> <span class="sy0">=&gt;</span> <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st_h">'HTTP_AUTH_CN'</span><span class="br0">]</span><span class="sy0">,</span><span class="st_h">'email'</span> <span class="sy0">=&gt;</span> <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st_h">'HTTP_AUTH_MAIL'</span><span class="br0">]</span><span class="sy0">,</span><span class="st_h">'lang'</span><span class="sy0">=&gt;</span><span class="st_h">'en'</span><span class="br0">)</span><span class="sy0">,</span>
+                <span class="st_h">'auth_webserver_autocreate_permissions'</span> <span class="sy0">=&gt;</span> <a href="http://www.php.net/array"><span class="kw3">Array</span></a><span class="br0">(</span><span class="st_h">'surveys'</span> <span class="sy0">=&gt;</span> <a href="http://www.php.net/array"><span class="kw3">array</span></a><span class="br0">(</span><span class="st_h">'create'</span><span class="sy0">=&gt;</span><span class="kw4">true</span><span class="sy0">,</span><span class="st_h">'read'</span><span class="sy0">=&gt;</span><span class="kw4">false</span><span class="sy0">,</span><span class="st_h">'update'</span><span class="sy0">=&gt;</span><span class="kw4">false</span><span class="sy0">,</span><span class="st_h">'delete'</span><span class="sy0">=&gt;</span><span class="kw4">false</span><span class="br0">)</span><span class="br0">)</span><span class="sy0">,</span>
+                <span class="br0">)</span></pre>
+
+<p>
+
+See also <a href="https://manual.limesurvey.org/Optional_settings#Authentication_delegation_with_automatic_user_import" class="urlextern" title="https://manual.limesurvey.org/Optional_settings#Authentication_delegation_with_automatic_user_import"  rel="nofollow">https://manual.limesurvey.org/Optional_settings#Authentication_delegation_with_automatic_user_import</a>
+</p>
+
+</div><!-- EDIT4 SECTION "LimeSurvey configuration" [532-2298] -->

 <h3 class="sectionedit5" id="limesurvey_virtual_host">Hôte virtuel LimeSurvey</h3>
 <div class="level3">
@ -139,62 +160,8 @@ La configuration est effectuée via config.php:
 <p>
 Configurer l'hôte virtuel LimeSurvey comme n'importe quel autre <a href="../configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">hôte virtuel protégé</a>.
 </p>
-<ul>
-<li class="level1"><div class="li"> Pour Apache:</div>
-</li>
-</ul>
-<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
-       <span class="kw1">ServerName</span> limesurvey.example.com
-&nbsp;
-       PerlHeaderParserHandler Lemonldap::NG::Handler
-&nbsp;
-       <span class="kw1">SetEnvIfNoCase</span> Auth-<span class="kw1">User</span> <span class="st0">"(.*)"</span> PHP_AUTH_USER=$1
-&nbsp;
-       <span class="kw1">Alias</span> /limesurvey /var/www/html/limesurvey
-      <span class="kw1">DocumentRoot</span> /var/www/html/limesurvey
-&nbsp;
-&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>
-<div class="noteimportant">Il faut renseigner la variable PHP_AUTH_USER pour faire fonctionner le mode d'authentification par serveur web.
-</div><ul>
-<li class="level1"><div class="li"> Pour Nginx:</div>
-</li>
-</ul>
-<pre class="code file nginx">server {
-  listen 80;
-  server_name limesurvey.example.com;
-  root /path/to/application;
-  # Requête interne d'authentification
-  location = /lmauth {
-    internal;
-    include /etc/nginx/fastcgi_params;
-    fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
-    # Ignorer les données postées
-    fastcgi_pass_request_body  off;
-    fastcgi_param CONTENT_LENGTH "";
-    # Conserver le nom d'hôte original
-    fastcgi_param HOST $http_host;
-    # Conserver la requête originale (le serveur LLNG va recevoir /llauth)
-    fastcgi_param X_ORIGINAL_URI  $request_uri;
-  } 
-&nbsp;
-  # Requêtes clients
-  location / {
-    auth_request /lmauth;
-    auth_request_set $lmremote_user $upstream_http_lm_remote_user;
-    auth_request_set $lmlocation $upstream_http_location;
-    error_page 401 $lmlocation;
-    try_files $uri $uri/ =404;
-&nbsp;
-    ...
-&nbsp;
-    include /etc/lemonldap-ng/nginx-lua-headers.conf;
-  }
-  location / {
-    try_files $uri $uri/ =404;
-  }
-}</pre>

-</div><!-- EDIT5 SECTION "LimeSurvey virtual host" [1677-3196] -->
+</div><!-- EDIT5 SECTION "LimeSurvey virtual host" [2299-2422] -->

 <h3 class="sectionedit6" id="limesurvey_virtual_host_in_manager">Hôte virtuel LimeSurvey dans le manager</h3>
 <div class="level3">
@ -222,15 +189,8 @@ Aller dans le manager et <a href="../configvhost.html#lemonldapng_configuration"
 	<tr class="row3 rowodd">
 		<td class="col0 centeralign">    Auth-Mail    </td><td class="col1 centeralign">  Email de l'utilisateur  </td>
 	</tr>
-	<tr class="row4 roweven">
-		<td class="col0 centeralign">    Auth-Admin    </td><td class="col1 centeralign">  1 si l'utilisateur est administrateur  </td>
-	</tr>
-	<tr class="row5 rowodd">
-		<td class="col0 centeralign">    Auth-SuperAdmin    </td><td class="col1 centeralign">  1 si l'utilisateur est super-administrateur  </td>
-	</tr>
-</table></div><!-- EDIT7 TABLE [3369-3587] -->
-<div class="notetip">On peut gérer les rôles avec le <a href="../rbac.html" class="wikilink1" title="documentation:2.0:rbac">modèle RBAC</a> ou en utilisant les groupes.
-</div>
+</table></div><!-- EDIT7 TABLE [2595-2723] -->
+
 </div>

 <h4 id="rules">Règles</h4>
@ -242,15 +202,15 @@ Aller dans le manager et <a href="../configvhost.html#lemonldapng_configuration"
 	</tr>
 	</thead>
 	<tr class="row1 rowodd">
-		<td class="col0 centeralign">  Déconnexion  </td><td class="col1 centeralign">    action=logout$    </td><td class="col2 centeralign">  Règle de déconnexion (par exemple logout_app_sso)  </td>
+		<td class="col0 centeralign">  Déconnexion  </td><td class="col1 centeralign">    /sa/logout$    </td><td class="col2 centeralign">  Règle de déconnexion (par exemple logout_app_sso)  </td>
 	</tr>
 	<tr class="row2 roweven">
-		<td class="col0 centeralign">    Admin      </td><td class="col1 centeralign">    ^/limesurvey/admin/    </td><td class="col2 centeralign">  Autorisé seulement pour les rôles admin et superadmin  </td>
+		<td class="col0 centeralign">    Admin      </td><td class="col1 centeralign">    ^/(index\.php/)?admin    </td><td class="col2 centeralign">    Allow only admin and superadmin users    </td>
 	</tr>
 	<tr class="row3 rowodd">
 		<td class="col0 centeralign">  Défaut  </td><td class="col1 centeralign">    default    </td><td class="col2 centeralign">  Autorise seulement les utilisateurs avec un rôle LimeSurvey  </td>
 	</tr>
-</table></div><!-- EDIT8 TABLE [3694-3979] -->
+</table></div><!-- EDIT8 TABLE [2740-3024] -->
 <div class="notetip">Il est possible de mettre l'accès par défaut à :<ul>
 <li class="level1"><div class="li"> <strong>accept</strong> : tous les utilisateurs authentifiés peuvent accéder aux surveillances</div>
 </li>
@ -259,7 +219,7 @@ Aller dans le manager et <a href="../configvhost.html#lemonldapng_configuration"
 </ul>

 </div>
-</div><!-- EDIT6 SECTION "LimeSurvey virtual host in Manager" [3197-] -->
+</div><!-- EDIT6 SECTION "LimeSurvey virtual host in Manager" [2423-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/applications/office365.html
+++ b/po-doc/fr/pages/documentation/current/applications/office365.html
@ -0,0 +1,180 @@
+<!DOCTYPE html>
+<html lang="fr" dir="ltr">
+<head>
+    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
+  <meta charset="utf-8" />
+  <title>documentation:2.0:applications:office365</title><!-- //if:usedebianlibs
+  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
+//elsif:useexternallibs
+  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
+//elsif:cssminified
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
+//else --><!-- //endif -->
+<meta name="generator" content="DokuWiki"/>
+<meta name="robots" content="index,follow"/>
+<meta name="keywords" content="documentation,2.0,applications,office365"/>
+<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
+<link rel="start" href="office365.html"/>
+<link rel="contents" href="office365.html" title="Sitemap"/>
+<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
+
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
+
+<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:office365","namespace":"documentation:2.0:applications"};
+/*!]]>*/</script>
+<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
+<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
+//elsif:useexternallibs
+<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
+//elsif:jsminified
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
+//else -->
+
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
+  <script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
+//elsif:useexternallibs
+  <script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
+//elsif:jsminified
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
+//else -->
+
+
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script><!-- //endif -->
+
+</head>
+<body>
+<div class="dokuwiki export container"><!-- TOC START -->
+
+<div id="dw__toc">
+<h3 class="toggle">Table of Contents</h3>
+<div>
+
+<ul class="toc">
+<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
+<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
+<ul class="toc">
+<li class="level2"><div class="li"><a href="#office_3651">Office 365</a></div></li>
+<li class="level2"><div class="li"><a href="#lemonldapng">LemonLDAP::NG</a></div></li>
+</ul></li>
+</ul>
+</div>
+</div><!-- TOC END -->
+
+
+<h1 class="sectionedit1" id="office_365">Office 365</h1>
+<div class="level1">
+
+<p>
+<img src="logo_office_365.png" class="mediacenter" alt="" />
+</p>
+
+</div><!-- EDIT1 SECTION "Office 365" [1-74] -->
+
+<h2 class="sectionedit2" id="presentation">Présentation</h2>
+<div class="level2">
+
+<p>
+<a href="https://en.wikipedia.org/wiki/Office_365" class="urlextern" title="https://en.wikipedia.org/wiki/Office_365"  rel="nofollow">Office 365</a> provides online access to Microsoft products like Office, Outlook or Yammer. Authentication is done on <a href="https://login.microsoftonline.com/" class="urlextern" title="https://login.microsoftonline.com/"  rel="nofollow">https://login.microsoftonline.com/</a> and can be forwarded to an <abbr title="Security Assertion Markup Language">SAML</abbr> Identity Provider.
+
+</p>
+
+</div><!-- EDIT2 SECTION "Presentation" [75-346] -->
+
+<h2 class="sectionedit3" id="configuration">Configuration</h2>
+<div class="level2">
+
+</div><!-- EDIT3 SECTION "Configuration" [347-373] -->
+
+<h3 class="sectionedit4" id="office_3651">Office 365</h3>
+<div class="level3">
+
+<p>
+
+You first need to install AzureAD PowerShell to be able to run administrative commands.
+
+</p>
+
+<p>
+
+Then run this script:
+
+</p>
+<pre class="code bash"><span class="re1">$dom</span> = <span class="st0">"mycompany.com"</span>
+<span class="re1">$brand</span> = <span class="st0">"My Company"</span>
+<span class="re1">$url</span> = <span class="st0">"https://auth.example.com/saml/singleSignOn"</span>
+<span class="re1">$uri</span> = <span class="st0">"https://auth.example.com/saml/metadata"</span>
+<span class="re1">$logouturl</span> = <span class="st0">"https://auth.example.com/?logout=1"</span>
+<span class="re1">$cert</span> = <span class="st0">"xxxxxxxxxxxxxxxxxxx"</span>
+&nbsp;
+Set-MsolDomainAuthentication –DomainName <span class="re1">$dom</span> <span class="re5">-FederationBrandName</span> <span class="re1">$brand</span> <span class="re5">-Authentication</span> Federated  <span class="re5">-PassiveLogOnUri</span> <span class="re1">$url</span> <span class="re5">-SigningCertificate</span> <span class="re1">$cert</span> <span class="re5">-IssuerUri</span> <span class="re1">$uri</span>  <span class="re5">-LogOffUri</span> <span class="re1">$logouturl</span> <span class="re5">-PreferredAuthenticationProtocol</span> SAMLP</pre>
+
+<p>
+
+Where parameters are:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  dom: Your Office 365 domain</div>
+</li>
+<li class="level1"><div class="li">  brand: Simple label</div>
+</li>
+<li class="level1"><div class="li">  url: The <abbr title="Security Assertion Markup Language">SAML</abbr> <abbr title="Authentification unique (Single Sign On)">SSO</abbr> endpoint</div>
+</li>
+<li class="level1"><div class="li">  uri: The <abbr title="Security Assertion Markup Language">SAML</abbr> metadata endpoint</div>
+</li>
+<li class="level1"><div class="li">  logouturl: Logout <abbr title="Uniform Resource Locator">URL</abbr></div>
+</li>
+<li class="level1"><div class="li">  cert: The <abbr title="Security Assertion Markup Language">SAML</abbr> certificate containing the signature public key</div>
+</li>
+</ul>
+
+<p>
+
+If you have several Office365 domains, you can't use the same URLs for each domains. To be able to have a single <abbr title="Security Assertion Markup Language">SAML</abbr> IDP for several domains, you must add the 'domain' GET parameters at the end of <abbr title="Authentification unique (Single Sign On)">SSO</abbr> endpoint and metadata URLs, for example:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  domain 'mycompany.com':</div>
+<ul>
+<li class="level2"><div class="li">  url: <a href="https://auth.example.com/saml/singleSignOn?domain=mycompany" class="urlextern" title="https://auth.example.com/saml/singleSignOn?domain=mycompany"  rel="nofollow">https://auth.example.com/saml/singleSignOn?domain=mycompany</a></div>
+</li>
+<li class="level2"><div class="li">  uri: <a href="https://auth.example.com/saml/metadata?domain=mycompany" class="urlextern" title="https://auth.example.com/saml/metadata?domain=mycompany"  rel="nofollow">https://auth.example.com/saml/metadata?domain=mycompany</a></div>
+</li>
+</ul>
+</li>
+<li class="level1"><div class="li">  domain 'myfirm.com':</div>
+<ul>
+<li class="level2"><div class="li">  url: <a href="https://auth.example.com/saml/singleSignOn?domain=myfirm" class="urlextern" title="https://auth.example.com/saml/singleSignOn?domain=myfirm"  rel="nofollow">https://auth.example.com/saml/singleSignOn?domain=myfirm</a></div>
+</li>
+<li class="level2"><div class="li">  uri: <a href="https://auth.example.com/saml/metadata?domain=myfirm" class="urlextern" title="https://auth.example.com/saml/metadata?domain=myfirm"  rel="nofollow">https://auth.example.com/saml/metadata?domain=myfirm</a></div>
+</li>
+</ul>
+</li>
+</ul>
+
+</div><!-- EDIT4 SECTION "Office 365" [374-1788] -->
+
+<h3 class="sectionedit5" id="lemonldapng">LemonLDAP::NG</h3>
+<div class="level3">
+
+<p>
+
+Create a new <abbr title="Security Assertion Markup Language">SAML</abbr> Service Provider and import Microsoft metadata from <a href="https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml" class="urlextern" title="https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml"  rel="nofollow">https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml</a>
+</p>
+
+<p>
+
+Set the NameID value to persistent, or any immutable value for the user.
+
+</p>
+
+<p>
+
+Create a <abbr title="Security Assertion Markup Language">SAML</abbr> attribute named IDPEmail which contains the user principal name (UPN).
+
+</p>
+
+</div><!-- EDIT5 SECTION "LemonLDAP::NG" [1789-] -->
+</div>
+</body>
+</html>
--- a/po-doc/fr/pages/documentation/current/applications/sap.html
+++ b/po-doc/fr/pages/documentation/current/applications/sap.html
@ -0,0 +1,78 @@
+<!DOCTYPE html>
+<html lang="fr" dir="ltr">
+<head>
+    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
+  <meta charset="utf-8" />
+  <title>documentation:2.0:applications:sap</title><!-- //if:usedebianlibs
+  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
+//elsif:useexternallibs
+  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
+//elsif:cssminified
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
+//else --><!-- //endif -->
+<meta name="generator" content="DokuWiki"/>
+<meta name="robots" content="index,follow"/>
+<meta name="keywords" content="documentation,2.0,applications,sap"/>
+<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
+<link rel="start" href="sap.html"/>
+<link rel="contents" href="sap.html" title="Sitemap"/>
+<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
+
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
+
+<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:sap","namespace":"documentation:2.0:applications"};
+/*!]]>*/</script>
+<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
+<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
+//elsif:useexternallibs
+<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
+//elsif:jsminified
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
+//else -->
+
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
+  <script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
+//elsif:useexternallibs
+  <script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
+//elsif:jsminified
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
+//else -->
+
+
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script><!-- //endif -->
+
+</head>
+<body>
+<div class="dokuwiki export container">
+
+<h1 class="sectionedit1" id="sap">SAP</h1>
+<div class="level1">
+
+<p>
+<a href="saplogo.gif_documentation_2.0_applications_sap.html" class="media" title="applications:saplogo.gif"><img src="saplogo.gif" class="mediacenter" title="SAP" alt="SAP" /></a>
+</p>
+
+</div><!-- EDIT1 SECTION "SAP" [1-56] -->
+
+<h2 class="sectionedit2" id="http_header">HTTP header</h2>
+<div class="level2">
+
+<p>
+
+Read the following documentation: <a href="http://help.sap.com/saphelp_nw70/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm" class="urlextern" title="http://help.sap.com/saphelp_nw70/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm"  rel="nofollow">http://help.sap.com/saphelp_nw70/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm</a>
+</p>
+
+</div><!-- EDIT2 SECTION "HTTP header" [57-208] -->
+
+<h2 class="sectionedit3" id="saml">SAML</h2>
+<div class="level2">
+
+<p>
+
+Read the following documentation: <a href="https://help.sap.com/saphelp_nw70/helpdata/en/94/695b3ebd564644e10000000a114084/content.htm" class="urlextern" title="https://help.sap.com/saphelp_nw70/helpdata/en/94/695b3ebd564644e10000000a114084/content.htm"  rel="nofollow">https://help.sap.com/saphelp_nw70/helpdata/en/94/695b3ebd564644e10000000a114084/content.htm</a>
+</p>
+
+</div><!-- EDIT3 SECTION "SAML" [209-] -->
+</div>
+</body>
+</html>
--- a/po-doc/fr/pages/documentation/current/applications/saplogo.gif_documentation_2.0_applications_sap.html
+++ b/po-doc/fr/pages/documentation/current/applications/saplogo.gif_documentation_2.0_applications_sap.html
@ -0,0 +1,105 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
+ lang="fr" dir="ltr" class="no-js">
+<head>
+    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
+  <meta charset="UTF-8" />
+  <title>applications:saplogo.gif [LemonLDAP::NG]</title>
+  <script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
+  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
+//elsif:useexternallibs
+  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
+//elsif:cssminified
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
+//else --><!-- //endif -->
+  <meta name="viewport" content="width=device-width,initial-scale=1" />
+  <link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
+<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
+      
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
+/&gt;
+    
+    <script type="text/javascript">/*<![CDATA[*/
+    var TPL_CONFIG = {"tableFullWidth":1};
+  /*!]]>*/</script><!-- //if:usedebianlibs
+  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
+//elsif:useexternallibs
+  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
+//elsif:cssminified
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
+//else --><!-- //endif -->
+  <meta name="generator" content="DokuWiki"/>
+<meta name="robots" content="index,follow"/>
+<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
+<link rel="start" href="sap.html"/>
+<link rel="contents" href="sap.html" title="Sitemap"/>
+<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
+
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
+
+<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
+/*!]]>*/</script>
+<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
+<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
+//elsif:useexternallibs
+<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
+//elsif:jsminified
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
+//else -->
+
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
+  <script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
+//elsif:useexternallibs
+  <script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
+//elsif:jsminified
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
+//else -->
+
+
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script><!-- //endif -->
+
+  <script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
+  <![endif]-->
+  
+  
+  
+</head>
+
+<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
+  
+  <div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3   ">
+
+    
+    
+      <h1 class="page-header">
+        <i class="glyphicon glyphicon-picture"></i>  applications:saplogo.gif            </h1>
+
+      <div class="content">
+
+        <a href="saplogo.0fea6a13c52b4d4725368f24b045ca84.gif" title="View original file"><img width="73" height="36" class="img_detail" alt="saplogo.gif" title="saplogo.gif" src="saplogo.951291dc5d49a61fed6af1b6c94c5cf5.gif"/></a>
+        <div class="img_detail">
+
+          <div class="panel panel-default">
+            <div class="panel-heading">
+              <h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i>  saplogo.gif</h2>
+            </div>
+            <div class="panel-body">
+              <dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>saplogo.gif</dd><dt>Format:</dt><dd>GIF</dd><dt>Size:</dt><dd>538B</dd><dt>Width:</dt><dd>73</dd><dt>Height:</dt><dd>36</dd></dl>                          </div>
+          </div>
+
+        </div>
+      </div><!-- /.content -->
+
+      <p class="back">
+
+        </p><hr/>
+
+        <div class="btn-group">
+          <a href="sap.html"  class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:sap [B]">Back to documentation:2.0:applications:sap</a>                  </div>
+
+      </p>
+
+      </div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
+  
+</body>
+</html>
--- a/po-doc/fr/pages/documentation/current/applications/screenshot_dokuwiki_configuration.png_documentation_2.0_applications_dokuwiki.html
+++ b/po-doc/fr/pages/documentation/current/applications/screenshot_dokuwiki_configuration.png_documentation_2.0_applications_dokuwiki.html
@ -0,0 +1,105 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
+ lang="fr" dir="ltr" class="no-js">
+<head>
+    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
+  <meta charset="UTF-8" />
+  <title>applications:screenshot_dokuwiki_configuration.png [LemonLDAP::NG]</title>
+  <script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
+  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
+//elsif:useexternallibs
+  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
+//elsif:cssminified
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
+//else --><!-- //endif -->
+  <meta name="viewport" content="width=device-width,initial-scale=1" />
+  <link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
+<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
+      
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
+/&gt;
+    
+    <script type="text/javascript">/*<![CDATA[*/
+    var TPL_CONFIG = {"tableFullWidth":1};
+  /*!]]>*/</script><!-- //if:usedebianlibs
+  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
+//elsif:useexternallibs
+  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
+//elsif:cssminified
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
+//else --><!-- //endif -->
+  <meta name="generator" content="DokuWiki"/>
+<meta name="robots" content="index,follow"/>
+<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
+<link rel="start" href="dokuwiki.html"/>
+<link rel="contents" href="dokuwiki.html" title="Sitemap"/>
+<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
+
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
+
+<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
+/*!]]>*/</script>
+<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
+<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
+//elsif:useexternallibs
+<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
+//elsif:jsminified
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
+//else -->
+
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
+  <script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
+//elsif:useexternallibs
+  <script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
+//elsif:jsminified
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
+//else -->
+
+
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script><!-- //endif -->
+
+  <script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
+  <![endif]-->
+  
+  
+  
+</head>
+
+<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
+  
+  <div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3   ">
+
+    
+    
+      <h1 class="page-header">
+        <i class="glyphicon glyphicon-picture"></i>  applications:screenshot_dokuwiki_configuration.png            </h1>
+
+      <div class="content">
+
+        <a href="screenshot_dokuwiki_configuration.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="898" height="317" class="img_detail" alt="screenshot_dokuwiki_configuration.png" title="screenshot_dokuwiki_configuration.png" src="screenshot_dokuwiki_configuration.5c3b7e8bd8174c47fa38d992a5bf5a62.png"/></a>
+        <div class="img_detail">
+
+          <div class="panel panel-default">
+            <div class="panel-heading">
+              <h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i>  screenshot_dokuwiki_configuration.png</h2>
+            </div>
+            <div class="panel-body">
+              <dl><dt>Date:</dt><dd>2017/11/23 14:30</dd><dt>Filename:</dt><dd>screenshot_dokuwiki_configuration.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>35KB</dd><dt>Width:</dt><dd>898</dd><dt>Height:</dt><dd>317</dd></dl>                          </div>
+          </div>
+
+        </div>
+      </div><!-- /.content -->
+
+      <p class="back">
+
+        </p><hr/>
+
+        <div class="btn-group">
+          <a href="dokuwiki.html"  class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:dokuwiki [B]">Back to documentation:2.0:applications:dokuwiki</a>                  </div>
+
+      </p>
+
+      </div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
+  
+</body>
+</html>
--- a/po-doc/fr/pages/documentation/current/applications/wordpress.html
+++ b/po-doc/fr/pages/documentation/current/applications/wordpress.html
@ -0,0 +1,173 @@
+<!DOCTYPE html>
+<html lang="fr" dir="ltr">
+<head>
+    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
+  <meta charset="utf-8" />
+  <title>documentation:2.0:applications:wordpress</title><!-- //if:usedebianlibs
+  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
+//elsif:useexternallibs
+  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
+//elsif:cssminified
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
+//else --><!-- //endif -->
+<meta name="generator" content="DokuWiki"/>
+<meta name="robots" content="index,follow"/>
+<meta name="keywords" content="documentation,2.0,applications,wordpress"/>
+<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
+<link rel="start" href="wordpress.html"/>
+<link rel="contents" href="wordpress.html" title="Sitemap"/>
+<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
+
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
+
+<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:wordpress","namespace":"documentation:2.0:applications"};
+/*!]]>*/</script>
+<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
+<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
+//elsif:useexternallibs
+<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
+//elsif:jsminified
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
+//else -->
+
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
+  <script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
+//elsif:useexternallibs
+  <script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
+//elsif:jsminified
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
+//else -->
+
+
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script><!-- //endif -->
+
+</head>
+<body>
+<div class="dokuwiki export container"><!-- TOC START -->
+
+<div id="dw__toc">
+<h3 class="toggle">Table of Contents</h3>
+<div>
+
+<ul class="toc">
+<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
+<li class="level1"><div class="li"><a href="#cas">CAS</a></div>
+<ul class="toc">
+<li class="level2"><div class="li"><a href="#plugin_installation">Plugin installation</a></div></li>
+<li class="level2"><div class="li"><a href="#plugin_configuration">Plugin configuration</a></div>
+<ul class="toc">
+<li class="level3"><div class="li"><a href="#general_settings">General settings</a></div></li>
+<li class="level3"><div class="li"><a href="#user_roles_settings">User Roles Settings</a></div></li>
+</ul></li>
+</ul></li>
+</ul>
+</div>
+</div><!-- TOC END -->
+
+
+<h1 class="sectionedit1" id="wordpress">Wordpress</h1>
+<div class="level1">
+
+<p>
+<img src="wordpress_logo.png" class="mediacenter" alt="" />
+</p>
+
+</div><!-- EDIT1 SECTION "Wordpress" [1-73] -->
+
+<h2 class="sectionedit2" id="presentation">Présentation</h2>
+<div class="level2">
+
+<p>
+<a href="https://wordpress.org/" class="urlextern" title="https://wordpress.org/"  rel="nofollow">Wordpress</a> is a famous tool to create websites.
+
+</p>
+
+<p>
+
+A lot of authentication plugins are available. We propose here to use <abbr title="Central Authentication Service">CAS</abbr> protocol and <a href="https://wordpress.org/plugins/wp-cassify/" class="urlextern" title="https://wordpress.org/plugins/wp-cassify/"  rel="nofollow">WP Cassify</a> plugin.
+
+</p>
+
+</div><!-- EDIT2 SECTION "Presentation" [74-327] -->
+
+<h2 class="sectionedit3" id="cas">CAS</h2>
+<div class="level2">
+
+</div><!-- EDIT3 SECTION "CAS" [328-344] -->
+
+<h3 class="sectionedit4" id="plugin_installation">Plugin installation</h3>
+<div class="level3">
+
+<p>
+
+Go in Wordpress admin and install <a href="https://wordpress.org/plugins/wp-cassify/" class="urlextern" title="https://wordpress.org/plugins/wp-cassify/"  rel="nofollow">WP Cassify</a> plugin.
+
+</p>
+
+</div><!-- EDIT4 SECTION "Plugin installation" [345-475] -->
+
+<h3 class="sectionedit5" id="plugin_configuration">Plugin configuration</h3>
+<div class="level3">
+
+<p>
+
+The full documentation is available on <a href="https://wpcassify.wordpress.com/" class="urlextern" title="https://wpcassify.wordpress.com/"  rel="nofollow">https://wpcassify.wordpress.com/</a>
+</p>
+
+</div>
+
+<h4 id="general_settings">General settings</h4>
+<div class="level4">
+
+<p>
+
+Configure <abbr title="Central Authentication Service">CAS</abbr> server and <abbr title="Central Authentication Service">CAS</abbr> version:
+
+</p>
+<ul>
+<li class="level1"><div class="li"> <abbr title="Central Authentication Service">CAS</abbr> Server base url : <a href="https://auth.example.com/cas/" class="urlextern" title="https://auth.example.com/cas/"  rel="nofollow">https://auth.example.com/cas/</a></div>
+</li>
+<li class="level1"><div class="li"> <abbr title="Central Authentication Service">CAS</abbr> Version protocol: 2</div>
+</li>
+</ul>
+
+<p>
+
+Other options are correct by default.
+
+</p>
+
+</div>
+
+<h4 id="user_roles_settings">User Roles Settings</h4>
+<div class="level4">
+
+<p>
+
+You can assign WP Roles depending on values sent by <abbr title="Central Authentication Service">CAS</abbr>.
+
+</p>
+
+<p>
+
+The rules syntax is quite special, you can use it or you can just define macros on <abbr title="LemonLDAP::NG">LL::NG</abbr> side and send them trough <abbr title="Central Authentication Service">CAS</abbr> to keep simple rules on WP side.
+
+</p>
+
+<p>
+
+For example create a macro <code>role_wordpress_admin</code> which contains <code>1</code> if the user is admin on WP, and send it in <abbr title="Central Authentication Service">CAS</abbr> attributes.
+
+</p>
+
+<p>
+
+Then create this rule on WP side:
+
+</p>
+<pre class="code">administrator|(CAS{role_wordpress_admin} -EQ "1")</pre>
+
+</div><!-- EDIT5 SECTION "Plugin configuration" [476-] -->
+</div>
+</body>
+</html>
--- a/po-doc/fr/pages/documentation/current/authkerberos.html
+++ b/po-doc/fr/pages/documentation/current/authkerberos.html
@ -54,6 +54,7 @@
 <li class="level1"><div class="li"><a href="#llng_configuration">LLNG Configuration</a></div>
 <ul class="toc">
 <li class="level2"><div class="li"><a href="#kerberos_configuration">Kerberos configuration</a></div></li>
+<li class="level2"><div class="li"><a href="#web_server_kerberos_module">Web Server Kerberos module</a></div></li>
 </ul></li>
 </ul>
 </div>
@ -83,7 +84,12 @@

 </p>

-</div><!-- EDIT3 SECTION "Presentation" [83-268] -->
+<p>
+<abbr title="LemonLDAP::NG">LL::NG</abbr> uses GSSAPI module to validate Kerberos ticket against a local keytab.
+
+</p>
+
+</div><!-- EDIT3 SECTION "Presentation" [83-347] -->

 <h2 class="sectionedit4" id="llng_configuration">LLNG Configuration</h2>
 <div class="level2">
@ -96,13 +102,17 @@ In Manager, go in <code>General Parameters</code> &gt; <code>Authentication modu
 <ul>
 <li class="level1"><div class="li"> <strong>keytab file</strong> (required): the Kerberos keytab file</div>
 </li>
-<li class="level1"><div class="li"> <strong> Use Ajax request</strong>: set to “enabled” if you want to use an Ajax request instead of a direct Kerberos attempt. <strong>This is required if you want to chain Kerberos in a <a href="authcombination.html" class="wikilink1" title="documentation:2.0:authcombination">combination</a></strong></div>
+<li class="level1"><div class="li"> <strong>Use Ajax request</strong>: set to “enabled” if you want to use an Ajax request instead of a direct Kerberos attempt. <strong>This is required if you want to chain Kerberos in a <a href="authcombination.html" class="wikilink1" title="documentation:2.0:authcombination">combination</a></strong></div>
 </li>
 <li class="level1"><div class="li"> <strong>Kerberos authentication level</strong>: default to 3</div>
 </li>
+<li class="level1"><div class="li"> <strong>Use Web Server Kerberos module</strong>: set to “enabled” to use the Web Server module (for example Apache mod_auth_kerb) instead of Perl Kerberos code to validate Kerberos ticket</div>
+</li>
+<li class="level1"><div class="li"> <strong>Remove domain in username</strong>: set to “enabled” to strip username value and remove the '@domain'.</div>
+</li>
 </ul>

-</div><!-- EDIT4 SECTION "LLNG Configuration" [269-799] -->
+</div><!-- EDIT4 SECTION "LLNG Configuration" [348-1158] -->

 <h3 class="sectionedit5" id="kerberos_configuration">Kerberos configuration</h3>
 <div class="level3">
@ -111,7 +121,36 @@ In Manager, go in <code>General Parameters</code> &gt; <code>Authentication modu
 La configuration Kerberos est assez complexe. On peut trouver quelques éléments de configuration <a href="kerberos.html" class="wikilink1" title="documentation:2.0:kerberos">dans cette page</a>.
 </p>

-</div><!-- EDIT5 SECTION "Kerberos configuration" [800-] -->
+</div><!-- EDIT5 SECTION "Kerberos configuration" [1159-1302] -->
+
+<h3 class="sectionedit6" id="web_server_kerberos_module">Web Server Kerberos module</h3>
+<div class="level3">
+
+<p>
+
+If you want to let Web Server Kerberos module validates the Kerberos ticket, set the according option to “enabled” and configure the portal virtual host to launch the module if “kerberos” GET parameter is in the request.
+
+</p>
+
+<p>
+
+Example with Apache and mod_auth_kerb:
+
+</p>
+<pre class="code file apache">  &lt;If <span class="st0">"%{QUERY_STRING} =~ /kerberos=/"</span>&gt;
+    &lt;<span class="kw3">IfModule</span> auth_kerb_module&gt;
+      <span class="kw1">AuthType</span> Kerberos
+      KrbMethodNegotiate <span class="kw2">On</span>
+      KrbMethodK5Passwd <span class="kw2">Off</span>
+      KrbAuthRealms EXAMPLE.COM
+      Krb5KeyTab /etc/lemonldap-ng/auth.keytab
+      KrbVerifyKDC <span class="kw2">On</span>
+      KrbServiceName Any
+      <span class="kw1">require</span> valid-<span class="kw1">user</span>
+    &lt;/<span class="kw3">IfModule</span>&gt;
+  &lt;/If&gt;</pre>
+
+</div><!-- EDIT6 SECTION "Web Server Kerberos module" [1303-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/autosignin.html
+++ b/po-doc/fr/pages/documentation/current/autosignin.html
@ -0,0 +1,81 @@
+<!DOCTYPE html>
+<html lang="fr" dir="ltr">
+<head>
+    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
+  <meta charset="utf-8" />
+  <title>documentation:2.0:autosignin</title><!-- //if:usedebianlibs
+  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
+//elsif:useexternallibs
+  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
+//elsif:cssminified
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
+//else --><!-- //endif -->
+<meta name="generator" content="DokuWiki"/>
+<meta name="robots" content="index,follow"/>
+<meta name="keywords" content="documentation,2.0,autosignin"/>
+<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
+<link rel="start" href="autosignin.html"/>
+<link rel="contents" href="autosignin.html" title="Sitemap"/>
+<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
+
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
+
+<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:autosignin","namespace":"documentation:2.0"};
+/*!]]>*/</script>
+<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
+<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
+//elsif:useexternallibs
+<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
+//elsif:jsminified
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
+//else -->
+
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
+  <script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
+//elsif:useexternallibs
+  <script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
+//elsif:jsminified
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
+//else -->
+
+
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script><!-- //endif -->
+
+</head>
+<body>
+<div class="dokuwiki export container">
+
+<h1 class="sectionedit1" id="auto_signin_addon">Auto Signin Addon</h1>
+<div class="level1">
+
+<p>
+
+Auto-Signin add-on provides a simple way to bypass authentication based on rules. For example, a TV can be automatically authenticated by its <abbr title="Internet Protocol">IP</abbr> address.
+
+</p>
+
+</div><!-- EDIT1 SECTION "Auto Signin Addon" [1-188] -->
+
+<h2 class="sectionedit2" id="configuration">Configuration</h2>
+<div class="level2">
+
+<p>
+This add-on is automatically enabled if a rule is declared. A rule associates a username to a rule. The only variable usable here is <code>$env</code>. Exemple :
+</p>
+<div class="table sectionedit3"><table class="inline table table-bordered table-striped">
+	<thead>
+	<tr class="row0 roweven">
+		<th class="col0">  Key (username)  </th><th class="col1"> Règle </th>
+	</tr>
+	</thead>
+	<tr class="row1 rowodd">
+		<td class="col0">  dwho  </td><td class="col1">  $env→{REMOTE_ADDR} == '192.168.42.42'  </td>
+	</tr>
+</table></div><!-- EDIT3 TABLE [369-444] -->
+<div class="noteimportant">Username must exists in the user database.
+
+</div>
+</div><!-- EDIT2 SECTION "Configuration" [189-] -->
+</div>
+</body>
+</html>
--- a/po-doc/fr/pages/documentation/current/configvhost.html
+++ b/po-doc/fr/pages/documentation/current/configvhost.html
@ -11,7 +11,7 @@
  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
 //else --><!-- //endif -->
 <meta name="generator" content="DokuWiki"/>
-<meta name="robots" content="noindex,nofollow"/>
+<meta name="robots" content="index,follow"/>
 <meta name="keywords" content="documentation,2.0,configvhost"/>
 <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
 <link rel="start" href="configvhost.html"/>
--- a/po-doc/fr/pages/documentation/current/idpsaml.html
+++ b/po-doc/fr/pages/documentation/current/idpsaml.html
@ -83,52 +83,27 @@
 <ul>
 <li class="level1"><div class="li"> Un autre système <abbr title="LemonLDAP::NG">LL::NG</abbr> configuré avec <a href="authsaml.html" class="wikilink1" title="documentation:2.0:authsaml">authentification SAML</a></div>
 </li>
-<li class="level1"><div class="li"> Tout fournisseur de service <abbr title="Security Assertion Markup Language">SAML</abbr>, par exemple:</div>
+<li class="level1"><div class="li">  Any <abbr title="Security Assertion Markup Language">SAML</abbr> Service Provider</div>
 </li>
 </ul>

-</div><!-- EDIT3 PLUGIN_INCLUDE_START_NOREDIRECT "documentation:2.0:applications" [0-] -->
-<div class="plugin_include_content plugin_include__documentation:2.0:applications">
-<div class="level2">
-<div class="noteclassic">Ceci nécessite de configurer <abbr title="LemonLDAP::NG">LL::NG</abbr> comme <span class="curid"><a href="idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">fournisseur d'identité SAML</a></span>.
-</div><div class="table sectionedit5"><table class="inline table table-bordered table-striped">
-	<thead>
-	<tr class="row0 roweven">
-		<th class="col0 centeralign">    Google Apps    </th><th class="col1 centeralign">    Cornerstone    </th><th class="col2 centeralign">    SalesForce    </th><th class="col3 centeralign">    simpleSAMLphp    </th>
-	</tr>
-	</thead>
-	<tr class="row1 rowodd">
-		<td class="col0 centeralign">  <a href="applications/googleapps.html" class="media" title="documentation:2.0:applications:googleapps"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/cornerstone.html" class="media" title="documentation:2.0:applications:cornerstone"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a>  </td><td class="col2 centeralign">  <a href="applications/salesforce.html" class="media" title="documentation:2.0:applications:salesforce"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a>  </td><td class="col3 centeralign">  <a href="applications/simplesamlphp.html" class="media" title="documentation:2.0:applications:simplesamlphp"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a>  </td>
-	</tr>
-	<tr class="row2 roweven">
-		<th class="col0 centeralign">    NextCloud    </th><th class="col1 centeralign">    ADFS    </th><th class="col2 leftalign">  </th><th class="col3 leftalign">  </th>
-	</tr>
-	<tr class="row3 rowodd">
-		<td class="col0 centeralign">  <a href="applications/nextcloud.html" class="media" title="documentation:2.0:applications:nextcloud"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col1 centeralign">  <a href="applications/adfs.html" class="media" title="documentation:2.0:applications:adfs"><img src="icons/kmultiple.png" class="media" alt="" /></a>  </td><td class="col2 leftalign">  </td><td class="col3 leftalign">  </td>
-	</tr>
-</table></div><!-- EDIT5 TABLE [2607-3149] -->
+</div><!-- EDIT2 SECTION "Presentation" [39-263] -->

-</div><!-- EDIT4 PLUGIN_INCLUDE_END "documentation:2.0:applications" [0-] -->
-</div>
+<h2 class="sectionedit3" id="configuration">Configuration</h2>
 <div class="level2">

-</div><!-- EDIT2 SECTION "Presentation" [39-327] -->
+</div><!-- EDIT3 SECTION "Configuration" [264-290] -->

-<h2 class="sectionedit6" id="configuration">Configuration</h2>
-<div class="level2">
-
-</div><!-- EDIT6 SECTION "Configuration" [328-354] -->
-
-<h3 class="sectionedit7" id="saml_service">Service SAML</h3>
+<h3 class="sectionedit4" id="saml_service">Service SAML</h3>
 <div class="level3">

 <p>
 Voir le chapître de configuration du <a href="samlservice.html" class="wikilink1" title="documentation:2.0:samlservice">service SAML</a>.
 </p>

-</div><!-- EDIT7 SECTION "SAML Service" [355-435] -->
+</div><!-- EDIT4 SECTION "SAML Service" [291-371] -->

-<h3 class="sectionedit8" id="issuerdb">IssuerDB</h3>
+<h3 class="sectionedit5" id="issuerdb">IssuerDB</h3>
 <div class="level3">

 <p>
@ -146,9 +121,9 @@ Dans le manager, aller dans <code>Paramètres généraux</code> &gt; <code>Modul
 <pre class="code">$authenticationLevel &gt; 2</pre>

 </div>
-</div><!-- EDIT8 SECTION "IssuerDB" [436-911] -->
+</div><!-- EDIT5 SECTION "IssuerDB" [372-847] -->

-<h3 class="sectionedit9" id="register_lemonldapng_on_partner_service_provider">Enregistrer LemonLDAP::NG sur le fournisseur de service partenaire</h3>
+<h3 class="sectionedit6" id="register_lemonldapng_on_partner_service_provider">Enregistrer LemonLDAP::NG sur le fournisseur de service partenaire</h3>
 <div class="level3">

 <p>
@ -159,9 +134,9 @@ Après avoir configuré le service <abbr title="Security Assertion Markup Langua
 Elles sont disponibles à l'<abbr title="Uniform Resource Locator">URL</abbr> EntityID, par défaut : <a href="http://auth.example.com/saml/metadata" class="urlextern" title="http://auth.example.com/saml/metadata"  rel="nofollow">http://auth.example.com/saml/metadata</a>.
 </p>

-</div><!-- EDIT9 SECTION "Register LemonLDAP::NG on partner Service Provider" [912-1156] -->
+</div><!-- EDIT6 SECTION "Register LemonLDAP::NG on partner Service Provider" [848-1092] -->

-<h3 class="sectionedit10" id="register_partner_service_provider_on_lemonldapng">Enregistrer le fournisseur de service dans LemonLDAP::NG</h3>
+<h3 class="sectionedit7" id="register_partner_service_provider_on_lemonldapng">Enregistrer le fournisseur de service dans LemonLDAP::NG</h3>
 <div class="level3">

 <p>
@ -299,7 +274,7 @@ Par exemple: <a href="http://auth.example.com/saml/singleSignOn?IDPInitiated=1&a
 </p>

 </div>
-</div><!-- EDIT10 SECTION "Register partner Service Provider on LemonLDAP::NG" [1157-] -->
+</div><!-- EDIT7 SECTION "Register partner Service Provider on LemonLDAP::NG" [1093-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/installdeb.html
+++ b/po-doc/fr/pages/documentation/current/installdeb.html
@ -100,9 +100,11 @@ LemonLDAP::NG fournit ces paquets :
 </li>
 <li class="level1"><div class="li"> lemonldap-ng-fr-doc : traduction en français de la documentation <abbr title="HyperText Markup Language">HTML</abbr></div>
 </li>
+<li class="level1"><div class="li">  lemonldap-ng-handler: Handler files</div>
+</li>
 <li class="level1"><div class="li"> liblemonldap-ng-common-perl : fichiers communs et de configuration</div>
 </li>
-<li class="level1"><div class="li"> liblemonldap-ng-handler-perl : fichiers des agents</div>
+<li class="level1"><div class="li">  liblemonldap-ng-handler-perl: Handler common libraries</div>
 </li>
 <li class="level1"><div class="li"> liblemonldap-ng-manager-perl : fichiers du manager</div>
 </li>
@ -110,12 +112,12 @@ LemonLDAP::NG fournit ces paquets :
 </li>
 </ul>

-</div><!-- EDIT2 SECTION "Organization" [60-630] -->
+</div><!-- EDIT2 SECTION "Organization" [60-681] -->

 <h2 class="sectionedit3" id="get_the_packages">Obtenir ces paquets</h2>
 <div class="level2">

-</div><!-- EDIT3 SECTION "Get the packages" [631-660] -->
+</div><!-- EDIT3 SECTION "Get the packages" [682-711] -->

 <h3 class="sectionedit4" id="official_repository">Dépôt officiel</h3>
 <div class="level3">
@ -126,7 +128,7 @@ Pour les utilisateurs de Debian testing ou unstable, les paquets sont directemen
 <pre class="code">apt-cache search lemonldap-ng</pre>
 <div class="noteimportant">Les paquets du <a href="http://packages.debian.org/search?keywords=lemonldap-ng" class="urlextern" title="http://packages.debian.org/search?keywords=lemonldap-ng"  rel="nofollow">dépôt Debian</a> peuvent ne pas être à jour. Si c'est le cas, utiliser une autre solution (voir ci-dessous).
 </div>
-</div><!-- EDIT4 SECTION "Official repository" [661-999] -->
+</div><!-- EDIT4 SECTION "Official repository" [712-1050] -->

 <h3 class="sectionedit5" id="llng_repository">Dépôt LL::NG</h3>
 <div class="level3">
@ -155,7 +157,7 @@ You may need to install this package to access HTTPS repositories:
 </p>
 <pre class="code">apt install apt-transport-https</pre>

-</div><!-- EDIT5 SECTION "LL::NG repository" [1000-1644] -->
+</div><!-- EDIT5 SECTION "LL::NG repository" [1051-1695] -->

 <h3 class="sectionedit6" id="manual_download">Téléchargement manuel</h3>
 <div class="level3">
@ -164,7 +166,7 @@ You may need to install this package to access HTTPS repositories:
 Les paquets sont disponibles sur la <a href="download.html" class="wikilink1" title="Téléchargement">page de téléchargement</a>.
 </p>

-</div><!-- EDIT6 SECTION "Manual download" [1645-1731] -->
+</div><!-- EDIT6 SECTION "Manual download" [1696-1782] -->

 <h2 class="sectionedit7" id="package_gpg_signature">Signature GPG des paquets</h2>
 <div class="level2">
@ -185,18 +187,18 @@ Update cache:
 </p>
 <pre class="code">apt update</pre>

-</div><!-- EDIT7 SECTION "Package GPG signature" [1732-1986] -->
+</div><!-- EDIT7 SECTION "Package GPG signature" [1783-2037] -->

 <h2 class="sectionedit8" id="install_packages">Installer les paquets</h2>
 <div class="level2">

-</div><!-- EDIT8 SECTION "Install packages" [1987-2016] -->
+</div><!-- EDIT8 SECTION "Install packages" [2038-2067] -->

 <h3 class="sectionedit9" id="with_apt">With apt</h3>
 <div class="level3">
 <pre class="code">apt install lemonldap-ng</pre>

-</div><!-- EDIT9 SECTION "With apt" [2017-2077] -->
+</div><!-- EDIT9 SECTION "With apt" [2068-2128] -->

 <h3 class="sectionedit10" id="with_dpkg">Avec dpkg</h3>
 <div class="level3">
@ -210,12 +212,12 @@ Ensuite :
 </p>
 <pre class="code">dpkg -i liblemonldap-ng-* lemonldap-ng*</pre>

-</div><!-- EDIT10 SECTION "With dpkg" [2078-2226] -->
+</div><!-- EDIT10 SECTION "With dpkg" [2129-2277] -->

 <h2 class="sectionedit11" id="first_configuration_steps">Premiers pas de configuration</h2>
 <div class="level2">

-</div><!-- EDIT11 SECTION "First configuration steps" [2227-2265] -->
+</div><!-- EDIT11 SECTION "First configuration steps" [2278-2316] -->

 <h3 class="sectionedit12" id="change_default_dns_domain">Changer le domaine DNS par défaut</h3>
 <div class="level3">
@ -225,7 +227,7 @@ Par défaut, le domaine <abbr title="Domain Name System">DNS</abbr> est <code>ex
 </p>
 <pre class="code shell">sed -i 's/example\.com/ow2.org/g' /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1.json /var/lib/lemonldap-ng/test/index.pl</pre>

-</div><!-- EDIT12 SECTION "Change default DNS domain" [2266-2585] -->
+</div><!-- EDIT12 SECTION "Change default DNS domain" [2317-2636] -->

 <h3 class="sectionedit13" id="reload_virtual_host">Recharger l'hôte virtuel</h3>
 <div class="level3">
@ -236,7 +238,7 @@ Pour autoriser le manager à recharger la configuration, enregistrer le nom d'h
 <pre class="code shell">echo "127.0.0.1 reload.example.com" &gt;&gt; /etc/hosts</pre>
 <div class="notetip">Adapter le nom d'hôte virtuel de rechargement au domaine configuré.
 </div>
-</div><!-- EDIT13 SECTION "Reload virtual host" [2586-2887] -->
+</div><!-- EDIT13 SECTION "Reload virtual host" [2637-2938] -->

 <h3 class="sectionedit14" id="upgrade">Mise à jour</h3>
 <div class="level3">
@ -245,7 +247,7 @@ Pour autoriser le manager à recharger la configuration, enregistrer le nom d'h
 Pour mettre à jour <abbr title="LemonLDAP::NG">LL::NG</abbr>, lisez toutes les <a href="upgrade.html" class="wikilink1" title="documentation:2.0:upgrade">notes de mise à jour</a>.
 </p>

-</div><!-- EDIT14 SECTION "Upgrade" [2888-2968] -->
+</div><!-- EDIT14 SECTION "Upgrade" [2939-3019] -->

 <h3 class="sectionedit15" id="dns">DNS</h3>
 <div class="level3">
@ -261,7 +263,7 @@ Configurer le serveur <abbr title="Domain Name System">DNS</abbr> pour résoudre
 Suivre les <a href="start.html#configuration" class="wikilink1" title="documentation:2.0:start">étapes suivantes</a>
 </p>

-</div><!-- EDIT15 SECTION "DNS" [2969-3241] -->
+</div><!-- EDIT15 SECTION "DNS" [3020-3292] -->

 <h2 class="sectionedit16" id="file_location">Emplacement du fichier</h2>
 <div class="level2">
@ -282,7 +284,7 @@ Suivre les <a href="start.html#configuration" class="wikilink1" title="documenta
 </li>
 </ul>

-</div><!-- EDIT16 SECTION "File location" [3242-3778] -->
+</div><!-- EDIT16 SECTION "File location" [3293-3829] -->

 <h2 class="sectionedit17" id="build_your_packages">Construire les paquets</h2>
 <div class="level2">
@ -294,7 +296,7 @@ On peut également construire les paquets à partir de l'<a href="download.html"
 cd lemonldap-ng-*
 make debian-packages</pre>

-</div><!-- EDIT17 SECTION "Build your packages" [3779-] -->
+</div><!-- EDIT17 SECTION "Build your packages" [3830-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/kerberos.html
+++ b/po-doc/fr/pages/documentation/current/kerberos.html
@ -56,37 +56,25 @@
 <li class="level2"><div class="li"><a href="#example_values">Valeurs d'exemple</a></div></li>
 <li class="level2"><div class="li"><a href="#server_time">Horloge des serveurs</a></div></li>
 <li class="level2"><div class="li"><a href="#dns">DNS</a></div></li>
-<li class="level2"><div class="li"><a href="#ad_accounts">Comptes AD</a></div></li>
+<li class="level2"><div class="li"><a href="#ssl">SSL</a></div></li>
 <li class="level2"><div class="li"><a href="#web_browser_configuration">Configuration du navigateur web</a></div>
 <ul class="toc">
 <li class="level3"><div class="li"><a href="#firefox">Firefox</a></div></li>
 <li class="level3"><div class="li"><a href="#internet_explorer">Internet Explorer</a></div></li>
 </ul>
 </li>
-<li class="level2"><div class="li"><a href="#apache_kerberos_module_installation">Installation du module Kerberos d'Apache</a></div></li>
 </ul>
 </li>
-<li class="level1"><div class="li"><a href="#single_llng_serversingle_ad_domain">Serveur LL::NG unique / Domaine AD unique</a></div>
+<li class="level1"><div class="li"><a href="#single_ad_domain">Single AD domain</a></div>
 <ul class="toc">
 <li class="level2"><div class="li"><a href="#client_kerberos_configuration">Configuration du client Kerberos</a></div></li>
 <li class="level2"><div class="li"><a href="#obtain_keytab_file">Obtenir un fichier table de clef</a></div></li>
-<li class="level2"><div class="li"><a href="#configuration_of_lemonldapng">Configuration de LemonLDAP::NG</a></div></li>
 </ul>
 </li>
-<li class="level1"><div class="li"><a href="#llng_clustersingle_ad_domain">Cluster LL::NG / domaine AD unique</a></div>
+<li class="level1"><div class="li"><a href="#multiple_ad_domains">Multiple AD domains</a></div>
 <ul class="toc">
 <li class="level2"><div class="li"><a href="#client_kerberos_configuration1">Configuration du client Kerberos</a></div></li>
 <li class="level2"><div class="li"><a href="#obtain_keytab_file1">Obtenir un fichier table de clef</a></div></li>
-<li class="level2"><div class="li"><a href="#configuration_of_lemonldapng1">Configuration de LemonLDAP::NG</a></div></li>
-<li class="level2"><div class="li"><a href="#configuration_of_portal_virtual_host">Configuration de l'hôte virtuel du portail</a></div></li>
-</ul>
-</li>
-<li class="level1"><div class="li"><a href="#llng_clustertwo_ad_domains">Cluster LL::NG / Deux domaines AD</a></div>
-<ul class="toc">
-<li class="level2"><div class="li"><a href="#client_kerberos_configuration2">Configuration du client Kerberos</a></div></li>
-<li class="level2"><div class="li"><a href="#obtain_keytab_file2">Obtenir un fichier table de clef</a></div></li>
-<li class="level2"><div class="li"><a href="#configuration_of_lemonldapng2">Configuration de LemonLDAP::NG</a></div></li>
-<li class="level2"><div class="li"><a href="#configuration_of_portal_virtual_host1">Configuration de l'hôte virtuel du portail</a></div></li>
 </ul>
 </li>
 <li class="level1"><div class="li"><a href="#other_resources">Autres documents</a></div></li>
@ -104,27 +92,29 @@
 <div class="level2">

 <p>
-Cette documentation explique comment utiliser Active Directory comme serveur Kerberos, et fournir une authentification transparente aux utilisateurs du domaine AD à <abbr title="LemonLDAP::NG">LL::NG</abbr>.
+
+This documentation will explain how to use Active Directory as Kerberos server, and provide transparent authentication for one or multiple AD domains.
+
 </p>

 <p>
-On présente ici plusieurs architectures:
+
+You can use Kerberos  in <abbr title="LemonLDAP::NG">LL::NG</abbr> with the following authentication modules:
+
 </p>
 <ul>
-<li class="level1"><div class="li"> Un seul serveur <abbr title="LemonLDAP::NG">LL::NG</abbr> lié à un seul domaine AD</div>
+<li class="level1"><div class="li"> <a href="authkerberos.html" class="wikilink1" title="documentation:2.0:authkerberos">Kerberos</a> (recommended): use Perl GSSAPI module, compatible with Apache and Nginx</div>
 </li>
-<li class="level1"><div class="li"> Un cluster <abbr title="LemonLDAP::NG">LL::NG</abbr> lié à un seul domaine AD</div>
-</li>
-<li class="level1"><div class="li"> Un cluster <abbr title="LemonLDAP::NG">LL::NG</abbr> lié à 2 domaines AD</div>
+<li class="level1"><div class="li"> <a href="authapache.html" class="wikilink1" title="documentation:2.0:authapache">Apache</a>: use mod_auth_kerb or mod_auth_gssapi in Apache</div>
 </li>
 </ul>

-</div><!-- EDIT2 SECTION "Presentation" [25-376] -->
+</div><!-- EDIT2 SECTION "Presentation" [25-454] -->

 <h2 class="sectionedit3" id="prerequisites">Pré-requis</h2>
 <div class="level2">

-</div><!-- EDIT3 SECTION "Prerequisites" [377-403] -->
+</div><!-- EDIT3 SECTION "Prerequisites" [455-481] -->

 <h3 class="sectionedit4" id="example_values">Valeurs d'exemple</h3>
 <div class="level3">
@ -139,25 +129,11 @@ Nous utilisons les valeurs suivantes dans nos exemples
 </li>
 <li class="level1"><div class="li"> <strong>auth.example.com</strong> : <abbr title="Domain Name System">DNS</abbr> du portail <abbr title="LemonLDAP::NG">LL::NG</abbr></div>
 </li>
-<li class="level1"><div class="li"> <strong>authpwd.example.com</strong> : <abbr title="Domain Name System">DNS</abbr> du portail <abbr title="LemonLDAP::NG">LL::NG</abbr> (pour retomber sur un formulaire d'authentification)</div>
-</li>
-<li class="level1"><div class="li"> <strong>node1.example.com</strong> : <abbr title="Domain Name System">DNS</abbr> du second portail <abbr title="LemonLDAP::NG">LL::NG</abbr> (en mode cluster)</div>
-</li>
-<li class="level1"><div class="li"> <strong>node2.example.com</strong> : <abbr title="Domain Name System">DNS</abbr> du second portail <abbr title="LemonLDAP::NG">LL::NG</abbr> (en mode cluster)</div>
-</li>
-<li class="level1"><div class="li"> <strong>ad.example.com</strong> : <abbr title="Domain Name System">DNS</abbr> du premier Active Directory</div>
-</li>
-<li class="level1"><div class="li"> <strong>ad.acme.com</strong> : <abbr title="Domain Name System">DNS</abbr> du second Active Directory</div>
-</li>
-<li class="level1"><div class="li"> <strong>KERB_AUTH</strong> : compte AD pour générer la table de clefs du serveur <abbr title="LemonLDAP::NG">LL::NG</abbr> (en mode serveur seul)</div>
-</li>
-<li class="level1"><div class="li"> <strong>KERB_NODE1</strong> : compte AD pour générer la table de clefs du premier serveur <abbr title="LemonLDAP::NG">LL::NG</abbr> (en mode cluster)</div>
-</li>
-<li class="level1"><div class="li"> <strong>KERB_NODE2</strong> : compte AD pour générer la table de clef du second serveur <abbr title="LemonLDAP::NG">LL::NG</abbr> (en mode cluster)</div>
+<li class="level1"><div class="li"> <strong>KERB_AUTH</strong>: AD account to generate the keytab for <abbr title="LemonLDAP::NG">LL::NG</abbr> server</div>
 </li>
 </ul>

-</div><!-- EDIT4 SECTION "Example values" [404-1263] -->
+</div><!-- EDIT4 SECTION "Example values" [482-751] -->

 <h3 class="sectionedit5" id="server_time">Horloge des serveurs</h3>
 <div class="level3">
@ -166,26 +142,31 @@ Nous utilisons les valeurs suivantes dans nos exemples
 Il est impératif que les serveurs <abbr title="LemonLDAP::NG">LL::NG</abbr> et AD soient à la même heure. Il est recommandé d'utilisé NTP à cet effet.
 </p>

-</div><!-- EDIT5 SECTION "Server time" [1264-1399] -->
+</div><!-- EDIT5 SECTION "Server time" [752-887] -->

 <h3 class="sectionedit6" id="dns">DNS</h3>
 <div class="level3">

 <p>
-Tous les noms doivent être enregistrés dans le serveur <abbr title="Domain Name System">DNS</abbr> (qui est Active Directory). Il est préférable que le <abbr title="Domain Name System">DNS</abbr> inverse soit capable de résoudre tous les noms.
+
+The auth.example.com must be registered in the <abbr title="Domain Name System">DNS</abbr> server (which is Active Directory). The reverse <abbr title="Domain Name System">DNS</abbr> of auth.example.com <strong>must</strong> return the portal <abbr title="Internet Protocol">IP</abbr>.
+
 </p>
+<div class="notetip">If you have a <abbr title="Authentification unique (Single Sign On)">SSO</abbr> cluster, you must setup a Virtual <abbr title="Internet Protocol">IP</abbr> in cluster and register this <abbr title="Internet Protocol">IP</abbr> in <abbr title="Domain Name System">DNS</abbr>.

-</div><!-- EDIT6 SECTION "DNS" [1400-1543] -->
+</div>
+</div><!-- EDIT6 SECTION "DNS" [888-1170] -->

-<h3 class="sectionedit7" id="ad_accounts">Comptes AD</h3>
+<h3 class="sectionedit7" id="ssl">SSL</h3>
 <div class="level3">

 <p>
-Il est recommandé de créer un compte AD pour chaque serveur <abbr title="LemonLDAP::NG">LL::NG</abbr>. Chaque compte tiendra le nom principal de service (SPN) du serveur <abbr title="LemonLDAP::NG">LL::NG</abbr>.
+
+SSL is not mandatory, but it is strongly recommended. Your portal <abbr title="Uniform Resource Locator">URL</abbr> should be <a href="https://auth.example.com" class="urlextern" title="https://auth.example.com"  rel="nofollow">https://auth.example.com</a>.
+
 </p>
-<div class="notetip">Il devrait être possible d'avoir le même compte pour tous les SPN, mais ça nécessite certaines manipulations de l'AD (commande setspn) non documentées ici.
-</div>
-</div><!-- EDIT7 SECTION "AD accounts" [1544-1884] -->
+
+</div><!-- EDIT7 SECTION "SSL" [1171-1292] -->

 <h3 class="sectionedit8" id="web_browser_configuration">Configuration du navigateur web</h3>
 <div class="level3">
@ -212,33 +193,14 @@ Ajouter <code><a href="https://auth.example.com" class="urlextern" title="https:
 Vérifier dans les paramètres de sécurité que l'authentification Kerberos est autorisée.
 </p>

-</div><!-- EDIT8 SECTION "Web browser configuration" [1885-2244] -->
+</div><!-- EDIT8 SECTION "Web browser configuration" [1293-1652] -->

-<h3 class="sectionedit9" id="apache_kerberos_module_installation">Installation du module Kerberos d'Apache</h3>
-<div class="level3">
-
-<p>
-Sur CentOS/RHEL :
-</p>
-<pre class="code shell">yum install mod_auth_kerb</pre>
-
-<p>
-Sur Debian/Ubuntu :
-</p>
-<pre class="code shell">apt-get install libapache2-mod-auth-kerb</pre>
-
-<p>
-Ce module doit être chargé par Apache (directive LoadModule).
-</p>
-
-</div><!-- EDIT9 SECTION "Apache Kerberos module installation" [2245-2497] -->
-
-<h2 class="sectionedit10" id="single_llng_serversingle_ad_domain">Serveur LL::NG unique / Domaine AD unique</h2>
+<h2 class="sectionedit9" id="single_ad_domain">Single AD domain</h2>
 <div class="level2">

-</div><!-- EDIT10 SECTION "Single LL::NG Server / Single AD domain" [2498-2550] -->
+</div><!-- EDIT9 SECTION "Single AD domain" [1653-1682] -->

-<h3 class="sectionedit11" id="client_kerberos_configuration">Configuration du client Kerberos</h3>
+<h3 class="sectionedit10" id="client_kerberos_configuration">Configuration du client Kerberos</h3>
 <div class="level3">

 <p>
@ -284,9 +246,9 @@ On peut alors fermer la sessions Kerberos :
 </p>
 <pre class="code">kdestroy</pre>

-</div><!-- EDIT11 SECTION "Client Kerberos configuration" [2551-3552] -->
+</div><!-- EDIT10 SECTION "Client Kerberos configuration" [1683-2684] -->

-<h3 class="sectionedit12" id="obtain_keytab_file">Obtenir un fichier table de clef</h3>
+<h3 class="sectionedit11" id="obtain_keytab_file">Obtenir un fichier table de clef</h3>
 <div class="level3">

 <p>
@ -366,81 +328,14 @@ Les points importants à vérifier sont :
 </li>
 </ul>

-</div><!-- EDIT12 SECTION "Obtain keytab file" [3553-5681] -->
+</div><!-- EDIT11 SECTION "Obtain keytab file" [2685-4814] -->

-<h3 class="sectionedit13" id="configuration_of_lemonldapng">Configuration de LemonLDAP::NG</h3>
-<div class="level3">
-
-<p>
-
-See <a href="authkerberos.html" class="wikilink1" title="documentation:2.0:authkerberos">Kerberos authentication module</a> <em>or <a href="authapache.html#llng" class="wikilink1" title="documentation:2.0:authapache">Apache authentication module configuration</a> (deprecated)</em>.
-
-</p>
-
-</div><!-- EDIT13 SECTION "Configuration of LemonLDAP::NG" [5682-5861] -->
-
-<h2 class="sectionedit14" id="llng_clustersingle_ad_domain">Cluster LL::NG / domaine AD unique</h2>
+<h2 class="sectionedit12" id="multiple_ad_domains">Multiple AD domains</h2>
 <div class="level2">

-</div><!-- EDIT14 SECTION "LL::NG Cluster / Single AD domain" [5862-5908] -->
+</div><!-- EDIT12 SECTION "Multiple AD domains" [4815-4847] -->

-<h3 class="sectionedit15" id="client_kerberos_configuration1">Configuration du client Kerberos</h3>
-<div class="level3">
-
-<p>
-La configuration du client Kerberos est la même qie pour un serveur <abbr title="LemonLDAP::NG">LL::NG</abbr> unique.
-</p>
-
-</div><!-- EDIT15 SECTION "Client Kerberos configuration" [5909-6023] -->
-
-<h3 class="sectionedit16" id="obtain_keytab_file1">Obtenir un fichier table de clef</h3>
-<div class="level3">
-<div class="noteimportant">Il faut obtenir une table de clef pour chaque nœud <abbr title="LemonLDAP::NG">LL::NG</abbr>.
-</div>
-<p>
-Les commandes sur Active Directory :
-</p>
-<pre class="code">ktpass -princ HTTP/node1.example.com@EXAMPLE.COM -mapuser KERB_NODE1@EXAMPLE.COM -crypto DES-CBC-MD5 -ptype KRB5_NT_PRINCIPAL -mapOp set -pass &lt;PASSWORD&gt; -out c:\authnode1.keytab
-ktpass -princ HTTP/node2.example.com@EXAMPLE.COM -mapuser KERB_NODE2@EXAMPLE.COM -crypto DES-CBC-MD5 -ptype KRB5_NT_PRINCIPAL -mapOp set -pass &lt;PASSWORD&gt; -out c:\authnode2.keytab</pre>
-
-<p>
-Copier les tables de clefs générés sur chaque nœud (en la renommant en auth.keytab pour avoir la même configuration Apache sur chaque nœud). 
-</p>
-
-<p>
-Changer les droits sur le fichier keytab :
-</p>
-<pre class="code">chown apache /etc/lemonldap-ng/auth.keytab
-chmod 600 /etc/lemonldap-ng/auth.keytab</pre>
-<div class="notetip">On peut faire le même contrôle que pour un serveur <abbr title="LemonLDAP::NG">LL::NG</abbr> isolé. Utiliser simplement node1.example.com et node2.example.com au lieu de auth.example.com.
-</div>
-</div><!-- EDIT16 SECTION "Obtain keytab file" [6024-6957] -->
-
-<h3 class="sectionedit17" id="configuration_of_lemonldapng1">Configuration de LemonLDAP::NG</h3>
-<div class="level3">
-
-<p>
-La configuration est la même qie pour un serveur <abbr title="LemonLDAP::NG">LL::NG</abbr> unique.
-</p>
-
-</div><!-- EDIT17 SECTION "Configuration of LemonLDAP::NG" [6958-7058] -->
-
-<h3 class="sectionedit18" id="configuration_of_portal_virtual_host">Configuration de l'hôte virtuel du portail</h3>
-<div class="level3">
-
-<p>
-Le seul chagement dans la configuration d'Apache est le the <code>KrbServiceName</code> qui doit être mis à Any:
-</p>
-<pre class="code file apache">    KrbServiceName Any</pre>
-
-</div><!-- EDIT18 SECTION "Configuration of portal virtual host" [7059-7247] -->
-
-<h2 class="sectionedit19" id="llng_clustertwo_ad_domains">Cluster LL::NG / Deux domaines AD</h2>
-<div class="level2">
-
-</div><!-- EDIT19 SECTION "LL::NG Cluster / Two AD domains" [7248-7292] -->
-
-<h3 class="sectionedit20" id="client_kerberos_configuration2">Configuration du client Kerberos</h3>
+<h3 class="sectionedit13" id="client_kerberos_configuration1">Configuration du client Kerberos</h3>
 <div class="level3">

 <p>
@ -481,9 +376,9 @@ kdestroy</pre>
 klist -e
 kdestroy</pre>

-</div><!-- EDIT20 SECTION "Client Kerberos configuration" [7293-8037] -->
+</div><!-- EDIT13 SECTION "Client Kerberos configuration" [4848-5592] -->

-<h3 class="sectionedit21" id="obtain_keytab_file2">Obtenir un fichier table de clef</h3>
+<h3 class="sectionedit14" id="obtain_keytab_file1">Obtenir un fichier table de clef</h3>
 <div class="level3">

 <p>
@ -515,27 +410,9 @@ On peut ensuite effacer les tables de clefs originales et protéger la table de
 <pre class="code">chown apache /etc/lemonldap-ng/auth.keytab
 chmod 600 /etc/lemonldap-ng/auth.keytab</pre>

-</div><!-- EDIT21 SECTION "Obtain keytab file" [8038-8699] -->
+</div><!-- EDIT14 SECTION "Obtain keytab file" [5593-6254] -->

-<h3 class="sectionedit22" id="configuration_of_lemonldapng2">Configuration de LemonLDAP::NG</h3>
-<div class="level3">
-
-<p>
-La configuration est la même qie pour un serveur <abbr title="LemonLDAP::NG">LL::NG</abbr> unique.
-</p>
-
-</div><!-- EDIT22 SECTION "Configuration of LemonLDAP::NG" [8700-8800] -->
-
-<h3 class="sectionedit23" id="configuration_of_portal_virtual_host1">Configuration de l'hôte virtuel du portail</h3>
-<div class="level3">
-
-<p>
-La configuration est la même que pour un domaine AD unique.
-</p>
-
-</div><!-- EDIT23 SECTION "Configuration of portal virtual host" [8801-8907] -->
-
-<h2 class="sectionedit24" id="other_resources">Autres documents</h2>
+<h2 class="sectionedit15" id="other_resources">Autres documents</h2>
 <div class="level2">

 <p>
@ -548,7 +425,7 @@ Pour en savoir plus :
 </li>
 </ul>

-</div><!-- EDIT24 SECTION "Other resources" [8908-] -->
+</div><!-- EDIT15 SECTION "Other resources" [6255-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/portalmenu.html
+++ b/po-doc/fr/pages/documentation/current/portalmenu.html
@ -114,6 +114,8 @@ Paramètres des applications :
 </li>
 <li class="level2"><div class="li"> <strong>off</strong> : ne jamais afficher</div>
 </li>
+<li class="level2"><div class="li"> <strong>rule</strong>: specify a <a href="writingrulesand_headers.html" class="wikilink1" title="documentation:2.0:writingrulesand_headers">rule</a> or “sp: &lt;name&gt;” where “name” is the key name of the service provider, the corresponding rule will be applied <em>(available for <abbr title="Central Authentication Service">CAS</abbr>, <abbr title="Security Assertion Markup Language">SAML</abbr> or OpenID-Connect)</em></div>
+</li>
 </ul>
 </li>
 </ul>
@ -123,7 +125,8 @@ Paramètres des applications :
 <p>
 <img src="documentation/manager-portal-menu-icon.png" class="mediacenter" alt="" />
 </p>
-<div class="notetip">Le logo choisi doit se trouver dans le répertoire des logos des applications (<code>portal/skins/common/apps/</code>). You can set a custom logo by setting the logo file name directly in the field, and copy the logo file in portal applications logos directory
+<div class="notetip">The chosen logo file must be in portal applications logos directory (<code>portal/static/common/apps/</code>). You can set a custom logo by setting the logo file name directly in the field, and copy the logo file in portal applications logos directory
+
 </div>
 </div><!-- EDIT3 SECTION "Categories and applications" [828-] -->
 </div>
--- a/po-doc/fr/pages/documentation/current/restserverplugin
+++ b/po-doc/fr/pages/documentation/current/restserverplugin
@ -90,7 +90,7 @@
        <form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
        
        <ul class="nav navbar-nav">
-                    <li><a href="/documentation/2.0/restserverplugin?do=login&amp;sectok=fa0cc1a85fc0d1baf3a61bfee1cba736"  class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li>        </ul>
+                    <li><a href="/documentation/2.0/restserverplugin?do=login&amp;sectok=cf4c71aa95ca9de8db78e281e71fa354"  class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li>        </ul>

      </div>

@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
      
    </div><!-- /site -->

-    <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Arestserverplugin&amp;1508842926" width="2" height="1" alt="" /></div>
+    <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Arestserverplugin&amp;1519247470" width="2" height="1" alt="" /></div>
    <div id="screen__mode" class="no">
      <span class="visible-xs"></span>
      <span class="visible-sm"></span>
--- a/po-doc/fr/pages/documentation/current/samlservice.html
+++ b/po-doc/fr/pages/documentation/current/samlservice.html
@ -11,7 +11,7 @@
  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
 //else --><!-- //endif -->
 <meta name="generator" content="DokuWiki"/>
-<meta name="robots" content="index,follow"/>
+<meta name="robots" content="noindex,nofollow"/>
 <meta name="keywords" content="documentation,2.0,samlservice"/>
 <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
 <link rel="start" href="samlservice.html"/>
@ -138,7 +138,7 @@ Cette documentation explique comment configurer le service <abbr title="Security
 </p>

 <p>
-L'implementation SAML est basée sur <a href="http://lasso.entrouvert.org" class="urlextern" title="http://lasso.entrouvert.org"  rel="nofollow">Lasso</a>. Vous devez utiliser une version récente de Lasso (&gt;= 2.3.0).
+L'implementation SAML est basée sur <a href="http://lasso.entrouvert.org" class="urlextern" title="http://lasso.entrouvert.org"  rel="nofollow">Lasso</a>. You will need a very recent version of Lasso (&gt;= 2.5.0).
 </p>

 </div>
@ -147,7 +147,9 @@ L'implementation SAML est basée sur <a href="http://lasso.entrouvert.org" class
 <div class="level4">

 <p>
-Les paquets sont disponibles ici : <a href="http://deb.entrouvert.org/" class="urlextern" title="http://deb.entrouvert.org/"  rel="nofollow">http://deb.entrouvert.org/</a>.
+
+You can use official Debian packages or those available here: <a href="http://deb.entrouvert.org/" class="urlextern" title="http://deb.entrouvert.org/"  rel="nofollow">http://deb.entrouvert.org/</a>.
+
 </p>

 <p>
@ -164,7 +166,7 @@ You will only need to install liblasso-perl package:

 <p>

-RPMs are available in <abbr title="LemonLDAP::NG">LL::NG</abbr> RPM repository (see <a href="installrpm.html#yum_repository" class="wikilink1" title="documentation:2.0:installrpm">yum_repository</a>)
+RPMs are available in <abbr title="LemonLDAP::NG">LL::NG</abbr> RPM “extras” repository (see <a href="installrpm.html#yum_repository" class="wikilink1" title="documentation:2.0:installrpm">yum_repository</a>)

 </p>

@ -174,7 +176,7 @@ Then install lasso and lasso-perl packages:

 </p>
 <pre class="code">yum install lasso lasso-perl</pre>
-<div class="noteimportant">Only EL6 64bits and EL7 64bits package are available.
+<div class="noteimportant">Only 64bits package are available.

 </div>
 </div>
@ -186,7 +188,7 @@ Then install lasso and lasso-perl packages:
 <a href="http://lasso.entrouvert.org/download/" class="urlextern" title="http://lasso.entrouvert.org/download/"  rel="nofollow">Téléchargez l'archive Lasso</a> et compilez là sur votre système.
 </p>

-</div><!-- EDIT4 SECTION "Lasso" [717-1485] -->
+</div><!-- EDIT4 SECTION "Lasso" [717-1502] -->

 <h2 class="sectionedit5" id="service_configuration">Configuration du service</h2>
 <div class="level2">
@ -196,7 +198,7 @@ Allez dans le Manager et cliquez sur le nœud <code>Service <abbr title="Securit
 </p>
 <div class="notetip">Vous pouvez utiliser le mot clef #PORTAL# dans les valeurs pour remplacer l'<abbr title="Uniform Resource Locator">URL</abbr> du portail.
 </div>
-</div><!-- EDIT5 SECTION "Service configuration" [1486-1649] -->
+</div><!-- EDIT5 SECTION "Service configuration" [1503-1666] -->

 <h3 class="sectionedit6" id="entry_identifier">Identifiant d'entrée</h3>
 <div class="level3">
@ -211,7 +213,7 @@ Votre EntityID, souvent utilisé comme <abbr title="Uniform Resource Locator">UR

 </div><div class="notewarning">Si vous modifiez le suffixe <code>/saml/metadata</code>, vous devez changer la règle de réécriture d'Apache.
 </div>
-</div><!-- EDIT6 SECTION "Entry Identifier" [1650-2047] -->
+</div><!-- EDIT6 SECTION "Entry Identifier" [1667-2064] -->

 <h3 class="sectionedit7" id="security_parameters">Paramètres de sécurité</h3>
 <div class="level3">
@ -250,7 +252,7 @@ You can force <abbr title="LemonLDAP::NG">LL::NG</abbr> to use this certificate
 $ openssl x509 -req -days 3650 -in cert.csr -signkey private.key -out cert.pem</pre>

 </div>
-</div><!-- EDIT7 SECTION "Security parameters" [2048-3310] -->
+</div><!-- EDIT7 SECTION "Security parameters" [2065-3327] -->

 <h3 class="sectionedit8" id="nameid_formats">Formats de NameID</h3>
 <div class="level3">
@ -287,7 +289,7 @@ Les autres formats de NameID sont automatiquement gérés :
 </li>
 </ul>

-</div><!-- EDIT8 SECTION "NameID formats" [3311-4069] -->
+</div><!-- EDIT8 SECTION "NameID formats" [3328-4086] -->

 <h3 class="sectionedit9" id="authentication_contexts">Contextes d'authentification</h3>
 <div class="level3">
@ -311,7 +313,7 @@ Les formats de NameID personnalisables sont :
 </li>
 </ul>

-</div><!-- EDIT9 SECTION "Authentication contexts" [4070-4793] -->
+</div><!-- EDIT9 SECTION "Authentication contexts" [4087-4810] -->

 <h3 class="sectionedit10" id="organization">Organisation</h3>
 <div class="level3">
@ -331,7 +333,7 @@ Les formats de NameID personnalisables sont :
 </li>
 </ul>

-</div><!-- EDIT10 SECTION "Organization" [4794-5305] -->
+</div><!-- EDIT10 SECTION "Organization" [4811-5322] -->

 <h3 class="sectionedit11" id="service_provider">Fournisseur de service</h3>
 <div class="level3">
@ -414,7 +416,7 @@ Les déclarations disponibles sont :
 The only authorized binding is SOAP. Peut être défini par défaut.
 </p>

-</div><!-- EDIT11 SECTION "Service Provider" [5306-6360] -->
+</div><!-- EDIT11 SECTION "Service Provider" [5323-6377] -->

 <h3 class="sectionedit12" id="identity_provider">Fournisseur d'identité</h3>
 <div class="level3">
@ -499,7 +501,7 @@ Les déclarations disponibles sont :
 The only authorized binding is SOAP. Peut être défini par défaut.
 </p>

-</div><!-- EDIT12 SECTION "Identity Provider" [6361-7349] -->
+</div><!-- EDIT12 SECTION "Identity Provider" [6378-7366] -->

 <h3 class="sectionedit13" id="attribute_authority">Autorité d'attributs</h3>
 <div class="level3">
@ -526,7 +528,7 @@ Response Location should be empty, as SOAP responses are directly returned (sync

 </p>

-</div><!-- EDIT13 SECTION "Attribute Authority" [7350-7761] -->
+</div><!-- EDIT13 SECTION "Attribute Authority" [7367-7778] -->

 <h3 class="sectionedit14" id="advanced">Avancé</h3>
 <div class="level3">
@ -585,7 +587,7 @@ Les paramètres de configuration sont :
 </li>
 </ul>

-</div><!-- EDIT14 SECTION "Advanced" [7762-] -->
+</div><!-- EDIT14 SECTION "Advanced" [7779-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/selinux.html
+++ b/po-doc/fr/pages/documentation/current/selinux.html
@ -51,7 +51,8 @@

 <ul class="toc">
 <li class="level1"><div class="li"><a href="#disk_cache_sessions_an_configuration">Disk cache (sessions an configuration)</a></div></li>
-<li class="level1"><div class="li"><a href="#access_to_ldap">Access to LDAP</a></div></li>
+<li class="level1"><div class="li"><a href="#ldap">LDAP</a></div></li>
+<li class="level1"><div class="li"><a href="#databases">Bases de données</a></div></li>
 <li class="level1"><div class="li"><a href="#memcache">Memcache</a></div></li>
 <li class="level1"><div class="li"><a href="#proxy_http">Proxy HTTP</a></div></li>
 </ul>
@ -74,25 +75,38 @@ To make LemonLDAP::NG work with SELinux, you may need to set up some options.
 <div class="level2">
 <pre class="code">chcon -R -t httpd_sys_rw_content_t /tmp</pre>

-</div><!-- EDIT2 SECTION "Disk cache (sessions an configuration)" [103-208] -->
+<p>

-<h2 class="sectionedit3" id="access_to_ldap">Access to LDAP</h2>
+To persist the rule:
+
+</p>
+<pre class="code">semanage fcontext -a -t http_sys_content_t /tmp</pre>
+
+</div><!-- EDIT2 SECTION "Disk cache (sessions an configuration)" [103-291] -->
+
+<h2 class="sectionedit3" id="ldap">LDAP</h2>
 <div class="level2">
-<pre class="code">setsebool -P httpd_can_connect_ldap on</pre>
+<pre class="code">setsebool -P httpd_can_connect_ldap 1</pre>

-</div><!-- EDIT3 SECTION "Access to LDAP" [209-289] -->
+</div><!-- EDIT3 SECTION "LDAP" [292-361] -->

-<h2 class="sectionedit4" id="memcache">Memcache</h2>
+<h2 class="sectionedit4" id="databases">Bases de données</h2>
+<div class="level2">
+<pre class="code">setsebool -P httpd_can_network_connect_db 1</pre>
+
+</div><!-- EDIT4 SECTION "Databases" [362-442] -->
+
+<h2 class="sectionedit5" id="memcache">Memcache</h2>
 <div class="level2">
 <pre class="code">setsebool -P httpd_can_network_memcache 1</pre>

-</div><!-- EDIT4 SECTION "Memcache" [290-367] -->
+</div><!-- EDIT5 SECTION "Memcache" [443-520] -->

-<h2 class="sectionedit5" id="proxy_http">Proxy HTTP</h2>
+<h2 class="sectionedit6" id="proxy_http">Proxy HTTP</h2>
 <div class="level2">
 <pre class="code">setsebool -P httpd_can_network_relay 1</pre>

-</div><!-- EDIT5 SECTION "Proxy HTTP" [368-] -->
+</div><!-- EDIT6 SECTION "Proxy HTTP" [521-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/sqlconfbackend.html
+++ b/po-doc/fr/pages/documentation/current/sqlconfbackend.html
@ -50,17 +50,31 @@
 <div>

 <ul class="toc">
-<li class="level1"><div class="li"><a href="#lemonldap-ngini_parameters">Paramètres lemonldap-ng.ini</a></div></li>
-<li class="level1"><div class="li"><a href="#configure_your_sql_database">Configurer la base de données SQL</a></div>
+<li class="level1"><div class="li"><a href="#mysql">MySQL</a></div>
 <ul class="toc">
-<li class="level2"><div class="li"><a href="#sql_configuration">Configuration SQL</a></div>
+<li class="level2"><div class="li"><a href="#perl_driver">Perl Driver</a></div></li>
+<li class="level2"><div class="li"><a href="#database_and_table_creation">Database and table creation</a></div>
 <ul class="toc">
 <li class="level3"><div class="li"><a href="#rdbi">RDBI</a></div></li>
 <li class="level3"><div class="li"><a href="#cdbi">CDBI</a></div></li>
 </ul>
 </li>
-<li class="level2"><div class="li"><a href="#grant_lemonldapng_access">Autoriser l'accès pour LemonLDAP::NG</a></div></li>
-</ul></li>
+<li class="level2"><div class="li"><a href="#grant_access">Grant access</a></div></li>
+</ul>
+</li>
+<li class="level1"><div class="li"><a href="#connection_settings">Connection settings</a></div></li>
+<li class="level1"><div class="li"><a href="#postgresql">PostGreSQL</a></div>
+<ul class="toc">
+<li class="level2"><div class="li"><a href="#perl_driver1">Perl Driver</a></div></li>
+<li class="level2"><div class="li"><a href="#database_and_table_creation1">Database and table creation</a></div>
+<ul class="toc">
+<li class="level3"><div class="li"><a href="#rdbi1">RDBI</a></div></li>
+<li class="level3"><div class="li"><a href="#cdbi1">CDBI</a></div></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="level1"><div class="li"><a href="#connection_settings1">Connection settings</a></div></li>
 </ul>
 </div>
 </div><!-- TOC END -->
@ -71,60 +85,67 @@

 <p>

-There is 3 types of SQL configuration backends for LemonLDAP::NG :
+There is 2 types of SQL configuration backends for LemonLDAP::NG:

 </p>
 <ul>
-<li class="level1"><div class="li"> <strong>CDBI</strong> : stockage très simple</div>
+<li class="level1"><div class="li"> <strong>CDBI</strong>: very simple storage</div>
 </li>
-<li class="level1"><div class="li"> <strong>RDBI</strong> : stockage en triplets</div>
-</li>
-<li class="level1"><div class="li"> <strong><abbr title="Database Interface">DBI</abbr></strong> devenu obsolète : il reste un backend en lecture seule qui n'existe que pour la compatibilité avec les anciennes versions de LemonLDAP::NG. Voir <a href="changeconfbackend.html" class="wikilink1" title="documentation:2.0:changeconfbackend">comment changer de backend de configuration</a>.</div>
+<li class="level1"><div class="li"> <strong>RDBI</strong>: triple store storage (recommended)</div>
 </li>
 </ul>
+<div class="notetip">You can use any database engine if it provides a Perl Driver. You will find here examples for MySQL and PostGreSQL, but other engines may also work.

-</div><!-- EDIT1 SECTION "SQL configuration backends" [1-382] -->
-
-<h2 class="sectionedit2" id="lemonldap-ngini_parameters">Paramètres lemonldap-ng.ini</h2>
-<div class="level2">
-
+</div>
 <p>

-To use a SQL backend, configure your <code>lemonldap-ng.ini</code> file (section configuration) :
+See <a href="changeconfbackend.html" class="wikilink1" title="documentation:2.0:changeconfbackend">how to change configuration backend</a>.

 </p>
-<ul>
-<li class="level1"><div class="li"> Choisir le type <abbr title="Database Interface">DBI</abbr> (RDBI, CDBI or <abbr title="Database Interface">DBI</abbr>)</div>
-</li>
-<li class="level1"><div class="li"> Configurer la chaîne de connexion (voir la <a href="http://search.cpan.org/perldoc?DBI" class="urlextern" title="http://search.cpan.org/perldoc?DBI"  rel="nofollow">page de manuel DBI</a>)</div>
-</li>
-<li class="level1"><div class="li"> Configurer le nom de compte et le mot-de-passe</div>
-</li>
-<li class="level1"><div class="li"> Si la table ne se nomme pas lmConfig, mettre son nom dans le paramètre <code>dbiTable</code>.</div>
-</li>
-</ul>

-<p>
-Exemple pour MySQL :
-</p>
-<pre class="code ini"><span class="re0"><span class="br0">[</span>configuration<span class="br0">]</span></span>
-<span class="re1">type</span> <span class="sy0">=</span><span class="re2"> RDBI</span>
-<span class="re1">dbiChain</span>    <span class="sy0">=</span><span class="re2"> DBI:mysql:database=lemonldap-ng</span><span class="co0">;host=1.2.3.4</span>
-<span class="re1">dbiUser</span>     <span class="sy0">=</span><span class="re2"> lemonldap</span>
-<span class="re1">dbiPassword</span> <span class="sy0">=</span><span class="re2"> password</span>
-<span class="co0">; optional</span>
-<span class="re1">dbiTable</span>    <span class="sy0">=</span><span class="re2"> mytablename</span></pre>
+</div><!-- EDIT1 SECTION "SQL configuration backends" [1-423] -->

-</div><!-- EDIT2 SECTION "Lemonldap-ng.ini parameters" [383-974] -->
-
-<h2 class="sectionedit3" id="configure_your_sql_database">Configurer la base de données SQL</h2>
+<h2 class="sectionedit2" id="mysql">MySQL</h2>
 <div class="level2">

-</div><!-- EDIT3 SECTION "Configure your SQL database" [975-1015] -->
+</div><!-- EDIT2 SECTION "MySQL" [424-442] -->

-<h3 class="sectionedit4" id="sql_configuration">Configuration SQL</h3>
+<h3 class="sectionedit3" id="perl_driver">Perl Driver</h3>
 <div class="level3">

+<p>
+
+You need DBD::MySQL Perl module:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  Debian:</div>
+</li>
+</ul>
+<pre class="code">apt install libdbd-mysql-perl</pre>
+<ul>
+<li class="level1"><div class="li">  Red Hat:</div>
+</li>
+</ul>
+<pre class="code">yum install perl-DBD-MySQL</pre>
+
+</div><!-- EDIT3 SECTION "Perl Driver" [443-611] -->
+
+<h3 class="sectionedit4" id="database_and_table_creation">Database and table creation</h3>
+<div class="level3">
+
+<p>
+Créer la base de données :
+</p>
+<pre class="code sql"><span class="kw1">CREATE</span> <span class="kw1">DATABASE</span> lemonldap<span class="sy0">-</span>ng <span class="kw1">CHARACTER</span> <span class="kw1">SET</span> utf8;</pre>
+
+<p>
+
+Use database to create table:
+
+</p>
+<pre class="code sql"><span class="kw1">USE</span> lemonldap<span class="sy0">-</span>ng</pre>
+
 </div>

 <h4 id="rdbi">RDBI</h4>
@ -132,7 +153,7 @@ Exemple pour MySQL :
 <pre class="code sql"><span class="kw1">CREATE</span> <span class="kw1">TABLE</span> lmConfig <span class="br0">(</span>
    cfgNum <span class="kw1">INT</span><span class="br0">(</span><span class="nu0">11</span><span class="br0">)</span> <span class="kw1">NOT</span> <span class="kw1">NULL</span><span class="sy0">,</span>
    <span class="kw1">FIELD</span> <span class="kw1">VARCHAR</span><span class="br0">(</span><span class="nu0">255</span><span class="br0">)</span> <span class="kw1">NOT</span> <span class="kw1">NULL</span> <span class="kw1">DEFAULT</span> <span class="st0">''</span><span class="sy0">,</span>
-    <span class="kw1">VALUE</span> longblob<span class="sy0">,</span>
+    <span class="kw1">VALUE</span> longtext<span class="sy0">,</span>
    <span class="kw1">PRIMARY</span> <span class="kw1">KEY</span> <span class="br0">(</span>cfgNum<span class="sy0">,</span><span class="kw1">FIELD</span><span class="br0">)</span>
    <span class="br0">)</span>;</pre>

@ -142,18 +163,18 @@ Exemple pour MySQL :
 <div class="level4">
 <pre class="code sql"><span class="kw1">CREATE</span> <span class="kw1">TABLE</span> lmConfig <span class="br0">(</span>
    cfgNum <span class="kw1">INT</span> <span class="kw1">NOT</span> <span class="kw1">NULL</span> <span class="kw1">PRIMARY</span> <span class="kw1">KEY</span><span class="sy0">,</span>
-    <span class="kw1">DATA</span> longblob
+    <span class="kw1">DATA</span> longtext
 <span class="br0">)</span>;</pre>

-</div><!-- EDIT4 SECTION "SQL configuration" [1016-1349] -->
+</div><!-- EDIT4 SECTION "Database and table creation" [612-1104] -->

-<h3 class="sectionedit5" id="grant_lemonldapng_access">Autoriser l'accès pour LemonLDAP::NG</h3>
+<h3 class="sectionedit5" id="grant_access">Grant access</h3>
 <div class="level3">

 <p>
 Il faut autoriser l'accès en lecture et écriture pour le manager. Les autres composants n'ont besoin que d'un accès en lecture. On peut également utiliser le même compte pour tous.
 </p>
-<div class="notetip">Plusieurs chaînes dbiUser sont utilisables :<ul>
+<div class="notetip">You can use different dbiUser strings:<ul>
 <li class="level1"><div class="li"> une avec des droits en lecture/écriture pour les serveurs hébergeant le manager</div>
 </li>
 <li class="level1"><div class="li"> une avec seulement des droits en lecture pour les autres serveurs</div>
@ -162,14 +183,115 @@ Il faut autoriser l'accès en lecture et écriture pour le manager. Les autres c

 </div>
 <p>
-Exemple MySQL (on suppose que les serveurs sont sur le réseau 10.0.0.0/24):
+
+For example (suppose that our servers are in 10.0.0.0/24 network):
+
 </p>
 <pre class="code sql"><span class="kw1">GRANT</span> <span class="kw1">SELECT</span><span class="sy0">,</span><span class="kw1">INSERT</span><span class="sy0">,</span><span class="kw1">UPDATE</span><span class="sy0">,</span><span class="kw1">DELETE</span><span class="sy0">,</span><span class="kw1">LOCK</span> <span class="kw1">TABLES</span> <span class="kw1">ON</span> lemonldap<span class="sy0">-</span>ng<span class="sy0">.</span>lmConfig
-  <span class="kw1">TO</span> lemonldap<span class="sy0">-</span>ng@manager<span class="sy0">.</span>host <span class="kw1">IDENTIFIED</span> <span class="kw1">BY</span> <span class="st0">'mypassword'</span>;
+  <span class="kw1">TO</span> lemonldaprw@manager<span class="sy0">.</span>host <span class="kw1">IDENTIFIED</span> <span class="kw1">BY</span> <span class="st0">'mypassword'</span>;
 <span class="kw1">GRANT</span> <span class="kw1">SELECT</span> <span class="kw1">ON</span> lemonldap<span class="sy0">-</span>ng<span class="sy0">.</span>lmConfig
-  <span class="kw1">TO</span> lemonldap<span class="sy0">-</span>ng<span class="sy0">-</span><span class="kw1">USER</span>@<span class="st0">'10.0.0.%'</span> <span class="kw1">IDENTIFIED</span> <span class="kw1">BY</span> <span class="st0">'myotherpassword'</span>;</pre>
+  <span class="kw1">TO</span> lemonldapro@<span class="st0">'10.0.0.%'</span> <span class="kw1">IDENTIFIED</span> <span class="kw1">BY</span> <span class="st0">'myotherpassword'</span>;</pre>

-</div><!-- EDIT5 SECTION "Grant LemonLDAP::NG access" [1350-] -->
+</div><!-- EDIT5 SECTION "Grant access" [1105-1759] -->
+
+<h2 class="sectionedit6" id="connection_settings">Connection settings</h2>
+<div class="level2">
+
+<p>
+
+Change configuration settings in <code>/etc/lemonldap-ng/lemonldap-ng.ini</code> file (section configuration):
+
+</p>
+<pre class="code ini"><span class="re0"><span class="br0">[</span>configuration<span class="br0">]</span></span>
+<span class="re1">type</span> <span class="sy0">=</span><span class="re2"> RDBI</span>
+<span class="re1">dbiChain</span>    <span class="sy0">=</span><span class="re2"> DBI:mysql:database=lemonldap-ng</span><span class="co0">;host=1.2.3.4</span>
+<span class="re1">dbiUser</span>     <span class="sy0">=</span><span class="re2"> lemonldaprw</span>
+<span class="re1">dbiPassword</span> <span class="sy0">=</span><span class="re2"> mypassword</span>
+<span class="co0">; optional</span>
+<span class="re1">dbiTable</span>    <span class="sy0">=</span><span class="re2"> mytablename</span></pre>
+
+</div><!-- EDIT6 SECTION "Connection settings" [1760-2090] -->
+
+<h2 class="sectionedit7" id="postgresql">PostGreSQL</h2>
+<div class="level2">
+
+</div><!-- EDIT7 SECTION "PostGreSQL" [2091-2114] -->
+
+<h3 class="sectionedit8" id="perl_driver1">Perl Driver</h3>
+<div class="level3">
+
+<p>
+
+You need DBD::Pg Perl module:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  Debian:</div>
+</li>
+</ul>
+<pre class="code">apt install libdbd-pg-perl</pre>
+<ul>
+<li class="level1"><div class="li">  Red Hat:</div>
+</li>
+</ul>
+<pre class="code">yum install perl-DBD-Pg</pre>
+
+</div><!-- EDIT8 SECTION "Perl Driver" [2115-2274] -->
+
+<h3 class="sectionedit9" id="database_and_table_creation1">Database and table creation</h3>
+<div class="level3">
+
+<p>
+Créer la base de données :
+</p>
+<pre class="code sql"><span class="kw1">CREATE</span> <span class="kw1">DATABASE</span> lemonldap<span class="sy0">-</span>ng;</pre>
+
+<p>
+
+Use database to create table:
+
+</p>
+<pre class="code sql"><span class="kw1">USE</span> lemonldap<span class="sy0">-</span>ng</pre>
+
+</div>
+
+<h4 id="rdbi1">RDBI</h4>
+<div class="level4">
+<pre class="code sql"><span class="kw1">CREATE</span> <span class="kw1">TABLE</span> lmconfig <span class="br0">(</span>
+    cfgnum <span class="kw1">INTEGER</span> <span class="kw1">NOT</span> <span class="kw1">NULL</span><span class="sy0">,</span>
+    <span class="kw1">FIELD</span> text <span class="kw1">NOT</span> <span class="kw1">NULL</span><span class="sy0">,</span>
+    <span class="kw1">VALUE</span> text<span class="sy0">,</span>
+    <span class="kw1">PRIMARY</span> <span class="kw1">KEY</span> <span class="br0">(</span>cfgNum<span class="sy0">,</span><span class="kw1">FIELD</span><span class="br0">)</span>
+    <span class="br0">)</span>;</pre>
+
+</div>
+
+<h4 id="cdbi1">CDBI</h4>
+<div class="level4">
+<pre class="code sql"><span class="kw1">CREATE</span> <span class="kw1">TABLE</span> lmConfig <span class="br0">(</span>
+    cfgnum <span class="kw1">INTEGER</span> <span class="kw1">NOT</span> <span class="kw1">NULL</span> <span class="kw1">PRIMARY</span> <span class="kw1">KEY</span><span class="sy0">,</span>
+    <span class="kw1">DATA</span> text
+<span class="br0">)</span>;</pre>
+
+</div><!-- EDIT9 SECTION "Database and table creation" [2275-2725] -->
+
+<h2 class="sectionedit10" id="connection_settings1">Connection settings</h2>
+<div class="level2">
+
+<p>
+
+Change configuration settings in <code>/etc/lemonldap-ng/lemonldap-ng.ini</code> file (section configuration):
+
+</p>
+<pre class="code ini"><span class="re0"><span class="br0">[</span>configuration<span class="br0">]</span></span>
+<span class="re1">type</span> <span class="sy0">=</span><span class="re2"> RDBI</span>
+<span class="re1">dbiChain</span>    <span class="sy0">=</span><span class="re2"> DBI:Pg:database=lemonldap-ng</span><span class="co0">;host=1.2.3.4</span>
+<span class="re1">dbiUser</span>     <span class="sy0">=</span><span class="re2"> lemonldaprw</span>
+<span class="re1">dbiPassword</span> <span class="sy0">=</span><span class="re2"> mypassword</span>
+<span class="co0">; optional</span>
+<span class="re1">dbiTable</span>    <span class="sy0">=</span><span class="re2"> mytablename</span></pre>
+
+</div><!-- EDIT10 SECTION "Connection settings" [2726-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/start.html
+++ b/po-doc/fr/pages/documentation/current/start.html
@ -11,7 +11,7 @@
  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
 //else --><!-- //endif -->
 <meta name="generator" content="DokuWiki"/>
-<meta name="robots" content="index,follow"/>
+<meta name="robots" content="noindex,nofollow"/>
 <meta name="keywords" content="documentation,2.0,start"/>
 <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
 <link rel="start" href="start.html"/>
@ -267,7 +267,7 @@
 		<td class="col0"> <a href="authfacebook.html" class="wikilink1" title="documentation:2.0:authfacebook">Facebook</a> </td><td class="col1 centeralign">    ✔    </td><td class="col2 centeralign">    ✔    </td><td class="col3 leftalign">   </td>
 	</tr>
 	<tr class="row7 rowodd">
-		<td class="col0"> <a href="authkerberos.html" class="wikilink1" title="documentation:2.0:authkerberos">Kerberos</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign">    ✔    </td><td class="col2 centeralign">    ✔    </td><td class="col3 centeralign">    ✔    </td>
+		<td class="col0"> <a href="authkerberos.html" class="wikilink1" title="documentation:2.0:authkerberos">Kerberos</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign">    ✔    </td><td class="col2 leftalign">    </td><td class="col3 leftalign">    </td>
 	</tr>
 	<tr class="row8 roweven">
 		<td class="col0"> <a href="authldap.html" class="wikilink1" title="documentation:2.0:authldap">LDAP</a> </td><td class="col1 centeralign">    ✔    </td><td class="col2 centeralign">    ✔    </td><td class="col3 centeralign">    ✔    </td>
@ -342,9 +342,18 @@
 		<td class="col0"> <a href="u2f.html" class="wikilink1" title="documentation:2.0:u2f">U2F</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign">    ✔    </td><td class="col2"></td><td class="col3"></td>
 	</tr>
 	<tr class="row32 roweven">
+		<td class="col0"> <a href="totp2f.html" class="wikilink1" title="documentation:2.0:totp2f">TOTP</a> <em>(Google Authenticator,…)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign">    ✔    </td><td class="col2"></td><td class="col3"></td>
+	</tr>
+	<tr class="row33 rowodd">
 		<td class="col0"> <a href="external2f.html" class="wikilink1" title="documentation:2.0:external2f">External Second Factor</a> <em>(OTP, SMS,…)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign">    ✔    </td><td class="col2"></td><td class="col3"></td>
 	</tr>
-</table></div><!-- EDIT9 TABLE [2221-4140] -->
+	<tr class="row34 roweven">
+		<th class="col0">  Auth addons  </th><th class="col1 centeralign">  Authentification  </th><td class="col2"></td><td class="col3"></td>
+	</tr>
+	<tr class="row35 rowodd">
+		<td class="col0"> <a href="autosignin.html" class="wikilink1" title="documentation:2.0:autosignin">Auto Signin</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign">    ✔    </td><td class="col2"></td><td class="col3"></td>
+	</tr>
+</table></div><!-- EDIT9 TABLE [2221-4313] -->

 <p>
 </p></div></div>
@ -388,13 +397,13 @@
 	<tr class="row5 rowodd">
 		<td class="col0"> <a href="issuerdbget.html" class="wikilink1" title="documentation:2.0:issuerdbget">Get parameters provider</a> <em>(for poor applications)</em> </td><td class="col1 leftalign">   </td><td class="col2 centeralign">    ✔    </td>
 	</tr>
-</table></div><!-- EDIT10 TABLE [4486-4847] -->
+</table></div><!-- EDIT10 TABLE [4659-5020] -->

 <p>
 </p></div></div>
 </p>

-</div><!-- EDIT8 SECTION "Portal" [1685-4875] -->
+</div><!-- EDIT8 SECTION "Portal" [1685-5048] -->

 <h3 class="sectionedit11" id="handlers">Handlers</h3>
 <div class="level3">
@ -437,7 +446,7 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
 	<tr class="row7 rowodd">
 		<td class="col0"> <a href="applications/zimbra.html" class="wikilink1" title="documentation:2.0:applications:zimbra">Zimbra PreAuth</a> </td><td class="col1 centeralign">    ✔    </td><td class="col2 centeralign">    ✔    </td><td class="col3 leftalign">  </td><td class="col4 leftalign">  </td>
 	</tr>
-</table></div><!-- EDIT12 TABLE [5114-5947] -->
+</table></div><!-- EDIT12 TABLE [5287-6120] -->

 <p>
 <em>(*): <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js handler</a> has not yet reached the same level of functionality.</em>
@ -447,7 +456,7 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
 </p></div></div>
 </p>

-</div><!-- EDIT11 SECTION "Handlers" [4876-6070] -->
+</div><!-- EDIT11 SECTION "Handlers" [5049-6243] -->

 <h3 class="sectionedit13" id="llng_databases">LLNG databases</h3>
 <div class="level3">
@ -493,7 +502,7 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
 	<tr class="row7 rowodd">
 		<td class="col0 centeralign">  <a href="restconfbackend.html" class="wikilink1" title="documentation:2.0:restconfbackend">REST</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a>  </td><td class="col1 centeralign">    ✔    </td><td class="col2 leftalign"> Backend proxy à utiliser avec un autre backend de configuration. <br/><strong>Peut être utilisé pour sécuriser un autre backend</strong> pour des serveurs distants.  </td>
 	</tr>
-</table></div><!-- EDIT14 TABLE [6369-7351] -->
+</table></div><!-- EDIT14 TABLE [6542-7524] -->
 <div class="notetip">On ne peut démarrer avec une configuration vide, il faut donc lire <a href="changeconfbackend.html" class="wikilink1" title="documentation:2.0:changeconfbackend">comment changer de backend de configuration</a> pour convertir une configuration existante en une autre.
 </div>
 <p>
@ -548,13 +557,13 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
 	<tr class="row8 roweven">
 		<td class="col0 centeralign">  <a href="soapsessionbackend.html" class="wikilink1" title="documentation:2.0:soapsessionbackend">SOAP</a>  </td><td class="col1 centeralign">    ✔    </td><td class="col2 centeralign">    ✔    </td><td class="col3 centeralign">    ✔    </td><td class="col4 centeralign">    ✔    </td><td class="col5 leftalign"> Backend proxy à utiliser avec un autre backend de sessions. <br/> <strong>Peut être utilisé pour sécuriser un autre backend</strong> pour des serveurs distants.  </td>
 	</tr>
-</table></div><!-- EDIT15 TABLE [8216-9895] -->
+</table></div><!-- EDIT15 TABLE [8389-10068] -->

 <p>
 </p></div></div>
 </p>

-</div><!-- EDIT13 SECTION "LLNG databases" [6071-9923] -->
+</div><!-- EDIT13 SECTION "LLNG databases" [6244-10096] -->

 <h2 class="sectionedit16" id="applications_protection">Protection des applications</h2>
 <div class="level2">
@ -583,7 +592,7 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
 </p></div></div>
 </p>

-</div><!-- EDIT16 SECTION "Applications protection" [9924-10414] -->
+</div><!-- EDIT16 SECTION "Applications protection" [10097-10587] -->

 <h3 class="sectionedit17" id="well_known_compatible_applications">Well known compatible applications</h3>
 <div class="level3">
@ -660,6 +669,12 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
 </div>
 </p>

+<p>
+</p><div class="col-sm-3">
+<a href="applications/wordpress.html" class="media" title="documentation:2.0:applications:wordpress"><img src="icons/kmultiple.png" class="mediacenter" title="Wordpress" alt="Wordpress" /></a>
+</div>
+</p>
+
 <p>
 </p><div class="col-sm-3">
 <a href="applications/zimbra.html" class="media" title="documentation:2.0:applications:zimbra"><img src="icons/kmultiple.png" class="mediacenter" title="Zimbra" alt="Zimbra" /></a>
@ -670,7 +685,7 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
 </p></div>
 </p>

-</div><!-- EDIT17 SECTION "Well known compatible applications" [10415-12353] -->
+</div><!-- EDIT17 SECTION "Well known compatible applications" [10588-12668] -->

 <h2 class="sectionedit18" id="advanced_features">Fonctionnalités avancées</h2>
 <div class="level2">
@ -707,6 +722,8 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
 </li>
 <li class="level1"><div class="li"> <a href="servertoserver.html" class="wikilink1" title="documentation:2.0:servertoserver">Handling server webservice calls</a></div>
 </li>
+<li class="level1"><div class="li"> <a href="https://github.com/lemonldap-ng-controller/lemonldap-ng-controller" class="urlextern" title="https://github.com/lemonldap-ng-controller/lemonldap-ng-controller"  rel="nofollow">LemonLDAP::NG kubernetes controller</a></div>
+</li>
 <li class="level1"><div class="li"> <a href="safejail.html" class="wikilink1" title="documentation:2.0:safejail">Cage sécurisée</a></div>
 </li>
 <li class="level1"><div class="li"> <a href="loginhistory.html" class="wikilink1" title="documentation:2.0:loginhistory">Historique de connexion</a></div>
@ -721,7 +738,7 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
 </p></div></div>
 </p>

-</div><!-- EDIT18 SECTION "Advanced features" [12354-13291] -->
+</div><!-- EDIT18 SECTION "Advanced features" [12669-13717] -->

 <h2 class="sectionedit19" id="mini_howtos">Mini howtos</h2>
 <div class="level2">
@ -752,7 +769,7 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
 </p></div></div>
 </p>

-</div><!-- EDIT19 SECTION "Mini howtos" [13292-13961] -->
+</div><!-- EDIT19 SECTION "Mini howtos" [13718-14387] -->

 <h2 class="sectionedit20" id="exploitation">Exploitation</h2>
 <div class="level2">
@ -785,7 +802,7 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
 </p></div></div>
 </p>

-</div><!-- EDIT20 SECTION "Exploitation" [13962-14382] -->
+</div><!-- EDIT20 SECTION "Exploitation" [14388-14808] -->

 <h2 class="sectionedit21" id="bug_report">Bug report</h2>
 <div class="level2">
@ -796,7 +813,7 @@ See <a href="bugreport.html" class="wikilink1" title="bugreport">How to report a

 </p>

-</div><!-- EDIT21 SECTION "Bug report" [14383-14447] -->
+</div><!-- EDIT21 SECTION "Bug report" [14809-14873] -->

 <h2 class="sectionedit22" id="developer_corner">Developer corner</h2>
 <div class="level2">
@ -821,12 +838,18 @@ To develop a portal plugin, see manpages:
 <ul>
 <li class="level1"><div class="li">  Lemonldap::NG::Portal</div>
 </li>
-<li class="level1"><div class="li">  Lemonldap::NG::Portal::Auth::Base</div>
+<li class="level1"><div class="li">  Lemonldap::NG::Portal::Auth</div>
+</li>
+<li class="level1"><div class="li">  Lemonldap::NG::Portal::UserDB</div>
+</li>
+<li class="level1"><div class="li">  Lemonldap::NG::Portal::Main::SecondFactor</div>
 </li>
 <li class="level1"><div class="li">  Lemonldap::NG::Portal::Main::Issuer</div>
 </li>
 <li class="level1"><div class="li">  Lemonldap::NG::Portal::Main::Plugin</div>
 </li>
+<li class="level1"><div class="li">  Lemonldap::NG::Portal::Main::Request <em>(the request object)</em></div>
+</li>
 </ul>

 <p>
@ -871,7 +894,7 @@ To translate this doc (Manager help):
 </li>
 </ul>

-</div><!-- EDIT22 SECTION "Developer corner" [14448-] -->
+</div><!-- EDIT22 SECTION "Developer corner" [14874-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/totp2f.html
+++ b/po-doc/fr/pages/documentation/current/totp2f.html
@ -0,0 +1,144 @@
+<!DOCTYPE html>
+<html lang="fr" dir="ltr">
+<head>
+    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
+  <meta charset="utf-8" />
+  <title>documentation:2.0:totp2f</title><!-- //if:usedebianlibs
+  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
+//elsif:useexternallibs
+  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
+//elsif:cssminified
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
+//else --><!-- //endif -->
+<meta name="generator" content="DokuWiki"/>
+<meta name="robots" content="noindex,nofollow"/>
+<meta name="keywords" content="documentation,2.0,totp2f"/>
+<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
+<link rel="start" href="totp2f.html"/>
+<link rel="contents" href="totp2f.html" title="Sitemap"/>
+<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
+
+  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
+
+<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:totp2f","namespace":"documentation:2.0"};
+/*!]]>*/</script>
+<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
+<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
+//elsif:useexternallibs
+<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
+//elsif:jsminified
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
+//else -->
+
+<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
+  <script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
+//elsif:useexternallibs
+  <script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
+//elsif:jsminified
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
+//else -->
+
+
+  <script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script><!-- //endif -->
+
+</head>
+<body>
+<div class="dokuwiki export container"><!-- TOC START -->
+
+<div id="dw__toc">
+<h3 class="toggle">Table of Contents</h3>
+<div>
+
+<ul class="toc">
+<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div></li>
+<li class="level1"><div class="li"><a href="#assistance">Assistance</a></div></li>
+<li class="level1"><div class="li"><a href="#developer_corner">Developer corner</a></div></li>
+</ul>
+</div>
+</div><!-- TOC END -->
+
+
+<h1 class="sectionedit1" id="totp_2nd_factor_authentication_u2f">TOTP 2nd Factor Authentication (U2F)</h1>
+<div class="level1">
+
+<p>
+<a href="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm" class="urlextern" title="https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm"  rel="nofollow">Time based One Time Password</a> (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time. This is currently what <a href="https://en.wikipedia.org/wiki/Google_Authenticator" class="urlextern" title="https://en.wikipedia.org/wiki/Google_Authenticator"  rel="nofollow">Google Authenticator</a> or <a href="https://freeotp.github.io/" class="urlextern" title="https://freeotp.github.io/"  rel="nofollow">FreeOTP</a> use.
+
+</p>
+
+<p>
+
+LLNG can propose to users to register this kind of software to increase authentication level.
+
+</p>
+<div class="notetip">Note that it's a second factor, not an authentication module. Users are authenticated by both login form and TOTP.
+
+</div>
+</div><!-- EDIT1 SECTION "TOTP 2nd Factor Authentication (U2F)" [1-633] -->
+
+<h2 class="sectionedit2" id="configuration">Configuration</h2>
+<div class="level2">
+
+<p>
+
+In the manager (advanced parameters), you just have to enable it:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  TOTP ⇒ Activation: set it to “on”</div>
+</li>
+<li class="level1"><div class="li">  TOTP ⇒ Self registration: set it to “on” <em>(to display this application on the menu, create an application that points to <a href="https://auth.your.domain/totpregister.html" class="urlextern" title="https://auth.your.domain/totpregister.html"  rel="nofollow">https://auth.your.domain/totpregister.html</a>)</em></div>
+</li>
+<li class="level1"><div class="li">  TOTP ⇒ Authentication level: you can overwrite here auth level for TOTP registered users. Leave it blank keeps auth level provided by first authentication module <em>(default: 2 for user/password based modules)</em></div>
+</li>
+<li class="level1"><div class="li">  TOTP ⇒ Issuer: default to portal hostname</div>
+</li>
+<li class="level1"><div class="li">  TOTP ⇒ Interval: interval for TOTP algorithm (default: 30)</div>
+</li>
+<li class="level1"><div class="li">  TOTP ⇒ Range: number of additional intervals to test (default: 1)</div>
+</li>
+<li class="level1"><div class="li">  TOTP ⇒ Digits: number of digit of codes (default: 6)</div>
+</li>
+</ul>
+<div class="noteimportant">If you want to use a custom rule for “activation” and want to keep self-registration, you must include this in your rule that <code>$_totp2fSecret</code> is set, else TOTP will be required even if users are not registered. This is automatically done when “activation” is simply set to “on”.
+
+</div>
+</div><!-- EDIT2 SECTION "Configuration" [634-1701] -->
+
+<h2 class="sectionedit3" id="assistance">Assistance</h2>
+<div class="level2">
+
+<p>
+
+If a user lost its key, you may remove it's persistent session using the session explorer.
+
+</p>
+
+</div><!-- EDIT3 SECTION "Assistance" [1702-1817] -->
+
+<h2 class="sectionedit4" id="developer_corner">Developer corner</h2>
+<div class="level2">
+
+<p>
+
+If you have another TOTP registration interface, you have to populate session (using exported variables) to set these keys:
+
+</p>
+<div class="table sectionedit5"><table class="inline table table-bordered table-striped">
+	<thead>
+	<tr class="row0 roweven">
+		<th class="col0"> Nom </th><th class="col1">  Value  </th>
+	</tr>
+	</thead>
+	<tr class="row1 rowodd">
+		<td class="col0">  _totp2fSecret  </td><td class="col1">  key handle value, base32 encoded  </td>
+	</tr>
+	<tr class="row2 roweven">
+		<td class="col0">  _u2fUserKey  </td><td class="col1">  user key value, base64 encoded  </td>
+	</tr>
+</table></div><!-- EDIT5 TABLE [1973-2091] -->
+
+</div><!-- EDIT4 SECTION "Developer corner" [1818-] -->
+</div>
+</body>
+</html>
--- a/po-doc/fr/pages/documentation/current/u2f.html
+++ b/po-doc/fr/pages/documentation/current/u2f.html
@ -52,6 +52,7 @@
 <ul class="toc">
 <li class="level1"><div class="li"><a href="#prerequisites_and_dependencies">Pré-requis et dépendances</a></div></li>
 <li class="level1"><div class="li"><a href="#configuration">Configuration</a></div></li>
+<li class="level1"><div class="li"><a href="#browser_compatibility">Browser compatibility</a></div></li>
 <li class="level1"><div class="li"><a href="#assistance">Assistance</a></div></li>
 <li class="level1"><div class="li"><a href="#developer_corner">Developer corner</a></div></li>
 </ul>
@ -85,8 +86,10 @@ LLNG can propose to users to register their keys. When done, registered user can
 This feature uses <a href="https://metacpan.org/pod/Crypt::U2F::Server::Simple" class="urlextern" title="https://metacpan.org/pod/Crypt::U2F::Server::Simple"  rel="nofollow">Crypt::U2F::Server::Simple</a> that is available only via CPAN for now. Before compiling it, you must install Yubico's C library headers (called libu2f-server-dev on Debian).

 </p>
+<div class="noteimportant">An HTTPS portal is required to use U2F

-</div><!-- EDIT2 SECTION "Prerequisites and dependencies" [522-811] -->
+</div>
+</div><!-- EDIT2 SECTION "Prerequisites and dependencies" [522-873] -->

 <h2 class="sectionedit3" id="configuration">Configuration</h2>
 <div class="level2">
@ -99,7 +102,7 @@ In the manager (advanced parameters), you just have to enable it:
 <ul>
 <li class="level1"><div class="li">  U2F ⇒ Activation: set it to “on”</div>
 </li>
-<li class="level1"><div class="li">  U2F ⇒ Self registration: set it to “on” <em>(to display this application on the menu, create an application that points to <a href="http://auth.your.domain/u2fregister.html" class="urlextern" title="http://auth.your.domain/u2fregister.html"  rel="nofollow">http://auth.your.domain/u2fregister.html</a>)</em></div>
+<li class="level1"><div class="li">  U2F ⇒ Self registration: set it to “on” <em>(to display this application on the menu, create an application that points to <a href="https://auth.your.domain/u2fregister.html" class="urlextern" title="https://auth.your.domain/u2fregister.html"  rel="nofollow">https://auth.your.domain/u2fregister.html</a>)</em></div>
 </li>
 <li class="level1"><div class="li">  U2F ⇒ Authentication level: you can overwrite here auth level for U2F registered users. Leave it blank keeps auth level provided by first authentication module <em>(default: 2 for user/password based modules)</em></div>
 </li>
@ -107,9 +110,30 @@ In the manager (advanced parameters), you just have to enable it:
 <div class="noteimportant">If you want to use a custom rule for “activation” and want to keep self-registration, you must include this in your rule: <code>$_u2fKeyHandle and $_u2fUserKey</code>, else U2F will be required even if users are not registered. This is automatically done when “activation” is simply set to “on”.

 </div>
-</div><!-- EDIT3 SECTION "Configuration" [812-1637] -->
+</div><!-- EDIT3 SECTION "Configuration" [874-1701] -->

-<h2 class="sectionedit4" id="assistance">Assistance</h2>
+<h2 class="sectionedit4" id="browser_compatibility">Browser compatibility</h2>
+<div class="level2">
+<ul>
+<li class="level1"><div class="li">  Chrome/Chromium &gt;= 38</div>
+</li>
+<li class="level1"><div class="li">  Firefox :</div>
+<ul>
+<li class="level2"><div class="li">  38 to 56 with <a href="https://addons.mozilla.org/fr/firefox/addon/u2f-support-add-on/" class="urlextern" title="https://addons.mozilla.org/fr/firefox/addon/u2f-support-add-on/"  rel="nofollow">U2F Support Add-on</a></div>
+</li>
+<li class="level2"><div class="li">  57 to 58, with “security.webauth.u2f” set to “true” in “about:config” <em>(see <a href="https://www.yubico.com/2017/11/how-to-navigate-fido-u2f-in-firefox-quantum/" class="urlextern" title="https://www.yubico.com/2017/11/how-to-navigate-fido-u2f-in-firefox-quantum/"  rel="nofollow">Yubico explanations</a>)</em></div>
+</li>
+<li class="level2"><div class="li">  probably enabled by default for versions &gt;= 59</div>
+</li>
+</ul>
+</li>
+<li class="level1"><div class="li">  Opera &gt;= 40</div>
+</li>
+</ul>
+
+</div><!-- EDIT4 SECTION "Browser compatibility" [1702-2139] -->
+
+<h2 class="sectionedit5" id="assistance">Assistance</h2>
 <div class="level2">

 <p>
@ -118,9 +142,9 @@ If a user lost its key, you may remove it's persistent session using the session

 </p>

-</div><!-- EDIT4 SECTION "Assistance" [1638-1753] -->
+</div><!-- EDIT5 SECTION "Assistance" [2140-2255] -->

-<h2 class="sectionedit5" id="developer_corner">Developer corner</h2>
+<h2 class="sectionedit6" id="developer_corner">Developer corner</h2>
 <div class="level2">

 <p>
@ -128,7 +152,7 @@ If a user lost its key, you may remove it's persistent session using the session
 If you have another U2F registration interface, you have to populate session (using exported variables) to set these keys:

 </p>
-<div class="table sectionedit6"><table class="inline table table-bordered table-striped">
+<div class="table sectionedit7"><table class="inline table table-bordered table-striped">
 	<thead>
 	<tr class="row0 roweven">
 		<th class="col0"> Nom </th><th class="col1">  Value  </th>
@ -140,7 +164,7 @@ If you have another U2F registration interface, you have to populate session (us
 	<tr class="row2 roweven">
 		<td class="col0">  _u2fUserKey  </td><td class="col1">  user key value, base64 encoded  </td>
 	</tr>
-</table></div><!-- EDIT6 TABLE [1908-2026] -->
+</table></div><!-- EDIT7 TABLE [2410-2528] -->

 <p>

@ -148,7 +172,7 @@ Note that both “origin” and “appId” are fixed to portal <abbr title="Uni

 </p>

-</div><!-- EDIT5 SECTION "Developer corner" [1754-] -->
+</div><!-- EDIT6 SECTION "Developer corner" [2256-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/upgrade.html
+++ b/po-doc/fr/pages/documentation/current/upgrade.html
@ -50,11 +50,8 @@
 <div>

 <ul class="toc">
-<li class="level1"><div class="li"><a href="#installation">Installation</a></div>
-<ul class="toc">
-<li class="level2"><div class="li"><a href="#debian_wheezy">Debian Wheezy</a></div></li>
-</ul>
-</li>
+<li class="level1"><div class="li"><a href="#upgrade_order_from_19">Upgrade order from 1.9.*</a></div></li>
+<li class="level1"><div class="li"><a href="#installation">Installation</a></div></li>
 <li class="level1"><div class="li"><a href="#configuration">Configuration</a></div></li>
 <li class="level1"><div class="li"><a href="#kerberos_or_ssl_usage">Kerberos or SSL usage</a></div></li>
 <li class="level1"><div class="li"><a href="#logs">Journaux</a></div></li>
@ -82,21 +79,53 @@
 </div>
 </div><!-- EDIT1 SECTION "Upgrade from 1.9 to 2.0" [1-162] -->

-<h2 class="sectionedit2" id="installation">Installation</h2>
+<h2 class="sectionedit2" id="upgrade_order_from_19">Upgrade order from 1.9.*</h2>
 <div class="level2">

-</div><!-- EDIT2 SECTION "Installation" [163-188] -->
-
-<h3 class="sectionedit3" id="debian_wheezy">Debian Wheezy</h3>
-<div class="level3">
-
 <p>

-To build Debian package with Wheezy, remove <code>debian/lemonldap-ng-doc.maintscript</code> file.
+As usual, if you use more than 1 server and don't want to stop the <abbr title="Authentification unique (Single Sign On)">SSO</abbr> service AND IF YOU HAVE NO INCOMPATIBILITY MENTIONED IN THIS DOCUMENT, upgrade must be done in the following order:
+
+</p>
+<ol>
+<li class="level1"><div class="li">  servers that have only handlers;</div>
+</li>
+<li class="level1"><div class="li">  portal servers <em>(all together if your load balancer doesn't keep state by user or client <abbr title="Internet Protocol">IP</abbr> and if users use the menu)</em>;</div>
+</li>
+<li class="level1"><div class="li">  manager server</div>
+</li>
+</ol>
+<div class="noteimportant">You must revalidate your configuration using the manager.
+
+</div>
+</div><!-- EDIT2 SECTION "Upgrade order from 1.9.*" [163-653] -->
+
+<h2 class="sectionedit3" id="installation">Installation</h2>
+<div class="level2">
+
+<p>
+
+This release of <abbr title="LemonLDAP::NG">LL::NG</abbr> requires these minimal versions of GNU/Linux distributions:
+
+</p>
+<ul>
+<li class="level1"><div class="li">  Debian 9 (stretch)</div>
+</li>
+<li class="level1"><div class="li">  Ubuntu 16.04 LTS</div>
+</li>
+<li class="level1"><div class="li">  CentOS 7</div>
+</li>
+<li class="level1"><div class="li">  RHEL 7</div>
+</li>
+</ul>
+
+<p>
+
+For <abbr title="Security Assertion Markup Language">SAML</abbr> features, we require Lasso 2.5.

 </p>

-</div><!-- EDIT3 SECTION "Debian Wheezy" [189-304] -->
+</div><!-- EDIT3 SECTION "Installation" [654-872] -->

 <h2 class="sectionedit4" id="configuration">Configuration</h2>
 <div class="level2">
@ -107,16 +136,20 @@ To build Debian package with Wheezy, remove <code>debian/lemonldap-ng-doc.maints
 </li>
 <li class="level1"><div class="li">  Apache and Nginx configurations must updated to use the FastCGI portal</div>
 </li>
+<li class="level1"><div class="li"> URLs for mail reset and register pages have changed, you must update configuration parameters. Par exemple :</div>
+</li>
 </ul>
-<div class="noteimportant">Apache-ModPerl is no longer usable since version 2.4 <em>(many segfaults,…)</em>, especially when using mpm-worker. That's why LLNG doesn't use anymore ModPerl::Registry: all is now handle by FastCGI <em>(portal and manager)</em>.
+<pre class="code :perl">  mailUrl <span class="sy0">=&gt;</span> <span class="st_h">'http://auth.example.com/resetpwd'</span><span class="sy0">,</span>
+  registerUrl <span class="sy0">=&gt;</span> <span class="st_h">'http://auth.example.com/register'</span><span class="sy0">,</span></pre>
+<div class="noteimportant">Apache mod_perl has a lot of issues since version 2.4 <em>(many segfaults,…)</em>, especially when using mpm-worker. That's why <abbr title="LemonLDAP::NG">LL::NG</abbr> doesn't use anymore ModPerl::Registry: all is now handled by FastCGI <em>(portal and manager)</em>.

 <p>
-<strong>For handlers, it is now recommended to migrate to Nginx</strong>, but Apache-2.X is still supported
+<strong>For Handlers, it is now recommended to migrate to Nginx</strong>, but Apache 2 is still supported

 </p>

 </div>
-</div><!-- EDIT4 SECTION "Configuration" [305-1090] -->
+</div><!-- EDIT4 SECTION "Configuration" [873-1894] -->

 <h2 class="sectionedit5" id="kerberos_or_ssl_usage">Kerberos or SSL usage</h2>
 <div class="level2">
@ -127,7 +160,7 @@ To build Debian package with Wheezy, remove <code>debian/lemonldap-ng-doc.maints
 </li>
 </ul>

-</div><!-- EDIT5 SECTION "Kerberos or SSL usage" [1091-1599] -->
+</div><!-- EDIT5 SECTION "Kerberos or SSL usage" [1895-2403] -->

 <h2 class="sectionedit6" id="logs">Journaux</h2>
 <div class="level2">
@ -138,7 +171,7 @@ To build Debian package with Wheezy, remove <code>debian/lemonldap-ng-doc.maints
 </li>
 </ul>

-</div><!-- EDIT6 SECTION "Logs" [1600-2012] -->
+</div><!-- EDIT6 SECTION "Logs" [2404-2816] -->

 <h2 class="sectionedit7" id="security">Sécurité</h2>
 <div class="level2">
@ -155,7 +188,7 @@ LLNG portal now embeds the following features:
 </li>
 </ul>

-</div><!-- EDIT7 SECTION "Security" [2013-2580] -->
+</div><!-- EDIT7 SECTION "Security" [2817-3384] -->

 <h2 class="sectionedit8" id="handlers">Handlers</h2>
 <div class="level2">
@ -166,7 +199,7 @@ LLNG portal now embeds the following features:
 </li>
 </ul>

-</div><!-- EDIT8 SECTION "Handlers" [2581-3242] -->
+</div><!-- EDIT8 SECTION "Handlers" [3385-4046] -->

 <h2 class="sectionedit9" id="rules_and_headers">Rules and headers</h2>
 <div class="level2">
@ -179,7 +212,7 @@ LLNG portal now embeds the following features:
 </li>
 </ul>

-</div><!-- EDIT9 SECTION "Rules and headers" [3243-3561] -->
+</div><!-- EDIT9 SECTION "Rules and headers" [4047-4365] -->

 <h2 class="sectionedit10" id="supported_servers">Supported servers</h2>
 <div class="level2">
@ -188,7 +221,7 @@ LLNG portal now embeds the following features:
 </li>
 </ul>

-</div><!-- EDIT10 SECTION "Supported servers" [3562-3707] -->
+</div><!-- EDIT10 SECTION "Supported servers" [4366-4511] -->

 <h2 class="sectionedit11" id="ajax_requests">Ajax requests</h2>
 <div class="level2">
@ -198,7 +231,7 @@ LLNG portal now embeds the following features:
 Before 2.0, an Ajax query that was launched after session timeout received a 302 code. Now a 401 HTTP code is given in response. The <code>WWW-Authenticate</code> header contains: <code><abbr title="Authentification unique (Single Sign On)">SSO</abbr> &lt;portal-<abbr title="Uniform Resource Locator">URL</abbr>&gt;</code>
 </p>

-</div><!-- EDIT11 SECTION "Ajax requests" [3708-3927] -->
+</div><!-- EDIT11 SECTION "Ajax requests" [4512-4731] -->

 <h2 class="sectionedit12" id="soaprest_services">SOAP/REST services</h2>
 <div class="level2">
@ -215,12 +248,12 @@ Before 2.0, an Ajax query that was launched after session timeout received a 302
 <div class="noteimportant"><a href="handlerauthbasic.html" class="wikilink1" title="documentation:2.0:handlerauthbasic">AuthBasic Handler</a> uses now REST services instead of SOAP.

 </div>
-</div><!-- EDIT12 SECTION "SOAP/REST services" [3928-4526] -->
+</div><!-- EDIT12 SECTION "SOAP/REST services" [4732-5330] -->

 <h2 class="sectionedit13" id="developer_corner">Developer corner</h2>
 <div class="level2">

-</div><!-- EDIT13 SECTION "Developer corner" [4527-4556] -->
+</div><!-- EDIT13 SECTION "Developer corner" [5331-5360] -->

 <h3 class="sectionedit14" id="apis">APIs</h3>
 <div class="level3">
@ -231,7 +264,7 @@ Portal has now many REST features and includes a plugin <abbr title="Interface d

 </p>

-</div><!-- EDIT14 SECTION "APIs" [4557-4714] -->
+</div><!-- EDIT14 SECTION "APIs" [5361-5518] -->

 <h3 class="sectionedit15" id="portal_overview">Portal overview</h3>
 <div class="level3">
@ -257,7 +290,7 @@ The request is a separated object based on Lemonldap::NG::Portal::Main::Request

 </p>

-</div><!-- EDIT15 SECTION "Portal overview" [4715-5162] -->
+</div><!-- EDIT15 SECTION "Portal overview" [5519-5966] -->

 <h3 class="sectionedit16" id="handler">Agent (Handler)</h3>
 <div class="level3">
@ -274,7 +307,7 @@ If you had auto protected CGI, you also need to rewrite them, see <a href="selfm

 </p>

-</div><!-- EDIT16 SECTION "Handler" [5163-] -->
+</div><!-- EDIT16 SECTION "Handler" [5967-] -->
 </div>
 </body>
 </html>
--- a/po-doc/fr/pages/documentation/current/writingrulesand_headers.html
+++ b/po-doc/fr/pages/documentation/current/writingrulesand_headers.html
@ -11,7 +11,7 @@
  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
 //else --><!-- //endif -->
 <meta name="generator" content="DokuWiki"/>
-<meta name="robots" content="noindex,nofollow"/>
+<meta name="robots" content="index,follow"/>
 <meta name="keywords" content="documentation,2.0,writingrulesand_headers"/>
 <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
 <link rel="start" href="writingrulesand_headers.html"/>