dani
/
lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove doc translation system (#1445)

This commit is contained in:
Xavier Guimard 2018-06-07 18:58:55 +02:00
parent d2acdd3e5c
commit 1ed0ab110b
544 changed files with 7 additions and 201141 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
Makefile
View File

@ -62,7 +62,6 @@ MANAGERRELATIVESTATICDIR=/static
MANAGERTEMPLATESDIR=$(MANAGERSITEDIR)/templates
DOCDIR=$(DOCUMENTROOT)
DEFDOCDIR=$(DOCUMENTROOT)/doc
FRDOCDIR=$(DOCUMENTROOT)/fr-doc
TESTDIR=$(DOCUMENTROOT)/test
EXAMPLESDIR=$(LMPREFIX)/examples
TOOLSDIR=$(LMPREFIX)/tools
@ -275,10 +274,6 @@ all: configure common handler manager portal
@echo " - install_doc_site ($(DEFDOCDIR))"
@echo " - install_examples_site ($(EXAMPLESDIR))"
@echo
@echo "Other languages documentation (fr only for now)"
@echo " - fr-doc (needs OmegaT)"
@echo " - install_fr_doc_site"
@echo
# Configure targets
# -----------------
@ -400,7 +395,6 @@ prepare_test_server:
MANAGERSTATICDIR=`pwd`/$(SRCMANAGERDIR)/site/htdocs/static \
TESTDIR=`pwd`/e2e-tests/conf/site \
DEFDOCDIR=`pwd`/doc \
FRDOCDIR=`pwd`/po-doc/fr \
SBINDIR=`pwd`/e2e-tests/conf/sbin \
INITDIR=`pwd`/e2e-tests/conf/init \
ETCDEFAULTDIR=`pwd`/e2e-tests/conf/def
@ -726,7 +720,7 @@ install_webserver_conf:
s#__FASTCGISOCKDIR__#$(FASTCGISOCKDIR)#g; \
s#__VHOSTLISTEN__#$(VHOSTLISTEN)#g; \
s#__DEFDOCDIR__#$(DEFDOCDIR)/#g; \
s#__FRDOCDIR__#$(FRDOCDIR)/#g;' $(RCONFDIR)/*apache*.conf $(RCONFDIR)/*nginx*.conf
' $(RCONFDIR)/*apache*.conf $(RCONFDIR)/*nginx*.conf
install_manager_site: install_conf_dir
# Manager install
@ -970,7 +964,7 @@ ubuntu-install-for-nginx:
distclean: clean
clean: common_clean handler_clean portal_clean manager_clean omegat-clean stop_web_server
clean: common_clean handler_clean portal_clean manager_clean stop_web_server
@rm -f $$(find */ -name '*bak' -delete)
@rm -rf doc/devel
@rm -vf *gz *zip
@ -1122,74 +1116,6 @@ tidy-js: clean
-print \
-exec js_beautify -o -s=2 {} \;
# Translation targets
# -------------------
language_code = perl -e ' \
print { \
fr=> "FR-FR", \
}->{$(1)}'
test_omegat_%_dir:
@if [ ! -d omegat.files/$* ]; then \
echo "omegat.files/$* does not exist"; \
exit 1; \
fi
omegat-configuration-file:
-@mkdir -p po-doc/$(LANGCODE)/pages
@perl -pe 'BEGIN{$$p=`pwd`;chomp $$p;}s/__LANG__/$(OMEGATCODE)/;s/__PWD__/$$p/o;' omegat.files/_base.project >omegat.files/$(LANGCODE)/omegat.project
@mkdir -p omegat.files/$(LANGCODE)/{tm glossary dictionary}
translation: omegat-configuration-file
@omegat omegat.files/$(LANGCODE) --no-team --quiet
translated-doc: omegat-configuration-file
@omegat omegat.files/$(LANGCODE) --mode=console-translate --quiet 2>/dev/null
# 2. Public targets
%-translation: test_omegat_%_dir omegat-%-clean
@$(MAKE) translation LANGCODE=$* OMEGATCODE=`$(call language_code,$*)`
%-doc: test_omegat_%_dir omegat-%-clean
@mkdir -p po-doc/$*
@$(MAKE) translated-doc LANGCODE=$* OMEGATCODE=`$(call language_code,$*)`
omegat-clean:
@rm -rf omegat.files/*/omegat.project omegat.files/*/omegat/project_save*.bak omegat.files/*/omegat/last_entry.properties
omegat-%-clean:
@rm -rf po-doc/$*
install_%_doc_site:
@rm -rf $(RDOCDIR)/$*-doc || true
# Install doc directories
@install -v -d -m 755 $(RDOCDIR)/$*-doc
@cd po-doc/$* && find * -type d |(cd $(RDOCDIR)/$*-doc; xargs install -v -d -m 755) && cd -
# Install HTML files
@cd po-doc/$* && for f in `find * -type f -name '*.html'`; do \
echo "Installing $$f"; \
../../scripts/transform-templates \
usedebianlibs $(USEDEBIANLIBS) \
useexternallibs $(USEEXTERNALLIBS) \
jsminified $(JSCOMPRESS) \
cssminified $(CSSCOMPRESS) <$$f \
> $(RDOCDIR)/$*-doc/$$f; \
done && cd -
# Install other files
@cd po-doc/$* && for f in `find * -type f ! -name '*.html'`; do \
install -v -m 644 $$f $(RDOCDIR)/$*-doc/$$f; \
done && cd -
# Install symlinks (no symlinks)
@#cd po-doc/$* && tar cf - `find * -type l` | tar xvf - -C $(RDOCDIR)/$*-doc && cd -
# Remove js
@cd $(RDOCDIR)/$*-doc && if test "$(USEEXTERNALLIBS)" = "yes"; then \
rm -rvf $(DOCEXTERNALLIBS); \
elif test "$(USEDEBIANLIBS)" = "yes"; then \
rm -rvf $(DOCLIBSTOREMOVEFORDEBIAN); \
fi && cd -
html_spelling:
@for i in $$(find doc/ -type f -name '*.html'); do \
text=$$(html2text $$i|spellintian --picky); \

6
RELEASE
View File

@ -29,12 +29,6 @@ Before release
$ make documentation
- Translate documentation
$ make fr-doc
With recent versions of OmegaT, launch "make fr-translation" and choose
"generate project files"
- Update changelog:
$ ./scripts/generate-changelog.pl

11
_example/etc/manager-apache2.4.conf
View File

@ -31,7 +31,7 @@
# RewriteCond "%{REQUEST_FILENAME}" "!\.html$"
# REST URLs
RewriteCond "%{REQUEST_FILENAME}" "!^/(?:static|doc|fr-doc|lib|javascript|favicon).*"
RewriteCond "%{REQUEST_FILENAME}" "!^/(?:static|doc|lib|javascript|favicon).*"
RewriteRule "^/(.+)$" "/manager.fcgi/$1" [PT]
# 2) FastCGI engine
@ -87,15 +87,6 @@
DirectoryIndex index.html start.html
</Directory>
# French version (needs fr-doc installation)
Alias /fr-doc/ __FRDOCDIR__
<Directory __FRDOCDIR__>
Require all granted
ErrorDocument 404 /notfoundfr.html
Options +FollowSymLinks
DirectoryIndex index.html start.html
</Directory>
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security 15768000
</VirtualHost>

17
_example/etc/manager-apache2.X.conf
View File

@ -31,7 +31,7 @@
# RewriteCond "%{REQUEST_FILENAME}" "!\.html$"
# REST URLs
RewriteCond "%{REQUEST_FILENAME}" "!^/(?:static|doc|fr-doc|lib|javascript|favicon).*"
RewriteCond "%{REQUEST_FILENAME}" "!^/(?:static|doc|lib|javascript|favicon).*"
RewriteRule "^/(.+)$" "/manager.fcgi/$1" [PT]
# 2) FastCGI engine
@ -106,21 +106,6 @@
DirectoryIndex index.html start.html
</Directory>
# French version (needs fr-doc installation)
Alias /fr-doc/ __FRDOCDIR__
<Directory __FRDOCDIR__>
<IfVersion >= 2.3>
Require all granted
</IfVersion>
<IfVersion < 2.3>
Order Deny,Allow
Allow from all
</IfVersion>
ErrorDocument 404 /notfoundfr.html
Options +FollowSymLinks
DirectoryIndex index.html start.html
</Directory>
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security 15768000
</VirtualHost>

12
_example/etc/manager-apache2.conf
View File

@ -31,7 +31,7 @@
# RewriteCond "%{REQUEST_FILENAME}" "!\.html$"
# REST URLs
RewriteCond "%{REQUEST_FILENAME}" "!^/(?:static|doc|fr-doc|lib|javascript|favicon).*"
RewriteCond "%{REQUEST_FILENAME}" "!^/(?:static|doc|lib|javascript|favicon).*"
RewriteRule "^/(.+)$" "/manager.fcgi/$1" [PT]
# 2) FastCGI engine
@ -90,16 +90,6 @@
DirectoryIndex index.html start.html
</Directory>
# French version (needs fr-doc installation)
Alias /fr-doc/ __FRDOCDIR__
<Directory __FRDOCDIR__>
Order deny,allow
Allow from all
ErrorDocument 404 /notfoundfr.html
Options +FollowSymLinks
DirectoryIndex index.html start.html
</Directory>
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security 15768000
</VirtualHost>

6
_example/etc/manager-nginx.conf
View File

@ -5,7 +5,7 @@ server {
# Use "lm_app" format to get username in nginx.log (see nginx-lmlog.conf)
#access_log /var/log/nginx/portal.log lm_app;
if ($uri !~ ^/(.*\.psgi|static|doc|fr-doc|lib|javascript|favicon)) {
if ($uri !~ ^/(.*\.psgi|static|doc|lib|javascript|favicon)) {
rewrite ^/(.*)$ /manager.psgi/$1 break;
}
@ -44,10 +44,6 @@ server {
location /lib/ {
alias __DEFDOCDIR__pages/documentation/current/lib/;
}
location /fr-doc/ {
alias __FRDOCDIR__;
index index.html start.html;
}
location /static/ {
alias __MANAGERSTATICDIR__;
}

18
debian/control vendored
View File

@ -92,24 +92,6 @@ Description: Lemonldap::NG Web-SSO system documentation
.
This package contains html documentation.
Package: lemonldap-ng-fr-doc
Architecture: all
Section: doc
Depends: ${misc:Depends},
lemonldap-ng-doc (= ${binary:Version})
Description: French documentation of Lemonldap::NG Web-SSO system
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
or directly on application webservers. It can be used in conjunction with
OpenID-Connect, CAS and SAML systems as identity or service provider. It can
also be used as proxy between those federation systems.
.
It manages both authentication and authorization and provides headers for
accounting. So you can have a full AAA protection. Authorization are built by
associating a regular expression and a rule. Regular expression is applied on
the requested URL and the rule calculates if the user is authorized.
.
This package contains French html documentation.
Package: lemonldap-ng-handler
Architecture: all
Depends: ${misc:Depends},

11
debian/lemonldap-ng-fr-doc.doc-base vendored
View File

@ -1,11 +0,0 @@
Document: lemonldap-ng-fr-doc
Title: Lemonldap::NG French documentation
Author: Xavier Guimard
Abstract: Those HTML documents contains all Lemonldap::NG documentation
imported from https://lemonldap-ng.org translated in French
Section: Web Development
Format: HTML
Index: /usr/share/doc/lemonldap-ng-fr-doc/index.html
Files: /usr/share/doc/lemonldap-ng-fr-doc/*.html

1
debian/lemonldap-ng-fr-doc.docs vendored
View File

@ -1 +0,0 @@
debian/tmp/usr/share/doc/lemonldap-ng-fr-doc/fr-doc/*

11
debian/rules vendored
View File

@ -47,23 +47,12 @@ override_dh_auto_install:
APACHEUSER=www-data \
APACHEGROUP=www-data \
DEFDOCDIR=/usr/share/doc/lemonldap-ng-doc \
FRDOCDIR=/usr/share/doc/lemonldap-ng-fr-doc \
UWSGIYAMLDIR=/etc/uwsgi/apps-available \
PROD=yes
$(MAKE) install_fr_doc_site \
DESTDIR=$(CURDIR)/debian/tmp \
DOCDIR=/usr/share/doc/lemonldap-ng-fr-doc \
PROD=yes
for i in handler portal manager test; do \
mv $(TMP)/etc/lemonldap-ng/$$i-apache2.X.conf $(TMP)/etc/lemonldap-ng/$$i-apache2.conf; \
done
override_dh_link:
rm -rf debian/lemonldap-ng-fr-doc/usr/share/doc/lemonldap-ng-fr-doc/pages/documentation/current/documentation \
debian/lemonldap-ng-fr-doc/usr/share/doc/lemonldap-ng-fr-doc/pages/documentation/current/icons \
debian/lemonldap-ng-fr-doc/usr/share/doc/lemonldap-ng-fr-doc/pages/documentation/current/lib
dh_link
override_dh_compress:
dh_compress -X favicon.ico

3
e2e-tests/llng.psgi
View File

@ -40,9 +40,6 @@ my $manager = builder {
enable "Plack::Middleware::Static",
path => '^/lib/',
root => 'doc/pages/documentation/current/';
enable "Plack::Middleware::Static",
path => '^/fr-doc/',
root => 'po-doc/';
Lemonldap::NG::Manager->run( {} );
};

3
lemonldap-ng-common/eg/llng-app.psgi
View File

@ -39,9 +39,6 @@ my $manager = builder {
enable "Plack::Middleware::Static",
path => '^/lib/',
root => '__DEFDOCDIR__pages/documentation/current/';
enable "Plack::Middleware::Static",
path => '^/fr-doc/',
root => '__FRDOCDIR__../';
Lemonldap::NG::Manager->run( {} );
};

2
lemonldap-ng-manager/site/htdocs/static/languages/fr.json
View File

@ -1,5 +1,5 @@
{
"/doc/":"/fr-doc/",
"/doc/":"/doc/",
"_auth":"Authentification",
"_authChoice":"Choix d'authentification",
"_idp":"Identifiant d'entité de l'IDP",

13
omegat.files/_base.project
View File

@ -1,13 +0,0 @@
<?xml version="1.0" encoding="UTF-8" ?>
<omegat>
<project version="1.0">
<source_dir>__PWD__/doc/</source_dir>
<target_dir>__PWD__/po-doc/fr/</target_dir>
<tm_dir>__DEFAULT__</tm_dir>
<glossary_dir>__DEFAULT__</glossary_dir>
<dictionary_dir>__DEFAULT__</dictionary_dir>
<source_lang>EN-US</source_lang>
<target_lang>__LANG__</target_lang>
<sentence_seg>true</sentence_seg>
</project>
</omegat>

29293
omegat.files/fr/fr-level1.tmx
View File

File diff suppressed because it is too large Load Diff

29293
omegat.files/fr/fr-level2.tmx
View File

File diff suppressed because it is too large Load Diff

29293
omegat.files/fr/fr-omegat.tmx
View File

File diff suppressed because it is too large Load Diff

0
omegat.files/fr/omegat/ignored_words.txt
View File

0
omegat.files/fr/omegat/learned_words.txt
View File

67403
omegat.files/fr/omegat/project_save.tmx
View File

File diff suppressed because it is too large Load Diff

240
omegat.files/fr/omegat/project_stats.txt
View File

@ -1,240 +0,0 @@
17/05/18 21:41
Données du projet
Segments Mots Caractères (sans espaces) Caractères (avec espaces) Nombre de fichiers
Total : 19124 82505 660111 712968 227
Restants : 11225 45302 404045 428728 227
Segments uniques : 9452 60392 471600 518337 227
Segments uniques restants : 5843 32152 282212 304875 227
Statistiques par fichiers :
Nom du fichier Total segments Segments restants Segments uniques Segments uniques restants Total mots Mots restants Mots uniques Mots uniques restants Total caractères (sans espaces) Caractères restants (sans espaces) Caractères uniques (sans espaces) Caractères uniques restants (sans espaces) Total caractères (avec espaces) Caractères restants (avec espaces) Caractères uniques (avec espaces) Caractères uniques restants (avec espaces)
index.html 5 2 4 2 19 10 15 10 165 86 132 86 169 86 134 86
pages/documentation/current/activedirectoryminihowto.html 24 13 23 12 122 31 121 30 975 346 946 317 1057 346 1028 317
pages/documentation/current/applications.html 305 219 128 107 786 686 425 399 7086 6341 3665 3492 7292 6506 3821 3642
pages/documentation/current/applications/adfs.html 32 21 17 16 196 168 156 155 1242 1039 948 936 1380 1165 1074 1062
pages/documentation/current/applications/alfresco.html 319 268 267 246 1445 1239 1306 1173 22224 20860 21080 20200 23459 21954 22278 21292
pages/documentation/current/applications/authbasic.html 45 18 30 9 370 63 334 39 2391 600 2056 374 2675 619 2340 393
pages/documentation/current/applications/aws.html 91 77 63 62 808 769 712 710 5111 4826 4274 4263 5737 5427 4874 4862
pages/documentation/current/applications/bugzilla.html 95 56 71 45 268 131 216 101 2583 1565 2133 1298 2737 1618 2276 1347
pages/documentation/current/applications/bugzilla_logo.png_documentation_2.0_applications_bugzilla.html 38 34 21 21 88 82 54 54 761 714 443 443 770 723 452 452
pages/documentation/current/applications/cornerstone.html 84 37 46 24 423 165 335 132 3909 2150 3187 1843 4136 2187 3390 1878
pages/documentation/current/applications/csod_logo.png_documentation_2.0_applications_cornerstone.html 38 35 8 8 88 84 25 25 747 730 242 242 756 739 248 248
pages/documentation/current/applications/django.html 21 12 8 4 79 44 48 20 644 398 368 185 674 405 398 192
pages/documentation/current/applications/dokuwiki.html 110 83 42 32 380 239 212 113 3387 2497 1736 1169 3612 2606 1882 1228
pages/documentation/current/applications/dokuwiki_logo.png_documentation_2.0_applications_dokuwiki.html 38 34 6 6 88 82 23 23 762 715 242 242 771 724 248 248
pages/documentation/current/applications/drupal.html 129 75 54 29 493 196 304 84 4436 2427 2573 1178 4736 2508 2788 1210
pages/documentation/current/applications/drupal_logo.png_documentation_2.0_applications_drupal.html 38 34 6 6 88 82 23 23 735 690 230 230 744 699 236 236
pages/documentation/current/applications/fusiondirectory.html 37 27 12 12 121 93 56 56 1189 1001 590 590 1234 1031 618 618
pages/documentation/current/applications/gitlab.html 97 74 57 57 458 400 352 352 3867 3437 3024 3024 4141 3683 3265 3265
pages/documentation/current/applications/glpi.html 27 16 13 7 168 65 134 37 1257 602 968 357 1363 620 1074 375
pages/documentation/current/applications/googleapps.html 144 34 73 17 823 81 580 42 6858 1084 4819 698 7348 1087 5201 699
pages/documentation/current/applications/googleapps_logo.png_documentation_2.0_applications_googleapps.html 38 34 7 7 88 82 24 24 788 739 254 254 797 748 260 260
pages/documentation/current/applications/grr.html 45 34 20 18 151 123 96 80 1076 887 623 527 1159 954 695 585
pages/documentation/current/applications/http_logo.png_documentation_2.0_applications_authbasic.html 38 34 7 7 89 83 25 25 736 693 235 235 745 702 241 241
pages/documentation/current/applications/liferay.html 139 67 67 24 562 193 389 89 4715 2402 3094 1270 5035 2450 3329 1274
pages/documentation/current/applications/liferay_logo.png_documentation_2.0_applications_liferay.html 38 34 7 7 89 83 25 25 749 703 239 239 758 712 245 245
pages/documentation/current/applications/limesurvey.html 100 53 64 36 439 293 364 252 4181 3185 3456 2734 4458 3378 3723 2924
pages/documentation/current/applications/limesurvey_logo.png_documentation_2.0_applications_limesurvey.html 38 34 7 7 89 83 25 25 790 741 254 254 799 750 260 260
pages/documentation/current/applications/mediawiki.html 140 82 57 31 694 428 476 301 7625 5461 5378 4057 8092 5763 5765 4315
pages/documentation/current/applications/mediawiki_logo.png_documentation_2.0_applications_mediawiki.html 38 34 5 5 89 83 23 23 775 727 243 243 784 736 249 249
pages/documentation/current/applications/my_domain_salesforce-resize-web.png_documentation_2.0_applications_salesforce.html 38 35 11 11 89 85 30 30 918 901 404 404 927 910 410 410
pages/documentation/current/applications/nextcloud.html 92 74 54 53 562 511 455 453 3781 3386 2894 2878 4202 3775 3274 3257
pages/documentation/current/applications/nginx.html 19 12 10 6 96 33 76 17 605 284 448 154 659 284 502 154
pages/documentation/current/applications/obm.html 232 52 150 14 587 120 413 30 7900 1261 6413 321 9115 1312 7556 331
pages/documentation/current/applications/obm_logo.png_documentation_2.0_applications_obm.html 38 34 7 7 87 81 23 23 698 656 220 220 707 665 226 226
pages/documentation/current/applications/office365.html 73 54 35 35 401 352 285 285 3481 3114 2504 2504 3696 3302 2687 2687
pages/documentation/current/applications/phpldapadmin.html 90 52 26 9 327 120 171 16 3329 1469 1757 327 3524 1516 1873 330
pages/documentation/current/applications/phpldapadmin_logo.png_documentation_2.0_applications_phpldapadmin.html 38 34 6 6 89 83 24 24 815 764 261 261 824 773 267 267
pages/documentation/current/applications/roundcube.html 44 24 17 7 161 55 109 18 1376 667 891 310 1465 674 978 315
pages/documentation/current/applications/salesforce-logo.jpg_documentation_2.0_applications_salesforce.html 38 35 9 9 88 84 20 20 792 775 228 228 801 784 230 230
pages/documentation/current/applications/salesforce.html 124 40 74 17 761 112 631 62 5059 1394 3910 845 5640 1426 4442 875
pages/documentation/current/applications/saml_sso_settings-resize-web.png_documentation_2.0_applications_salesforce.html 38 35 5 5 88 84 11 11 895 878 198 198 904 887 199 199
pages/documentation/current/applications/sap.html 25 17 9 8 96 73 51 43 952 742 570 479 961 751 578 487
pages/documentation/current/applications/saplogo.gif_documentation_2.0_applications_sap.html 38 35 9 9 89 85 27 27 689 672 221 221 698 681 227 227
pages/documentation/current/applications/screenshot_dokuwiki_configuration.png_documentation_2.0_applications_dokuwiki.html 38 35 7 7 89 85 18 18 924 907 230 230 933 916 232 232
pages/documentation/current/applications/simplesamlphp.html 161 134 100 99 837 766 645 641 7445 6880 5687 5650 7943 7363 6141 6104
pages/documentation/current/applications/spring.html 37 11 23 4 183 29 143 9 2724 289 2366 121 2802 289 2444 121
pages/documentation/current/applications/spring_logo.png_documentation_2.0_applications_spring.html 38 34 7 7 88 82 24 24 736 691 234 234 745 700 240 240
pages/documentation/current/applications/symfony.html 142 131 117 116 524 508 454 453 7490 7344 6797 6787 7789 7643 7094 7084
pages/documentation/current/applications/symfony_logo.png_documentation_2.0_applications_symfony.html 38 35 8 8 88 84 29 29 749 732 253 253 758 741 260 260
pages/documentation/current/applications/sympa.html 107 55 38 13 392 129 229 29 3189 1497 1661 397 3532 1546 1925 405
pages/documentation/current/applications/sympa_logo.png_documentation_2.0_applications_sympa.html 38 34 6 6 89 83 24 24 723 679 226 226 732 688 232 232
pages/documentation/current/applications/tomcat.html 87 18 54 7 431 44 368 17 3751 457 3198 217 4031 460 3473 218
pages/documentation/current/applications/tomcat_logo.png_documentation_2.0_applications_tomcat.html 38 35 7 7 87 83 23 23 736 719 234 234 745 728 240 240
pages/documentation/current/applications/user_federation_id-resize-web.png_documentation_2.0_applications_salesforce.html 38 35 5 5 87 83 10 10 902 885 200 200 911 894 201 201
pages/documentation/current/applications/wordpress.html 65 49 28 28 260 226 171 171 1969 1674 1163 1163 2121 1810 1291 1291
pages/documentation/current/applications/zimbra.html 97 24 47 11 523 84 387 51 4098 971 2947 660 4437 1005 3247 692
pages/documentation/current/applications/zimbra_logo.png_documentation_2.0_applications_zimbra.html 38 34 6 6 87 81 22 22 737 692 231 231 746 701 237 237
pages/documentation/current/authad.html 53 17 32 7 343 39 308 15 2060 328 1770 135 2331 332 2037 137
pages/documentation/current/authapache.html 85 32 42 19 379 89 292 60 2781 805 2029 552 3014 836 2250 581
pages/documentation/current/authcas.html 76 25 30 15 372 145 260 119 2854 1117 1880 884 3114 1214 2098 981
pages/documentation/current/authchoice.html 56 14 31 6 265 50 223 30 1807 391 1447 221 1998 410 1632 240
pages/documentation/current/authcombination.html 187 140 122 112 1019 872 883 810 6377 5382 5246 4840 7182 6088 6001 5533
pages/documentation/current/authcustom.html 27 17 11 11 115 107 91 91 760 690 561 561 834 764 635 635
pages/documentation/current/authdbi.html 179 49 104 35 739 289 615 250 4962 1880 3961 1601 5463 2090 4436 1799
pages/documentation/current/authdemo.html 50 12 22 4 186 39 141 19 1183 304 812 130 1295 314 920 140
pages/documentation/current/authfacebook.html 54 18 29 9 309 104 249 78 2102 714 1566 504 2311 779 1764 565
pages/documentation/current/authkerberos.html 64 49 33 31 353 320 281 275 2529 2275 1924 1861 2785 2516 2160 2095
pages/documentation/current/authldap.html 145 39 80 15 882 136 722 88 6186 1285 4842 819 6819 1345 5427 877
pages/documentation/current/authlinkedin.html 40 28 19 19 187 162 136 136 1436 1223 985 985 1542 1323 1085 1085
pages/documentation/current/authmulti.html 15 12 3 2 48 42 21 18 371 335 134 113 387 349 150 127
pages/documentation/current/authnull.html 30 9 11 3 121 23 86 7 845 192 557 65 923 192 628 65
pages/documentation/current/authopenid.html 63 19 32 5 280 73 214 41 2008 574 1397 255 2189 604 1568 285
pages/documentation/current/authopenidconnect.html 248 105 156 76 1071 308 884 222 7688 3093 6211 2282 8392 3203 6882 2385
pages/documentation/current/authopenidconnect_franceconnect.html 59 29 31 10 337 114 261 60 3112 1649 2331 1005 3295 1656 2501 1009
pages/documentation/current/authopenidconnect_google.html 71 33 24 7 373 88 221 19 2889 1043 1584 259 3113 1045 1751 259
pages/documentation/current/authpam.html 43 25 19 15 148 96 93 69 1164 827 733 593 1242 876 796 639
pages/documentation/current/authproxy.html 62 29 29 20 297 174 231 151 2149 1297 1623 1108 2346 1412 1804 1221
pages/documentation/current/authradius.html 46 13 15 4 190 29 105 8 1394 279 770 92 1507 281 850 92
pages/documentation/current/authremote.html 101 31 53 9 591 85 487 37 4091 941 3178 436 4527 959 3590 452
pages/documentation/current/authrest.html 69 43 27 27 249 205 155 155 1753 1395 980 980 1898 1520 1089 1089
pages/documentation/current/authsaml.html 147 39 72 18 943 198 744 152 6220 1569 4681 1131 6960 1695 5332 1255
pages/documentation/current/authslave.html 54 13 22 5 282 61 211 41 1814 428 1276 253 2021 458 1458 283
pages/documentation/current/authssl.html 205 135 132 92 1032 522 847 423 8613 5323 7127 4459 9252 5583 7720 4707
pages/documentation/current/authtwitter.html 44 9 18 3 206 23 132 7 1557 204 930 74 1685 204 1030 74
pages/documentation/current/authwebid.html 70 16 30 5 304 45 188 20 2246 541 1409 331 2418 549 1534 337
pages/documentation/current/authyubikey.html 15 12 7 6 40 36 21 20 322 300 177 170 330 308 185 178
pages/documentation/current/autosignin.html 25 18 13 12 96 87 72 71 621 561 436 432 677 616 491 487
pages/documentation/current/browseablesessionbackend.html 186 79 132 65 892 372 779 334 7791 4245 6802 3863 8386 4483 7367 4088
pages/documentation/current/captcha.html 25 11 15 5 158 44 137 28 929 291 763 165 1048 309 882 183
pages/documentation/current/cda.html 50 23 22 11 267 115 199 82 1866 814 1270 517 2046 878 1436 579
pages/documentation/current/changeconfbackend.html 48 21 32 14 170 45 135 26 1297 484 1074 333 1386 486 1157 333
pages/documentation/current/checkstate.html 35 27 20 19 143 132 109 108 965 892 687 682 1039 964 759 754
pages/documentation/current/cli_examples.html 147 132 104 104 1083 1042 956 956 9151 8859 8216 8216 9837 9523 8837 8837
pages/documentation/current/configapache.html 34 20 25 14 195 79 174 63 1388 564 1229 433 1495 607 1336 476
pages/documentation/current/configlocation.html 458 256 333 175 2315 922 2015 754 18830 9254 16323 7600 20637 9844 17969 8112
pages/documentation/current/confignginx.html 49 35 27 20 271 204 215 159 2045 1610 1646 1275 2176 1697 1762 1347
pages/documentation/current/configplack.html 57 54 44 43 264 257 230 226 3771 3711 3497 3452 3922 3862 3648 3603
pages/documentation/current/configvhost.html 257 157 111 70 1090 542 695 334 9021 5559 5248 3132 9815 5894 5771 3347
pages/documentation/current/customfunctions.html 71 41 44 24 372 156 300 114 3015 1513 2415 1110 3257 1594 2639 1187
pages/documentation/current/customhandlers.html 58 54 42 42 430 419 380 380 3202 3095 2858 2858 3489 3382 3128 3128
pages/documentation/current/devopshandler.html 42 39 24 24 203 197 166 166 1305 1268 987 987 1436 1397 1115 1115
pages/documentation/current/docker.html 33 19 18 10 166 80 130 53 1279 720 958 477 1355 742 1034 499
pages/documentation/current/documentation/configuration-ldap.png_documentation_2.0_ldapconfbackend.html 38 34 11 10 87 81 28 26 824 771 333 297 833 780 339 303
pages/documentation/current/documentation/googleapps-menu.png_documentation_2.0_applications_googleapps.html 38 34 8 8 90 84 18 18 838 788 222 222 847 797 224 224
pages/documentation/current/documentation/googleapps-sso.png_documentation_2.0_applications_googleapps.html 38 34 6 6 91 85 12 12 831 782 172 172 840 791 173 173
pages/documentation/current/documentation/googleapps-ssoconfig.png_documentation_2.0_applications_googleapps.html 38 34 7 7 92 86 14 14 880 825 201 201 889 834 202 202
pages/documentation/current/documentation/ha-apache.png_documentation_2.0_highavailability.html 38 34 10 9 86 80 26 24 757 713 288 261 766 722 294 267
pages/documentation/current/documentation/ha-sessions-configuration.png_documentation_2.0_highavailability.html 38 34 7 6 87 81 15 13 885 825 261 218 894 834 262 219
pages/documentation/current/documentation/lasso.png_documentation_2.0_samlservice.html 38 34 9 8 87 81 26 24 699 659 232 209 708 668 238 215
pages/documentation/current/documentation/lemonldap-ng-password-expiration-warning.png_documentation_2.0_authldap.html 38 35 10 10 87 83 26 26 966 949 365 365 975 958 371 371
pages/documentation/current/documentation/lemonldap-ng-password-expired.png_documentation_2.0_authldap.html 38 35 7 7 86 82 13 13 878 861 238 238 887 870 239 239
pages/documentation/current/documentation/liferay_1.png_documentation_2.0_applications_liferay.html 38 34 8 8 105 97 21 21 779 735 187 187 788 744 188 188
pages/documentation/current/documentation/liferay_2.png_documentation_2.0_applications_liferay.html 38 34 5 5 105 97 17 17 779 735 152 152 788 744 153 153
pages/documentation/current/documentation/liferay_3.png_documentation_2.0_applications_liferay.html 38 34 5 5 105 97 17 17 779 735 152 152 788 744 153 153
pages/documentation/current/documentation/liferay_4.png_documentation_2.0_applications_liferay.html 38 34 5 5 105 97 17 17 779 735 152 152 788 744 153 153
pages/documentation/current/documentation/liferay_5.png_documentation_2.0_applications_liferay.html 38 34 5 5 103 95 15 15 778 734 151 151 787 743 152 152
pages/documentation/current/documentation/liferay_6.png_documentation_2.0_applications_liferay.html 38 34 5 5 103 95 15 15 778 734 151 151 787 743 152 152
pages/documentation/current/documentation/liferay_7.png_documentation_2.0_applications_liferay.html 38 34 4 4 104 96 15 15 778 734 147 147 787 743 148 148
pages/documentation/current/documentation/manager-rule.png_documentation_2.0_security.html 38 35 11 11 86 82 27 27 742 725 283 283 751 734 289 289
pages/documentation/current/documentation/manager-rule.png_documentation_2.0_writingrulesand_headers.html 38 35 3 3 86 82 12 12 817 800 128 128 826 809 133 133
pages/documentation/current/documentation/remote-interoperability.png_documentation_2.0_authremote.html 38 34 9 9 86 80 24 24 839 781 298 298 848 790 304 304
pages/documentation/current/documentation/remote-principle.png_documentation_2.0_authremote.html 38 34 6 6 85 79 11 11 783 732 181 181 792 741 182 182
pages/documentation/current/documentation/status_standard.png_documentation_2.0_status.html 38 34 11 10 85 79 26 24 755 705 291 258 764 714 297 264
pages/documentation/current/error.html 78 17 63 10 517 53 477 34 2987 426 2700 287 3398 445 3105 304
pages/documentation/current/exportedvars.html 75 38 50 23 464 124 412 89 3732 1635 3278 1279 4112 1712 3653 1356
pages/documentation/current/extendedfunctions.html 204 99 107 38 891 275 666 152 6171 2461 4204 1166 6763 2569 4724 1261
pages/documentation/current/external2f.html 30 26 21 20 228 223 208 207 1361 1323 1204 1194 1541 1503 1384 1374
pages/documentation/current/fastcgi.html 13 10 5 4 36 31 17 15 258 229 117 103 266 236 125 110
pages/documentation/current/fastcgiserver.html 40 16 23 6 239 36 204 12 1635 344 1348 134 1799 346 1507 134
pages/documentation/current/federationproxy.html 43 28 19 11 180 106 120 66 1504 991 933 569 1607 1040 1025 618
pages/documentation/current/fileconfbackend.html 22 11 9 1 95 27 67 3 769 273 501 33 823 273 555 33
pages/documentation/current/filesessionbackend.html 36 11 19 3 181 27 145 7 1242 291 927 95 1337 291 1021 95
pages/documentation/current/formreplay.html 78 21 45 10 594 50 512 23 3495 510 2839 260 3974 517 3289 267
pages/documentation/current/handlerarch.html 46 41 31 29 150 138 120 112 1134 1022 890 805 1206 1094 962 877
pages/documentation/current/handlerauthbasic.html 64 45 24 21 313 278 229 222 2272 1946 1409 1357 2523 2176 1625 1569
pages/documentation/current/header_remote_user_conversion.html 47 27 23 11 275 112 221 75 2300 1266 1689 781 2490 1330 1871 837
pages/documentation/current/highavailability.html 27 13 15 7 135 35 105 19 1075 444 795 309 1147 444 867 309
pages/documentation/current/highperfnginxhandler.html 62 56 38 38 266 249 204 204 2537 2433 2037 2037 2719 2601 2198 2198
pages/documentation/current/icons/access.png_documentation_2.0_start.html 38 34 9 8 87 81 26 24 659 626 219 203 668 635 225 209
pages/documentation/current/icons/colors.png_documentation_2.0_start.html 38 34 5 4 86 80 12 10 659 626 143 127 668 635 144 128
pages/documentation/current/icons/gpg.png_documentation_2.0_start.html 38 34 6 5 87 81 14 12 635 605 131 118 644 614 132 119
pages/documentation/current/icons/jabber_protocol.png_documentation_2.0_start.html 38 34 5 4 86 80 12 10 731 689 188 163 740 698 189 164
pages/documentation/current/icons/kmultiple.png_documentation_2.0_start.html 38 34 5 4 87 81 13 11 683 647 158 139 692 656 159 140
pages/documentation/current/icons/lists.png_documentation_2.0_start.html 38 34 5 4 87 81 13 11 651 619 138 123 660 628 139 124
pages/documentation/current/icons/neotux.png_documentation_2.0_start.html 38 34 5 4 87 81 13 11 659 626 143 127 668 635 144 128
pages/documentation/current/icons/personal.png_documentation_2.0_start.html 38 34 5 4 86 80 12 10 675 640 153 135 684 649 154 136
pages/documentation/current/icons/utilities.png_documentation_2.0_start.html 38 34 5 4 87 81 13 11 683 647 158 139 692 656 159 140
pages/documentation/current/icons/xeyes.png_documentation_2.0_start.html 38 34 5 4 86 80 12 10 651 619 138 123 660 628 139 124
pages/documentation/current/idpcas.html 62 18 27 5 397 66 306 30 2767 611 1945 273 3066 625 2216 287
pages/documentation/current/idpopenid.html 97 32 43 6 518 88 357 28 3668 792 2374 224 3991 809 2658 239
pages/documentation/current/idpopenidconnect.html 241 136 120 77 787 261 558 163 7685 4393 5913 3458 8186 4493 6346 3551
pages/documentation/current/idpsaml.html 139 40 43 12 801 184 464 122 6127 1943 3515 1297 6682 2003 3875 1355
pages/documentation/current/installdeb.html 136 49 99 39 598 178 510 151 4224 1408 3605 1209 4603 1498 3955 1296
pages/documentation/current/installrpm.html 143 41 56 12 676 166 352 84 4751 1336 2527 630 5178 1378 2768 654
pages/documentation/current/installsles.html 177 88 65 57 1171 676 718 611 10115 6725 6795 6094 11068 7293 7438 6646
pages/documentation/current/installtarball.html 115 29 79 13 588 92 495 50 4100 855 3434 507 4480 869 3783 519
pages/documentation/current/issuerdbget.html 51 37 25 25 327 273 236 236 2250 1915 1591 1591 2471 2099 1775 1775
pages/documentation/current/jsonfileconfbackend.html 23 13 6 3 101 31 31 7 849 342 339 98 906 342 358 98
pages/documentation/current/kerberos.html 197 109 120 71 964 453 788 362 7484 4697 5723 3489 8179 4986 6348 3748
pages/documentation/current/ldapconfbackend.html 64 16 36 5 397 64 344 39 3185 871 2703 643 3438 889 2947 659
pages/documentation/current/ldapminihowto.html 28 15 11 3 94 35 55 7 718 381 356 80 759 381 393 80
pages/documentation/current/ldapsessionbackend.html 62 17 12 3 257 64 128 38 1980 583 904 306 2114 603 998 326
pages/documentation/current/lib/exe/opensearch.html 1 1 1 1 9 9 9 9 93 93 93 93 94 94 94 94
pages/documentation/current/llng_deps.png_documentation_2.0_prereq.html 38 35 13 13 89 85 44 44 696 679 355 355 705 688 362 362
pages/documentation/current/loginhistory.html 32 15 18 6 274 77 243 53 1679 571 1406 354 1904 612 1630 395
pages/documentation/current/logoutforward.html 30 11 9 1 178 28 129 3 1191 287 759 31 1318 287 876 31
pages/documentation/current/logs.html 104 93 78 72 654 600 592 544 4837 4480 4407 4087 5352 4957 4908 4550
pages/documentation/current/managerprotection.html 73 20 51 9 464 84 402 56 3406 802 2809 509 3720 833 3119 540
pages/documentation/current/managertests.html 21 18 12 12 118 114 98 98 943 920 789 789 1016 993 862 862
pages/documentation/current/memcachedsessionbackend.html 48 13 18 3 197 33 122 7 1703 405 975 110 1789 405 1060 110
pages/documentation/current/mongodbconfbackend.html 56 46 36 36 232 221 193 193 2092 2021 1748 1748 2228 2156 1883 1883
pages/documentation/current/mongodbsessionbackend.html 62 50 19 18 224 188 124 101 1829 1615 927 794 1932 1695 1018 863
pages/documentation/current/monitoring.html 23 20 13 13 94 88 69 69 676 639 475 475 724 685 521 521
pages/documentation/current/mrtg.html 19 11 8 3 174 27 148 7 1495 211 1299 57 1589 211 1393 57
pages/documentation/current/mysqlminihowto.html 34 19 13 6 131 44 73 13 1074 526 561 179 1134 526 605 179
pages/documentation/current/nodehandler.html 82 74 41 41 330 312 231 231 4096 3965 3211 3211 4317 4173 3373 3373
pages/documentation/current/nosqlsessionbackend.html 37 11 8 1 163 27 63 3 1304 295 491 37 1372 295 535 37
pages/documentation/current/notifications.html 190 69 129 48 1396 389 1247 341 12278 3485 10964 3033 13314 3733 11944 3272
pages/documentation/current/openidconnectclaims.html 80 45 4 4 102 61 10 10 813 577 117 117 820 579 119 119
pages/documentation/current/openidconnectservice.html 81 61 49 46 434 398 361 357 2832 2553 2231 2190 3130 2843 2515 2473
pages/documentation/current/parameterlist.html 1452 639 811 606 2519 1894 2122 1814 21860 15624 18229 14937 23380 16839 19521 16130
pages/documentation/current/passwordstore.html 38 16 14 2 186 36 142 4 1183 323 796 37 1314 325 925 37
pages/documentation/current/performances.html 305 199 210 152 1777 917 1356 796 13095 7232 9341 5656 14361 7852 10348 6210
pages/documentation/current/platformsoverview.html 147 140 81 81 606 594 435 435 4732 4655 3087 3087 5047 4966 3377 3377
pages/documentation/current/portal.html 120 71 51 17 488 200 339 83 3942 1978 2442 707 4225 2032 2715 760
pages/documentation/current/portalcustom.html 138 70 99 55 980 503 888 470 6150 3288 5446 2999 6961 3683 6219 3390
pages/documentation/current/portalmenu.html 55 20 33 8 334 129 283 101 2462 952 1973 666 2709 1038 2212 752
pages/documentation/current/portalservers.html 44 34 19 19 145 133 96 96 1160 1061 727 727 1241 1142 798 798
pages/documentation/current/prereq.html 151 95 105 75 528 370 421 319 4153 3146 3366 2726 4416 3342 3601 2914
pages/documentation/current/psgi.html 73 71 29 29 383 380 212 212 2699 2684 1319 1319 2872 2857 1491 1491
pages/documentation/current/public_pages.html 38 33 21 21 196 187 138 138 1649 1587 1207 1207 1726 1662 1282 1282
pages/documentation/current/rbac.html 87 56 56 42 472 336 389 297 3101 2199 2483 1938 3415 2418 2765 2146
pages/documentation/current/redirections.html 61 28 37 19 528 254 464 231 3559 1870 3089 1679 3991 2057 3494 1864
pages/documentation/current/register.html 33 27 17 17 193 182 158 158 1148 1064 851 851 1293 1205 992 992
pages/documentation/current/resetpassword.html 72 26 46 12 586 182 528 149 3516 1129 3008 806 3984 1260 3467 937
pages/documentation/current/rest2f.html 57 43 22 22 278 245 149 149 1810 1552 972 972 2008 1732 1092 1092
pages/documentation/current/restconfbackend.html 40 27 24 16 198 150 157 119 1703 1350 1378 1096 1857 1475 1520 1213
pages/documentation/current/restservices.html 20 17 7 7 86 81 56 56 584 556 320 320 629 601 365 365
pages/documentation/current/restsessionbackend.html 70 48 36 33 420 363 359 330 3063 2514 2533 2170 3369 2792 2830 2446
pages/documentation/current/safejail.html 35 13 17 1 125 31 85 3 879 302 512 26 943 302 576 26
pages/documentation/current/samlservice.html 307 92 160 49 1579 364 1185 272 11406 2777 8423 1963 12559 3006 9394 2177
pages/documentation/current/secondfactor.html 70 68 47 47 340 337 282 282 2864 2849 2368 2368 3119 3104 2612 2612
pages/documentation/current/securetoken.html 54 28 20 10 312 123 233 89 2392 1242 1782 938 2628 1315 1988 1009
pages/documentation/current/security.html 247 104 151 62 1404 484 1174 378 10116 4478 8025 3290 11134 4770 8990 3569
pages/documentation/current/selfmadeapplication.html 79 52 49 38 313 222 246 188 3368 2598 2694 2225 3556 2740 2877 2365
pages/documentation/current/selinux.html 36 30 19 19 101 94 66 66 730 689 492 492 779 738 534 534
pages/documentation/current/server_to_server.png_documentation_2.0_servertoserver.html 38 35 11 11 89 85 34 34 790 773 321 321 799 782 328 328
pages/documentation/current/servertoserver.html 31 29 18 18 185 182 157 157 1200 1185 934 934 1335 1320 1069 1069
pages/documentation/current/sessions.html 51 26 31 14 371 154 327 124 2388 1053 2025 790 2677 1151 2310 888
pages/documentation/current/soapconfbackend.html 40 24 9 7 204 139 89 79 1721 1268 605 543 1883 1387 695 625
pages/documentation/current/soapminihowto.html 35 19 14 5 162 67 107 33 1123 560 648 209 1218 584 733 233
pages/documentation/current/soapservices.html 44 22 22 4 247 103 177 41 1880 786 1309 265 2039 841 1445 299
pages/documentation/current/soapsessionbackend.html 62 36 23 18 448 307 325 240 3307 2218 2233 1679 3661 2465 2526 1893
pages/documentation/current/sqlconfbackend.html 110 88 69 60 416 349 321 269 4293 3956 3521 3268 4569 4190 3759 3465
pages/documentation/current/sqlsessionbackend.html 136 44 61 21 601 197 387 134 4358 1476 2588 938 4689 1601 2865 1044
pages/documentation/current/ssoaas.html 129 118 54 54 602 570 418 418 4449 4264 2791 2791 4892 4681 3124 3124
pages/documentation/current/ssocookie.html 60 17 32 4 436 67 364 36 2726 520 2204 256 3073 548 2528 284
pages/documentation/current/start.html 928 599 208 145 2164 1564 932 627 19794 15386 7026 4983 20539 15780 7621 5347
pages/documentation/current/status.html 96 51 48 25 449 204 355 148 3177 1554 2376 1109 3449 1677 2633 1222
pages/documentation/current/totp2f.html 60 56 32 32 430 425 365 365 2853 2812 2152 2152 3201 3160 2491 2491
pages/documentation/current/u2f.html 74 67 35 35 496 482 368 368 3360 3241 2247 2247 3732 3607 2569 2569
pages/documentation/current/upgrade.html 186 162 94 94 1005 956 793 793 6831 6451 4902 4902 7560 7164 5576 5576
pages/documentation/current/utotp2f.html 43 40 19 19 284 280 225 225 1720 1692 1287 1287 1933 1905 1490 1490
pages/documentation/current/variables.html 174 53 95 31 524 136 399 90 3513 1076 2525 670 3838 1135 2824 725
pages/documentation/current/writingrulesand_headers.html 183 105 99 53 916 558 741 443 6421 4192 4753 2963 7073 4582 5373 3343
pages/documentation/current/yamlconfbackend.html 18 14 4 4 76 51 27 27 660 521 281 281 699 540 300 300
pages/documentation/current/yubikey2f.html 55 34 25 16 340 257 231 177 2205 1540 1335 961 2460 1751 1535 1125

1
po-doc/fr-doc
View File

@ -1 +0,0 @@
fr

14
po-doc/fr/index.html
View File

@ -1,14 +0,0 @@
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>Documentation hors-ligne de LemonLDAP::NG</title>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css"/>
</head>
<body>
<div class="container text-center">
<h1>Documentation hors-ligne de LemonLDAP::NG</h1>
<hr />
<a href="pages/documentation/current/start.html" class="btn btn-lg btn-primary">Documentation</a>
</div>
</body>
</html>

82
po-doc/fr/pages/documentation/current/activedirectoryminihowto.html
View File

@ -1,82 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:activedirectoryminihowto</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,activedirectoryminihowto"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="activedirectoryminihowto.html"/>
<link rel="contents" href="activedirectoryminihowto.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:activedirectoryminihowto","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="using_lemonldapng_with_active-directory">Utiliser Lemonldap::NG avec Active-Directory</h1>
<div class="level1">
</div><!-- EDIT1 SECTION "Using LemonLDAP::NG with Active-Directory" [1-57] -->
<h2 class="sectionedit2" id="authentication_with_loginpassword">Authentification par nom-de-compte/mot-de-passe</h2>
<div class="level2">
<p>
Pour utiliser Active Directory comme serveur LDAP, vous devez effectuer quelques modifications dans le manager :
</p>
<ul>
<li class="level1"><div class="li"> Utiliser “Active Directory” comme systèmes d'authentification, de gestion des utilisateurs et des mots-de-passe,</div>
</li>
<li class="level1"><div class="li"> Exporter sAMAccountName dans la liste des <a href="exportedvars.html" class="wikilink1" title="documentation:2.0:exportedvars">variables exportées</a></div>
</li>
<li class="level1"><div class="li"> Changer l'attribut utilisateur à stocker dans les journaux d'Apache <em>(“Paramètres généraux » Journaux » REMOTE_USER”)</em> : utiliser la variable ci-dessus</div>
</li>
</ul>
</div><!-- EDIT2 SECTION "Authentication with login/password" [58-494] -->
<h2 class="sectionedit3" id="authentication_with_kerberos">Authentification avec Kerberos</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> Choisir “Apache” comme module d'authentification <em>(“Paramètres généraux » Modules d'authentification » Module d'authentification”)</em></div>
</li>
<li class="level1"><div class="li"> <a href="authapache.html" class="wikilink1" title="documentation:2.0:authapache">Configurer le serveur Apache</a> qui héberge le portail utilisant le module d'authentification Kerberos d'Apache</div>
</li>
</ul>
</div><!-- EDIT3 SECTION "Authentication with Kerberos" [495-] -->
</div>
</body>
</html>

206
po-doc/fr/pages/documentation/current/applications.html
View File

@ -1,206 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="applications.html"/>
<link rel="contents" href="applications.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:applications","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="applications">Applications</h1>
<div class="level1">
</div><!-- EDIT1 SECTION "Applications" [1-28] -->
<h2 class="sectionedit2" id="how_to_integrate">How to integrate</h2>
<div class="level2">
<p>
To integrate a Web application in <abbr title="LemonLDAP::NG">LL::NG</abbr>, you have the following possibilities:
</p>
<ul>
<li class="level1"><div class="li"> Protect the application with the Handler, and push user identity trough HTTP headers. This is how main Access Manager products, like CA SiteMinder, are working. This also how Apache authentication modules are working, so if your application is compatible with Apache authentication (often called “external authentifcation”), then you can use the Handler.</div>
</li>
<li class="level1"><div class="li"> Specific Handler: some applications can require a specific Handler, to manage preauthentication process for example.</div>
</li>
<li class="level1"><div class="li"> <abbr title="Central Authentication Service">CAS</abbr>: your application is a <abbr title="Central Authentication Service">CAS</abbr> client, you can configure <abbr title="LemonLDAP::NG">LL::NG</abbr> as a <a href="idpcas.html" class="wikilink1" title="documentation:2.0:idpcas">CAS server</a>.</div>
</li>
<li class="level1"><div class="li"> <abbr title="Security Assertion Markup Language">SAML</abbr>: your application is a <abbr title="Security Assertion Markup Language">SAML</abbr> Service Provider, you can configure <abbr title="LemonLDAP::NG">LL::NG</abbr> as a <a href="idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">SAML Identity Provider</a>.</div>
</li>
<li class="level1"><div class="li"> OpenID Connect: your application is a OpenID Connect Relying Party, you can configure <abbr title="LemonLDAP::NG">LL::NG</abbr> as a <a href="idpopenidconnect.html" class="wikilink1" title="documentation:2.0:idpopenidconnect">OpenID Connect Provider</a>.</div>
</li>
</ul>
<p>
If none of above methods is available, you can try:
</p>
<ul>
<li class="level1"><div class="li"> <a href="applications/authbasic.html" class="wikilink1" title="documentation:2.0:applications:authbasic">HTTP Auth-Basic</a>: replay Auth Basic authentication</div>
</li>
<li class="level1"><div class="li"> <a href="formreplay.html" class="wikilink1" title="documentation:2.0:formreplay">Form replay</a>: replay form based authentication</div>
</li>
</ul>
</div><!-- EDIT2 SECTION "How to integrate" [29-1191] -->
<h2 class="sectionedit3" id="application_list">Application list</h2>
<div class="level2">
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 leftalign"> </th><th class="col1 leftalign"> </th><th class="col2 centeralign"> HTTP headers </th><th class="col3 centeralign"> Specific Handler </th><th class="col4 centeralign"> <abbr title="Central Authentication Service">CAS</abbr> </th><th class="col5 leftalign"> <abbr title="Security Assertion Markup Language">SAML</abbr> </th><th class="col6 centeralign"> OpenID Connect </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/adfs.html" class="media" title="documentation:2.0:applications:adfs"><img src="icons/kmultiple.png" class="media" alt="" width="200" /></a> </td><td class="col1 centeralign"> <a href="applications/adfs.html" class="wikilink1" title="documentation:2.0:applications:adfs">ADFS</a> </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign"></td><td class="col6"> </td>
</tr>
<tr class="row2 roweven">
<td class="col0 centeralign"> <a href="applications/alfresco.html" class="media" title="documentation:2.0:applications:alfresco"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/alfresco.html" class="wikilink1" title="documentation:2.0:applications:alfresco">Alfresco</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign"></td><td class="col6"> </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> <a href="applications/aws.html" class="media" title="documentation:2.0:applications:aws"><img src="icons/kmultiple.png" class="media" title="logo_amazon_web_services.jpg" alt="logo_amazon_web_services.jpg" /></a> </td><td class="col1 centeralign"> <a href="applications/aws.html" class="wikilink1" title="documentation:2.0:applications:aws">Amazon Web Services</a> </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign"></td><td class="col6"> </td>
</tr>
<tr class="row4 roweven">
<td class="col0 centeralign"> <a href="applications/bugzilla.html" class="media" title="documentation:2.0:applications:bugzilla"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/bugzilla.html" class="wikilink1" title="documentation:2.0:applications:bugzilla">Bugzilla</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row5 rowodd">
<td class="col0 centeralign"> <a href="applications/cornerstone.html" class="media" title="documentation:2.0:applications:cornerstone"><img src="icons/kmultiple.png" class="media" alt="" width="200" /></a> </td><td class="col1 centeralign"> <a href="applications/cornerstone.html" class="wikilink1" title="documentation:2.0:applications:cornerstone">Cornerstone</a> </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign"></td><td class="col6"> </td>
</tr>
<tr class="row6 roweven">
<td class="col0 centeralign"> <a href="applications/django.html" class="media" title="documentation:2.0:applications:django"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/django.html" class="wikilink1" title="documentation:2.0:applications:django">Django</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row7 rowodd">
<th class="col0 leftalign"> </th><th class="col1 leftalign"> </th><th class="col2 centeralign"> HTTP headers </th><th class="col3 centeralign"> Specific Handler </th><th class="col4 centeralign"> <abbr title="Central Authentication Service">CAS</abbr> </th><th class="col5 leftalign"> <abbr title="Security Assertion Markup Language">SAML</abbr> </th><th class="col6 centeralign"> OpenID Connect </th>
</tr>
<tr class="row8 roweven">
<td class="col0 centeralign"> <a href="applications/dokuwiki.html" class="media" title="documentation:2.0:applications:dokuwiki"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/dokuwiki.html" class="wikilink1" title="documentation:2.0:applications:dokuwiki">Dokuwiki</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row9 rowodd">
<td class="col0 centeralign"> <a href="applications/drupal.html" class="media" title="documentation:2.0:applications:drupal"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/drupal.html" class="wikilink1" title="documentation:2.0:applications:drupal">Drupal</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row10 roweven">
<td class="col0 centeralign"> <a href="applications/fusiondirectory.html" class="media" title="documentation:2.0:applications:fusiondirectory"><img src="icons/kmultiple.png" class="media" title="fusiondirectory-logo.jpg" alt="fusiondirectory-logo.jpg" width="120" /></a> </td><td class="col1 centeralign"> <a href="applications/fusiondirectory.html" class="wikilink1" title="documentation:2.0:applications:fusiondirectory">FusionDirectory</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row11 rowodd">
<td class="col0 centeralign"> <a href="applications/gitlab.html" class="media" title="documentation:2.0:applications:gitlab"><img src="icons/kmultiple.png" class="mediacenter" alt="" width="120" /></a> </td><td class="col1 centeralign"> <a href="applications/gitlab.html" class="wikilink1" title="documentation:2.0:applications:gitlab">Gitlab</a> </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign"></td><td class="col6"> </td>
</tr>
<tr class="row12 roweven">
<td class="col0 centeralign"> <a href="applications/glpi.html" class="media" title="documentation:2.0:applications:glpi"><img src="icons/kmultiple.png" class="media" alt="" width="100" /></a> </td><td class="col1 centeralign"> <a href="applications/glpi.html" class="wikilink1" title="documentation:2.0:applications:glpi">GLPI</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row13 rowodd">
<td class="col0 centeralign"> <a href="applications/googleapps.html" class="media" title="documentation:2.0:applications:googleapps"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/googleapps.html" class="wikilink1" title="documentation:2.0:applications:googleapps">Google Apps</a> </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign"></td><td class="col6"> </td>
</tr>
<tr class="row14 roweven">
<th class="col0 leftalign"> </th><th class="col1 leftalign"> </th><th class="col2 centeralign"> HTTP headers </th><th class="col3 centeralign"> Specific Handler </th><th class="col4 centeralign"> <abbr title="Central Authentication Service">CAS</abbr> </th><th class="col5 leftalign"> <abbr title="Security Assertion Markup Language">SAML</abbr> </th><th class="col6 centeralign"> OpenID Connect </th>
</tr>
<tr class="row15 rowodd">
<td class="col0 centeralign"> <a href="applications/grr.html" class="media" title="documentation:2.0:applications:grr"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/grr.html" class="wikilink1" title="documentation:2.0:applications:grr">GRR</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row16 roweven">
<td class="col0 centeralign"> <a href="applications/liferay.html" class="media" title="documentation:2.0:applications:liferay"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/liferay.html" class="wikilink1" title="documentation:2.0:applications:liferay">Liferay</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"></td>
</tr>
<tr class="row17 rowodd">
<td class="col0 centeralign"> <a href="applications/limesurvey.html" class="media" title="documentation:2.0:applications:limesurvey"><img src="icons/kmultiple.png" class="media" title="LimeSurvey" alt="LimeSurvey" width="120" /></a> </td><td class="col1 centeralign"> <a href="applications/limesurvey.html" class="wikilink1" title="documentation:2.0:applications:limesurvey">LimeSurvey</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"></td>
</tr>
<tr class="row18 roweven">
<td class="col0 centeralign"> <a href="applications/mediawiki.html" class="media" title="documentation:2.0:applications:mediawiki"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/mediawiki.html" class="wikilink1" title="documentation:2.0:applications:mediawiki">Mediawiki</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row19 rowodd">
<td class="col0 centeralign"> <a href="applications/nextcloud.html" class="media" title="documentation:2.0:applications:nextcloud"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/nextcloud.html" class="wikilink1" title="documentation:2.0:applications:nextcloud">NextCloud</a> </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign"></td><td class="col6"> </td>
</tr>
<tr class="row20 roweven">
<th class="col0 leftalign"> </th><th class="col1 leftalign"> </th><th class="col2 centeralign"> HTTP headers </th><th class="col3 centeralign"> Specific Handler </th><th class="col4 centeralign"> <abbr title="Central Authentication Service">CAS</abbr> </th><th class="col5 leftalign"> <abbr title="Security Assertion Markup Language">SAML</abbr> </th><th class="col6 centeralign"> OpenID Connect </th>
</tr>
<tr class="row21 rowodd">
<td class="col0 centeralign"> <a href="applications/obm.html" class="media" title="documentation:2.0:applications:obm"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/obm.html" class="wikilink1" title="documentation:2.0:applications:obm">OBM</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row22 roweven">
<td class="col0 centeralign"> <a href="applications/office365.html" class="media" title="documentation:2.0:applications:office365"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/office365.html" class="wikilink1" title="documentation:2.0:applications:office365">Office 365</a> </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign"></td><td class="col6"> </td>
</tr>
<tr class="row23 rowodd">
<td class="col0 centeralign"> <a href="applications/phpldapadmin.html" class="media" title="documentation:2.0:applications:phpldapadmin"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/phpldapadmin.html" class="wikilink1" title="documentation:2.0:applications:phpldapadmin">phpLDAPAdmin</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row24 roweven">
<td class="col0 centeralign"> <a href="applications/roundcube.html" class="media" title="documentation:2.0:applications:roundcube"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/roundcube.html" class="wikilink1" title="documentation:2.0:applications:roundcube">Roundcube</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row25 rowodd">
<td class="col0 centeralign"> <a href="applications/salesforce.html" class="media" title="documentation:2.0:applications:salesforce"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/salesforce.html" class="wikilink1" title="documentation:2.0:applications:salesforce">SalesForce</a> </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign"></td><td class="col6"> </td>
</tr>
<tr class="row26 roweven">
<td class="col0 centeralign"> <a href="applications/sap.html" class="media" title="documentation:2.0:applications:sap"><img src="icons/kmultiple.png" class="media" title="SAP" alt="SAP" /></a> </td><td class="col1 centeralign"> <a href="applications/sap.html" class="wikilink1" title="documentation:2.0:applications:sap">SAP</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign"></td><td class="col6"> </td>
</tr>
<tr class="row27 rowodd">
<td class="col0 centeralign"> <a href="applications/simplesamlphp.html" class="media" title="documentation:2.0:applications:simplesamlphp"><img src="icons/kmultiple.png" class="media" alt="" width="200" /></a> </td><td class="col1 centeralign"> <a href="applications/simplesamlphp.html" class="wikilink1" title="documentation:2.0:applications:simplesamlphp">simpleSAMLphp</a> </td><td class="col2"> </td><td class="col3"> </td><td class="col4"> </td><td class="col5 centeralign"></td><td class="col6"> </td>
</tr>
<tr class="row28 roweven">
<th class="col0 leftalign"> </th><th class="col1 leftalign"> </th><th class="col2 centeralign"> HTTP headers </th><th class="col3 centeralign"> Specific Handler </th><th class="col4 centeralign"> <abbr title="Central Authentication Service">CAS</abbr> </th><th class="col5 leftalign"> <abbr title="Security Assertion Markup Language">SAML</abbr> </th><th class="col6 centeralign"> OpenID Connect </th>
</tr>
<tr class="row29 rowodd">
<td class="col0 centeralign"> <a href="applications/spring.html" class="media" title="documentation:2.0:applications:spring"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/spring.html" class="wikilink1" title="documentation:2.0:applications:spring">Spring</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row30 roweven">
<td class="col0 centeralign"> <a href="applications/symfony.html" class="media" title="documentation:2.0:applications:symfony"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/symfony.html" class="wikilink1" title="documentation:2.0:applications:symfony">Symfony</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row31 rowodd">
<td class="col0 centeralign"> <a href="applications/sympa.html" class="media" title="documentation:2.0:applications:sympa"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/sympa.html" class="wikilink1" title="documentation:2.0:applications:sympa">Sympa</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row32 roweven">
<td class="col0 centeralign"> <a href="applications/tomcat.html" class="media" title="documentation:2.0:applications:tomcat"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/tomcat.html" class="wikilink1" title="documentation:2.0:applications:tomcat">Tomcat</a> </td><td class="col2 centeralign"></td><td class="col3"> </td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row33 rowodd">
<td class="col0 centeralign"> <a href="applications/wordpress.html" class="media" title="documentation:2.0:applications:wordpress"><img src="icons/kmultiple.png" class="media" alt="" width="100" /></a> </td><td class="col1 centeralign"> <a href="applications/wordpress.html" class="wikilink1" title="documentation:2.0:applications:wordpress">Wordpress</a> </td><td class="col2"> </td><td class="col3"> </td><td class="col4 centeralign"></td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row34 roweven">
<td class="col0 centeralign"> <a href="applications/zimbra.html" class="media" title="documentation:2.0:applications:zimbra"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/zimbra.html" class="wikilink1" title="documentation:2.0:applications:zimbra">Zimbra</a> </td><td class="col2"> </td><td class="col3 centeralign"></td><td class="col4"> </td><td class="col5"> </td><td class="col6"> </td>
</tr>
<tr class="row35 rowodd">
<th class="col0 leftalign"> </th><th class="col1 leftalign"> </th><th class="col2 centeralign"> HTTP headers </th><th class="col3 centeralign"> Specific Handler </th><th class="col4 centeralign"> <abbr title="Central Authentication Service">CAS</abbr> </th><th class="col5 leftalign"> <abbr title="Security Assertion Markup Language">SAML</abbr> </th><th class="col6 centeralign"> OpenID Connect </th>
</tr>
</table></div><!-- EDIT4 TABLE [1223-5506] -->
</div><!-- EDIT3 SECTION "Application list" [1192-] -->
</div>
</body>
</html>

95
po-doc/fr/pages/documentation/current/applications/adfs.html
View File

@ -1,95 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:adfs</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,adfs"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="adfs.html"/>
<link rel="contents" href="adfs.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:adfs","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="active_directory_federation_services">Active Directory Federation Services</h1>
<div class="level1">
<p>
<img src="microsoft-adfs.png" class="mediacenter" alt="" />
</p>
</div><!-- EDIT1 SECTION "Active Directory Federation Services" [1-100] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
Microsoft ADFS (Active Directory Federation Services) is an Identity/Service Provider, compatible with several protocols, including <abbr title="Security Assertion Markup Language">SAML</abbr> 2.0.
</p>
<div class="noteimportant">This documentation does not explains how to setup ADFS, but give only tricks to make it works with <abbr title="LemonLDAP::NG">LL::NG</abbr>
</div>
</div><!-- EDIT2 SECTION "Presentation" [101-399] -->
<h2 class="sectionedit3" id="adfs_as_identity_provider">ADFS as Identity Provider</h2>
<div class="level2">
<p>
When ADFS is declared as an Identity Provider in LemonLDAP::NG, you need to take care of the following items:
</p>
<ul>
<li class="level1"><div class="li"> HTTPS is mandatory on <abbr title="LemonLDAP::NG">LL::NG</abbr> portal</div>
</li>
<li class="level1"><div class="li"> You need to use a certificate in <abbr title="LemonLDAP::NG">LL::NG</abbr> <abbr title="Security Assertion Markup Language">SAML</abbr> metadata instead of a raw public key</div>
</li>
<li class="level1"><div class="li"> Activate option <code>Use specific query_string method</code> in <abbr title="Security Assertion Markup Language">SAML</abbr> Service</div>
</li>
<li class="level1"><div class="li"> Use SHA1 instead of SHA256 as signature algorithm on ADFS if using a Lasso version &lt; 2.5.0</div>
</li>
<li class="level1"><div class="li"> Force <abbr title="Security Assertion Markup Language">SAML</abbr> response to be sent by POST and not Artifact (signature verification fails with Artifact)</div>
</li>
<li class="level1"><div class="li"> Enable <code>Allow proxy authentication</code> in IDP options on <abbr title="LemonLDAP::NG">LL::NG</abbr> side</div>
</li>
</ul>
</div><!-- EDIT3 SECTION "ADFS as Identity Provider" [400-] -->
</div>
</body>
</html>

604
po-doc/fr/pages/documentation/current/applications/alfresco.html
View File

@ -1,604 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:alfresco</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,alfresco"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="alfresco.html"/>
<link rel="contents" href="alfresco.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:alfresco","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#http_headers">HTTP headers</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#alfresco1">Alfresco</a></div></li>
<li class="level2"><div class="li"><a href="#llng">LL::NG</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#headers">En-têtes</a></div></li>
<li class="level3"><div class="li"><a href="#rules">Règles</a></div></li>
</ul>
</li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#saml2">SAML2</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#alfresco2">Alfresco</a></div></li>
<li class="level2"><div class="li"><a href="#llng1">LL::NG</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#other_resources">Autres documents</a></div></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="alfresco">Alfresco</h1>
<div class="level1">
<p>
<img src="alfresco_logo.png" class="mediacenter" alt="" />
</p>
</div><!-- EDIT1 SECTION "Alfresco" [1-71] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="https://www.alfresco.com/" class="urlextern" title="https://www.alfresco.com/" rel="nofollow">Alfresco</a> est un logiciel ECM/BPM.
</p>
<p>
Depuis la version 4.0, il permet facilement de configurer un <abbr title="Authentification unique (Single Sign On)">SSO</abbr> grace au sous-système d'authentification.
</p>
<p>
Authentication against <abbr title="LemonLDAP::NG">LL::NG</abbr> can be done trough:
</p>
<ul>
<li class="level1"><div class="li"> HTTP headers (<abbr title="LemonLDAP::NG">LL::NG</abbr> Handler)</div>
</li>
<li class="level1"><div class="li"> <abbr title="Security Assertion Markup Language">SAML</abbr> 2 (<abbr title="LemonLDAP::NG">LL::NG</abbr> as SAML2 IDP)</div>
</li>
</ul>
<div class="notetip">Alfresco now recommends SAML2 method
</div>
</div><!-- EDIT2 SECTION "Presentation" [72-430] -->
<h2 class="sectionedit3" id="http_headers">HTTP headers</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "HTTP headers" [431-456] -->
<h3 class="sectionedit4" id="alfresco1">Alfresco</h3>
<div class="level3">
<div class="notetip">La documentation officielle se trouve ici : <a href="http://docs.alfresco.com/4.0/tasks/auth-alfrescoexternal-sso.html" class="urlextern" title="http://docs.alfresco.com/4.0/tasks/auth-alfrescoexternal-sso.html" rel="nofollow">http://docs.alfresco.com/4.0/tasks/auth-alfrescoexternal-sso.html</a>
</div>
<p>
Les fichiers suivants sont nécessaires dans l'installation Alfresco :
</p>
<ul>
<li class="level1"><div class="li"> <code>alfresco-global.properties</code> (ex: <code>tomcat/shared/classes/alfresco-global.properties</code>)</div>
</li>
<li class="level1"><div class="li"> <code>share-config-custom.xml</code> (ex: <code>tomcat/shared/classes/alfresco/web-extension/share-config-custom.xml</code>)</div>
</li>
</ul>
<p>
The first will allow one to configure <abbr title="Authentification unique (Single Sign On)">SSO</abbr> for the alfresco webapp, and the other for the share webapp.
</p>
<p>
Éditer d'abord <code>alfresco-global.properties</code> et ajouter :
</p>
<pre class="code file java">### SSO ###
authentication.<span class="me1">chain</span><span class="sy0">=</span>external1<span class="sy0">:</span>external
external.<span class="me1">authentication</span>.<span class="me1">enabled</span><span class="sy0">=</span><span class="kw2">true</span>
external.<span class="me1">authentication</span>.<span class="me1">defaultAdministratorUserNames</span><span class="sy0">=</span>
external.<span class="me1">authentication</span>.<span class="me1">proxyUserName</span><span class="sy0">=</span>
external.<span class="me1">authentication</span>.<span class="me1">proxyHeader</span><span class="sy0">=</span>Auth<span class="sy0">-</span>User
external.<span class="me1">authentication</span>.<span class="me1">userIdPattern</span><span class="sy0">=</span></pre>
<p>
Éditer ensuite <code>share-config-custom.xml</code> et décommenter la dernière partie. Dans le "<code>&lt;endpoint&gt;</code>", changer la valeur de <code>&lt;connector-id&gt;</code> en <code>alfrescoHeader</code> et changer la valeur de <code>&lt;userHeader&gt;</code> en <code>Auth-User</code> :
</p>
<pre class="code file xml"> <span class="sc3"><span class="re1">&lt;config</span> <span class="re0">evaluator</span>=<span class="st0">"string-compare"</span> <span class="re0">condition</span>=<span class="st0">"Remote"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;remote<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;keystore<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>alfresco/web-extension/alfresco-system.p12<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;type<span class="re2">&gt;</span></span></span>pkcs12<span class="sc3"><span class="re1">&lt;/type<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;password<span class="re2">&gt;</span></span></span>alfresco-system<span class="sc3"><span class="re1">&lt;/password<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/keystore<span class="re2">&gt;</span></span></span>
&nbsp;
<span class="sc3"><span class="re1">&lt;connector<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;id<span class="re2">&gt;</span></span></span>alfrescoCookie<span class="sc3"><span class="re1">&lt;/id<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;name<span class="re2">&gt;</span></span></span>Alfresco Connector<span class="sc3"><span class="re1">&lt;/name<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;description<span class="re2">&gt;</span></span></span>Connects to an Alfresco instance using cookie-based authentication<span class="sc3"><span class="re1">&lt;/description<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;class<span class="re2">&gt;</span></span></span>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector<span class="sc3"><span class="re1">&lt;/class<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/connector<span class="re2">&gt;</span></span></span>
&nbsp;
<span class="sc3"><span class="re1">&lt;connector<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;id<span class="re2">&gt;</span></span></span>alfrescoHeader<span class="sc3"><span class="re1">&lt;/id<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;name<span class="re2">&gt;</span></span></span>Alfresco Connector<span class="sc3"><span class="re1">&lt;/name<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;description<span class="re2">&gt;</span></span></span>Connects to an Alfresco instance using header and cookie-based authentication<span class="sc3"><span class="re1">&lt;/description<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;class<span class="re2">&gt;</span></span></span>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector<span class="sc3"><span class="re1">&lt;/class<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;userHeader<span class="re2">&gt;</span></span></span>Auth-User<span class="sc3"><span class="re1">&lt;/userHeader<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/connector<span class="re2">&gt;</span></span></span>
&nbsp;
<span class="sc3"><span class="re1">&lt;endpoint<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;id<span class="re2">&gt;</span></span></span>alfresco<span class="sc3"><span class="re1">&lt;/id<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;name<span class="re2">&gt;</span></span></span>Alfresco - user access<span class="sc3"><span class="re1">&lt;/name<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;description<span class="re2">&gt;</span></span></span>Access to Alfresco Repository WebScripts that require user authentication<span class="sc3"><span class="re1">&lt;/description<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;connector-id<span class="re2">&gt;</span></span></span>alfrescoHeader<span class="sc3"><span class="re1">&lt;/connector-id<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;endpoint-url<span class="re2">&gt;</span></span></span>http://localhost:8080/alfresco/wcs<span class="sc3"><span class="re1">&lt;/endpoint-url<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;identity<span class="re2">&gt;</span></span></span>user<span class="sc3"><span class="re1">&lt;/identity<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;external-auth<span class="re2">&gt;</span></span></span>true<span class="sc3"><span class="re1">&lt;/external-auth<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/endpoint<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/remote<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/config<span class="re2">&gt;</span></span></span></pre>
<p>
Un redémarrage de Tomcat est nécessaire pour appliquer les changements.
</p>
<div class="notewarning">On peut ensuite se connecter avec un simple en-tête HTTP. Il faut restreindre l'accès à Alfresco à <abbr title="LemonLDAP::NG">LL::NG</abbr>.
</div>
</div><!-- EDIT4 SECTION "Alfresco" [457-3157] -->
<h3 class="sectionedit5" id="llng">LL::NG</h3>
<div class="level3">
</div>
<h4 id="headers">En-têtes</h4>
<div class="level4">
<p>
Renseigner simplement l'en-tête <code>Auth-User</code> avec l'attribut qui contient le nom de login, par exemple <code>$uid</code>.
</p>
</div>
<h4 id="rules">Règles</h4>
<div class="level4">
<p>
Set the default rule to what you need.
</p>
<p>
Other rules:
</p>
<ul>
<li class="level1"><div class="li"> Unprotect access to some resources: <code>^/share/res ⇒ unprotect</code></div>
</li>
<li class="level1"><div class="li"> Catch logout: <code>^/share/page/dologout ⇒ logout_app_sso</code></div>
</li>
</ul>
</div><!-- EDIT5 SECTION "LL::NG" [3158-3497] -->
<h2 class="sectionedit6" id="saml2">SAML2</h2>
<div class="level2">
</div><!-- EDIT6 SECTION "SAML2" [3498-3517] -->
<h3 class="sectionedit7" id="alfresco2">Alfresco</h3>
<div class="level3">
<p>
Install <abbr title="Security Assertion Markup Language">SAML</abbr> Alfresco module package:
</p>
<pre class="code">cp alfresco-saml-repo-1.0.1.amp &lt;ALFRESCO_HOME&gt;/amps
cp alfresco-saml-share-1.0.1.amp &lt;ALFRESCO_HOME&gt;/amps_share
./bin/apply_amp.sh</pre>
<p>
Generate <abbr title="Security Assertion Markup Language">SAML</abbr> certificate:
</p>
<pre class="code">keytool -genkeypair -alias my-saml-key -keypass change-me -storepass change-me -keystore my-saml.keystore -storetype JCEKS</pre>
<p>
Export the keystore:
</p>
<pre class="code">mv my-saml.keystore alf_data/keystore
cat &lt;&lt;EOT &gt; alf_data/keystore/my-saml.keystore-metadata.properties
aliases=my-saml-key
keystore.password=change-me
my-saml-key.password=change-me
EOT
cat &lt;&lt;EOT &gt;&gt; tomcat/shared/classes/alfresco-global.properties
saml.keystore.location=\${dir.keystore}/my-saml.keystore
saml.keystore.keyMetaData.location=\${dir.keystore}/my-saml.keystore-metadata.properties
EOT</pre>
<p>
Edit then <code>share-config-custom.xml</code>:
</p>
<pre class="code file xml"> ...
<span class="sc3"><span class="re1">&lt;config</span> <span class="re0">evaluator</span>=<span class="st0">"string-compare"</span> <span class="re0">condition</span>=<span class="st0">"CSRFPolicy"</span> <span class="re0">replace</span>=<span class="st0">"true"</span><span class="re2">&gt;</span></span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!--</span>
<span class="sc-1"> If using https make a CSRFPolicy with replace="true" and override the properties section.</span>
<span class="sc-1"> Note, localhost is there to allow local checks to succeed.</span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1"> I.e.</span>
<span class="sc-1"> &lt;properties&gt;</span>
<span class="sc-1"> &lt;token&gt;Alfresco-CSRFToken&lt;/token&gt;</span>
<span class="sc-1"> &lt;referer&gt;https://your-domain.com/.*|http://localhost:8080/.*&lt;/referer&gt;</span>
<span class="sc-1"> &lt;origin&gt;https://your-domain.com|http://localhost:8080&lt;/origin&gt;</span>
<span class="sc-1"> &lt;/properties&gt;</span>
<span class="sc-1"> --&gt;</span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc3"><span class="re1">&lt;filter<span class="re2">&gt;</span></span></span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!-- SAML SPECIFIC CONFIG - START --&gt;</span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!--</span>
<span class="sc-1"> Since we have added the CSRF filter with filter-mapping of "/*" we will catch all public GET's to avoid them</span>
<span class="sc-1"> having to pass through the remaining rules.</span>
<span class="sc-1"> --&gt;</span>
<span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>GET<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/res/.*<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!-- Incoming posts from IDPs do not require a token --&gt;</span>
<span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>POST<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/page/saml-authnresponse|/page/saml-logoutresponse|/page/saml-logoutrequest<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!-- SAML SPECIFIC CONFIG - STOP --&gt;</span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!-- EVERYTHING BELOW FROM HERE IS COPIED FROM share-security-config.xml --&gt;</span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!--</span>
<span class="sc-1"> Certain webscripts shall not be allowed to be accessed directly form the browser.</span>
<span class="sc-1"> Make sure to throw an error if they are used.</span>
<span class="sc-1"> --&gt;</span>
<span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/proxy/alfresco/remoteadm/.*<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"throwError"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"message"</span><span class="re2">&gt;</span></span>It is not allowed to access this url from your browser<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!--</span>
<span class="sc-1"> Certain Repo webscripts should be allowed to pass without a token since they have no Share knowledge.</span>
<span class="sc-1"> TODO: Refactor the publishing code so that form that is posted to this URL is a Share webscript with the right tokens.</span>
<span class="sc-1"> --&gt;</span>
<span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>POST<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/proxy/alfresco/api/publishing/channels/.+<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertReferer"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"referer"</span><span class="re2">&gt;</span></span>{referer}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertOrigin"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"origin"</span><span class="re2">&gt;</span></span>{origin}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!--</span>
<span class="sc-1"> Certain Surf POST requests from the WebScript console must be allowed to pass without a token since</span>
<span class="sc-1"> the Surf WebScript console code can't be dependent on a Share specific filter.</span>
<span class="sc-1"> --&gt;</span>
<span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>POST<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/page/caches/dependency/clear|/page/index|/page/surfBugStatus|/page/modules/deploy|/page/modules/module|/page/api/javascript/debugger|/page/console<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertReferer"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"referer"</span><span class="re2">&gt;</span></span>{referer}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertOrigin"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"origin"</span><span class="re2">&gt;</span></span>{origin}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!-- Certain Share POST requests does NOT require a token --&gt;</span>
<span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>POST<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/page/dologin(\?.+)?|/page/site/[^/]+/start-workflow|/page/start-workflow|/page/context/[^/]+/start-workflow<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertReferer"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"referer"</span><span class="re2">&gt;</span></span>{referer}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertOrigin"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"origin"</span><span class="re2">&gt;</span></span>{origin}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!-- Assert logout is done from a valid domain, if so clear the token when logging out --&gt;</span>
<span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>POST<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/page/dologout(\?.+)?<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertReferer"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"referer"</span><span class="re2">&gt;</span></span>{referer}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertOrigin"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"origin"</span><span class="re2">&gt;</span></span>{origin}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"clearToken"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"session"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"cookie"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!-- Make sure the first token is generated --&gt;</span>
<span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;session<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;attribute</span> <span class="re0">name</span>=<span class="st0">"_alf_USER_ID"</span><span class="re2">&gt;</span></span>.+<span class="sc3"><span class="re1">&lt;/attribute<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;attribute</span> <span class="re0">name</span>=<span class="st0">"{token}"</span><span class="re2">/&gt;</span></span>
<span class="sc-1">&lt;!-- empty attribute element indicates null, meaning the token has not yet been set --&gt;</span>
<span class="sc3"><span class="re1">&lt;/session<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"generateToken"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"session"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"cookie"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!-- Refresh token on new "page" visit when a user is logged in --&gt;</span>
<span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>GET<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>/page/.*<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;session<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;attribute</span> <span class="re0">name</span>=<span class="st0">"_alf_USER_ID"</span><span class="re2">&gt;</span></span>.+<span class="sc3"><span class="re1">&lt;/attribute<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;attribute</span> <span class="re0">name</span>=<span class="st0">"{token}"</span><span class="re2">&gt;</span></span>.+<span class="sc3"><span class="re1">&lt;/attribute<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/session<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"generateToken"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"session"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"cookie"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!--</span>
<span class="sc-1"> Verify multipart requests from logged in users contain the token as a parameter</span>
<span class="sc-1"> and also correct referer &amp; origin header if available</span>
<span class="sc-1"> --&gt;</span>
<span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>POST<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;header</span> <span class="re0">name</span>=<span class="st0">"Content-Type"</span><span class="re2">&gt;</span></span>multipart/.+<span class="sc3"><span class="re1">&lt;/header<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;session<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;attribute</span> <span class="re0">name</span>=<span class="st0">"_alf_USER_ID"</span><span class="re2">&gt;</span></span>.+<span class="sc3"><span class="re1">&lt;/attribute<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/session<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertToken"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"session"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"parameter"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertReferer"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"referer"</span><span class="re2">&gt;</span></span>{referer}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertOrigin"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"origin"</span><span class="re2">&gt;</span></span>{origin}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
&nbsp;
&nbsp;
&nbsp;
<span class="sc-1">&lt;!--</span>
<span class="sc-1"> Verify that all remaining state changing requests from logged in users' requests contains a token in the</span>
<span class="sc-1"> header and correct referer &amp; origin headers if available. We "catch" all content types since just setting it to</span>
<span class="sc-1"> "application/json.*" since a webscript that doesn't require a json request body otherwise would be</span>
<span class="sc-1"> successfully executed using i.e."text/plain".</span>
<span class="sc-1"> --&gt;</span>
<span class="sc3"><span class="re1">&lt;rule<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;method<span class="re2">&gt;</span></span></span>POST|PUT|DELETE<span class="sc3"><span class="re1">&lt;/method<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;session<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;attribute</span> <span class="re0">name</span>=<span class="st0">"_alf_USER_ID"</span><span class="re2">&gt;</span></span>.+<span class="sc3"><span class="re1">&lt;/attribute<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/session<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/request<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertToken"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"session"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"header"</span><span class="re2">&gt;</span></span>{token}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertReferer"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"referer"</span><span class="re2">&gt;</span></span>{referer}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;action</span> <span class="re0">name</span>=<span class="st0">"assertOrigin"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;param</span> <span class="re0">name</span>=<span class="st0">"origin"</span><span class="re2">&gt;</span></span>{origin}<span class="sc3"><span class="re1">&lt;/param<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/action<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/rule<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/filter<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/config<span class="re2">&gt;</span></span></span>
...</pre>
<p>
Configure <abbr title="Security Assertion Markup Language">SAML</abbr> service provider using the Alfresco admin console (/alfresco/s/enterprise/admin/admin-saml).
</p>
<p>
Set the following parameters:
</p>
<ul>
<li class="level1"><div class="li"> Enable <abbr title="Security Assertion Markup Language">SAML</abbr> Authentication (<abbr title="Authentification unique (Single Sign On)">SSO</abbr>): on</div>
</li>
<li class="level1"><div class="li"> Authentication service <abbr title="Uniform Resource Locator">URL</abbr>: <a href="https://auth.example.com/saml/singleSignOn" class="urlextern" title="https://auth.example.com/saml/singleSignOn" rel="nofollow">https://auth.example.com/saml/singleSignOn</a></div>
</li>
<li class="level1"><div class="li"> Single Logout <abbr title="Uniform Resource Locator">URL</abbr>: <a href="https://auth.example.com/saml/singleLogout" class="urlextern" title="https://auth.example.com/saml/singleLogout" rel="nofollow">https://auth.example.com/saml/singleLogout</a></div>
</li>
<li class="level1"><div class="li"> Single logout return <abbr title="Uniform Resource Locator">URL</abbr>: <a href="https://auth.example.com/saml/singleLogoutReturn" class="urlextern" title="https://auth.example.com/saml/singleLogoutReturn" rel="nofollow">https://auth.example.com/saml/singleLogoutReturn</a></div>
</li>
<li class="level1"><div class="li"> Entity identification: <a href="http://alfresco.myecm.org:8080/share" class="urlextern" title="http://alfresco.myecm.org:8080/share" rel="nofollow">http://alfresco.myecm.org:8080/share</a></div>
</li>
<li class="level1"><div class="li"> User ID mapping: Subject/NameID</div>
</li>
</ul>
<p>
To finish with Alfresco configuration, tick the “Enable <abbr title="Security Assertion Markup Language">SAML</abbr> authentication (<abbr title="Authentification unique (Single Sign On)">SSO</abbr>)” box.
</p>
</div><!-- EDIT7 SECTION "Alfresco" [3518-14176] -->
<h3 class="sectionedit8" id="llng1">LL::NG</h3>
<div class="level3">
<p>
Configure <abbr title="Security Assertion Markup Language">SAML</abbr> service and set a certificate as signature public key in metadata.
</p>
<p>
Export Alfresco <abbr title="Security Assertion Markup Language">SAML</abbr> Metadata from admin console and import them in <abbr title="LemonLDAP::NG">LL::NG</abbr>.
</p>
<p>
In the authentication response option, set:
</p>
<ul>
<li class="level1"><div class="li"> Default NameID Format: Unspecified</div>
</li>
<li class="level1"><div class="li"> Force NameID session key: uid</div>
</li>
</ul>
<p>
And you can define these exported attributes:
</p>
<ul>
<li class="level1"><div class="li"> GivenName</div>
</li>
<li class="level1"><div class="li"> Surname</div>
</li>
<li class="level1"><div class="li"> Email</div>
</li>
</ul>
</div><!-- EDIT8 SECTION "LL::NG" [14177-14555] -->
<h2 class="sectionedit9" id="other_resources">Autres documents</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> <a href="https://www.youtube.com/watch?v=5tS0XrC_-rw" class="urlextern" title="https://www.youtube.com/watch?v=5tS0XrC_-rw" rel="nofollow">DevCon 2012: Unlocking the Secrets of Alfresco Authentication, Mehdi Belmekki</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://community.alfresco.com/blogs/alfresco-premier-services/2017/08/03/setting-up-alfresco-saml-authentication-lemonldapng" class="urlextern" title="https://community.alfresco.com/blogs/alfresco-premier-services/2017/08/03/setting-up-alfresco-saml-authentication-lemonldapng" rel="nofollow">Setting up Alfresco SAML authentication with LemonLDAP::NG</a></div>
</li>
</ul>
</div><!-- EDIT9 SECTION "Other resources" [14556-] -->
</div>
</body>
</html>

114
po-doc/fr/pages/documentation/current/applications/authbasic.html
View File

@ -1,114 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:authbasic</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,authbasic"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authbasic.html"/>
<link rel="contents" href="authbasic.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:authbasic","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="http_basic_authentication">Authentification basique HTTP</h1>
<div class="level1">
<p>
<a href="http_logo.png_documentation_2.0_applications_authbasic.html" class="media" title="applications:http_logo.png"><img src="http_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "HTTP Basic Authentication" [1-77] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<div class="noteimportant">Pour l'instant, cette fonctionnalité n'est offerte qu'avec le handler Apache.
</div>
<p>
Extrait de <a href="http://fr.wikipedia.org/wiki/HTTP_Authentification" class="urlextern" title="http://fr.wikipedia.org/wiki/HTTP_Authentification" rel="nofollow">l'article Wikipedia</a>:
</p>
<p>
<blockquote>
Dans le contexte d'une transaction HTTP, l'authentification basique est une méthode qui permet au navigateur ou un autre programme client de fournir des éléments d'authentification sous la forme d'un nom et d'un mot de passe à chaque requête.
</p>
<p>
Avant la transmission, le nom et le mot de passe sont encodés en base-64. Par exemple, le nom Aladdin et le mot-de-passe "open sesame" vont être assemblés en "Aladdin:open sesame" dont l'équivalent est QWxhZGRpbjpvcGVuIHNlc2FtZQ== en Base64. Un petit effort est requis pour décoder ces chaînes et de nombreux outils de sécurité les décodent à la volée.
</blockquote>
</p>
<p>
So HTTP Basic Authentication is managed trough an HTTP header (<code>Authorization</code>), that can be forged by <abbr title="LemonLDAP::NG">LL::NG</abbr>, with this precautions:
</p>
<ul>
<li class="level1"><div class="li"> Les données ne doivent pas contenir de caractères spéciaux, car le protocole HTTP n'autorise que les caractères <abbr title="American Standard Code for Information Interchange">ASCII</abbr> dans les en-têtes (mais suivant le serveur HTTP, vous pouvez utiliser des valeurs encodées ISO)</div>
</li>
<li class="level1"><div class="li"> Il est nécessaire d'exporter le mot-de-passe, qui peut être le mot-de-passe principal de l'utilisateur (si <a href="../passwordstore.html" class="wikilink1" title="documentation:2.0:passwordstore">le mot-de-passe est stocké dans la session</a>, ou n'importe quel attribut utilisateur (si d'autres mots-de-passe sont stockés dans la base de données des utilisateurs).</div>
</li>
</ul>
</div><!-- EDIT2 SECTION "Presentation" [78-1536] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
<p>
L'authentification basique est portée par un en-tête HTTP spécifique, tel que décrit ci-dessous. Il suffit donc de déclarer cet en-tête pour l'hôte virtuel dans le manager.
</p>
<p>
Par exemple, pour exporter l'identifiant (<code>$uid</code>) et le mot-de-passe (<code>$_password</code> si <a href="../passwordstore.html" class="wikilink1" title="documentation:2.0:passwordstore">le mot-de-passe est stocké dans la session</a>):
</p>
<pre class="code">Authorization =&gt; "Basic ".encode_base64("$uid:$_password")</pre>
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> fournit une fonction spéciale nommée <a href="../extendedfunctions.html#basic" class="wikilink1" title="documentation:2.0:extendedfunctions">basic</a> pour construire cet en-tête.
</p>
<p>
Ainsi l'exemple ci-dessous peut être écrit simplement :
</p>
<pre class="code">Authorization =&gt; basic($uid,$_password)</pre>
<div class="notetip">La fonction <code>basic</code> force la conversion des caractères UTF-8 en ISO-8859-1, qui peut être accepté par la plupart des serveurs HTTP.
</div>
</div><!-- EDIT3 SECTION "Configuration" [1537-] -->
</div>
</body>
</html>

128
po-doc/fr/pages/documentation/current/applications/aws.html
View File

@ -1,128 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:aws</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,aws"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="aws.html"/>
<link rel="contents" href="aws.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:aws","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="amazon_web_services">Amazon Web Services</h1>
<div class="level1">
<p>
<a href="https://aws.amazon.com" class="urlextern" title="https://aws.amazon.com" rel="nofollow">Amazon Web Services</a> allows one to delegate authentication through SAML2.
</p>
</div><!-- EDIT1 SECTION "Amazon Web Services" [1-136] -->
<h2 class="sectionedit2" id="saml">SAML</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> Make sure you have followed the steps <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html" class="urlextern" title="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html" rel="nofollow">here</a>.</div>
</li>
<li class="level1"><div class="li"> Go to <a href="https://your.portal.com/saml/metadata" class="urlextern" title="https://your.portal.com/saml/metadata" rel="nofollow">https://your.portal.com/saml/metadata</a> and save the resulting file locally.</div>
</li>
<li class="level1"><div class="li"> In each AWS account, go to IAM → Identity providers → Create Provider.</div>
</li>
<li class="level1"><div class="li"> Select <code><abbr title="Security Assertion Markup Language">SAML</abbr></code> as the provider type</div>
</li>
<li class="level1"><div class="li"> Choose a name (best if kept consistent between accounts), and then choose the metadata file you saved above.</div>
</li>
<li class="level1"><div class="li"> Looking again at the links on the left side of the page, go to Roles → Create role</div>
</li>
<li class="level1"><div class="li"> Choose <code><abbr title="Security Assertion Markup Language">SAML</abbr> / Saml 2.0 federation</code></div>
</li>
<li class="level1"><div class="li"> Select the provider you just configured, click <code>Allow programmatic and AWSManagement Console access</code> which will fill in the rest of the form for you, then click next.</div>
</li>
<li class="level1"><div class="li"> Set whatever permissions you need to and then click <code>Review</code>.</div>
</li>
<li class="level1"><div class="li"> Choose a name for the role. These will shown to people when they log in, so make them descriptive. We have different accounts for different regions of the world, so I put the region into the role name so people know which account is which.</div>
</li>
</ul>
<div class="noteclassic">If you have only one role, the configuration is simple. If you have multiple roles for different people, it is a little trickier. As you will see, the <abbr title="Security Assertion Markup Language">SAML</abbr> attributes are not dynamic, so you have to set them in the session when a user logs in or use a custom function. In this example, I wanted to avoid managing custom functions on all the servers, so the <abbr title="Security Assertion Markup Language">SAML</abbr> attributes are set in the session. We also use LDAP for user information, so I will describe that. In our LDAP tree, each user has attributes which are used quite heavily for dynamic groups and authorisation. You will want something similar, using whatever attribute makes sense to you. Par exemple :<pre class="code file ldif"> <span class="re0">dn</span>:<span class="re1"> uid=user,ou=people,dc=your,dc=com</span>
...
<span class="re0">ou</span>:<span class="re1"> sysadmin</span>
<span class="re0">ou</span>:<span class="re1"> database</span>
<span class="re0">ou</span>:<span class="re1"> root</span></pre>
</div><ul>
<li class="level1"><div class="li"> Assuming you use the web interface to manage lemonldap, go to General Parameters → Authentication parameters → LDAP parameters → Exported variables. Here set the key to the LDAP attribute and the value to something sensible. I keep them the same to make it easy.</div>
</li>
<li class="level1"><div class="li"> Now go to *Variables → Macros*. Here set up variables which will be computed based on the attributes you exported above. You will need to emit strings in this format <code>arn:aws:iam::account-number:role/role-name1,arn:aws:iam::account-number:saml-provider/provider-name</code>. The parts you need to change are <code>account-number</code>, <code>role-name1</code> and <code>provier-name</code>. The last two will be the provider name and role names you just set up in AWS.</div>
</li>
<li class="level1"><div class="li"> Perl works in here, so something like this is valid: <code>aws_eu_role</code><code>$ou =~ sysadmin ? “arn:aws…” : “arn:…”</code></div>
</li>
<li class="level1"><div class="li"> If it easier, split multiple roles into different macros. Then tie all the variables you define together into one string concatenating them with whatever is in General Parameters → Advanced Parameters → Separator. Actually click into this field and move around with the arrow keys to see if there is a space, since spaces can be part of the separator.</div>
</li>
<li class="level1"><div class="li"> Remember macros are defined alphanumerically, so you want one right at the end, like <code>z_aws_roles</code><code>join(“; ”, $role_name1, $role_name2, …)</code></div>
</li>
<li class="level1"><div class="li"> On the left again, click <code><abbr title="Security Assertion Markup Language">SAML</abbr> service providers</code>, then <code>Add <abbr title="Security Assertion Markup Language">SAML</abbr> SP</code>.</div>
</li>
<li class="level1"><div class="li"> Enter a name, click ok, then select it on the left. Select <code>Metadata</code>, then enter `<a href="https://signin.aws.amazon.com/static/saml-metadata.xml" class="urlextern" title="https://signin.aws.amazon.com/static/saml-metadata.xml" rel="nofollow">https://signin.aws.amazon.com/static/saml-metadata.xml</a>` in the <code><abbr title="Uniform Resource Locator">URL</abbr></code> field, then click load.</div>
</li>
<li class="level1"><div class="li"> Click <code>Exported attributes</code> on the left, then <code>Add attribute</code> twice to add two attributes. The first field is the name of a variable set in the user's session:</div>
<ul>
<li class="level2"><div class="li"> <code>_whatToTrace</code><code><a href="https://aws.amazon.com/SAML/Attributes/RoleSessionName" class="urlextern" title="https://aws.amazon.com/SAML/Attributes/RoleSessionName" rel="nofollow">https://aws.amazon.com/SAML/Attributes/RoleSessionName</a></code> (leave the rest)</div>
</li>
<li class="level2"><div class="li"> <code>z_aws_roles</code> (the macro name you defined above) → <code><a href="https://aws.amazon.com/SAML/Attributes/Role" class="urlextern" title="https://aws.amazon.com/SAML/Attributes/Role" rel="nofollow">https://aws.amazon.com/SAML/Attributes/Role</a></code> (leave the rest)</div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> On the left, select Options → Security → Enable use of IDP initiated <abbr title="Uniform Resource Locator">URL</abbr> → On</div>
</li>
<li class="level1"><div class="li"> Select General Parameters → Portal → Menu → Categories and applications</div>
</li>
<li class="level1"><div class="li"> Select a category or create a new one if you need to. Then click <code>New application</code>. </div>
</li>
<li class="level1"><div class="li"> Enter a name etc. For the <abbr title="Uniform Resource Locator">URL</abbr>, use <code><a href="https://your.portal.com/saml/singleSignOn?IDPInitiated=1&amp;sp=urn:amazon:webservices" class="urlextern" title="https://your.portal.com/saml/singleSignOn?IDPInitiated=1&amp;sp=urn:amazon:webservices" rel="nofollow">https://your.portal.com/saml/singleSignOn?IDPInitiated=1&amp;sp=urn:amazon:webservices</a></code></div>
</li>
<li class="level1"><div class="li"> Display application should be set to <code>Enabled</code></div>
</li>
<li class="level1"><div class="li"> Go to your portal, click on the link, and check that it works!</div>
</li>
</ul>
</div><!-- EDIT2 SECTION "SAML" [137-] -->
</div>
</body>
</html>

208
po-doc/fr/pages/documentation/current/applications/bugzilla.html
View File

@ -1,208 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:bugzilla</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,bugzilla"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="bugzilla.html"/>
<link rel="contents" href="bugzilla.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:bugzilla","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#bugzilla_administration">Administration de Bugzilla</a></div></li>
<li class="level2"><div class="li"><a href="#bugzilla_virtual_host">Hôte virtuel Bugzilla</a></div></li>
<li class="level2"><div class="li"><a href="#bugzilla_virtual_host_in_manager">Hôte virtuel Bugzilla dans le manager</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="bugzilla">Bugzilla</h1>
<div class="level1">
<p>
<a href="bugzilla_logo.png_documentation_2.0_applications_bugzilla.html" class="media" title="applications:bugzilla_logo.png"><img src="bugzilla_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "Bugzilla" [1-64] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://www.bugzilla.org" class="urlextern" title="http://www.bugzilla.org" rel="nofollow">Bugzilla</a> est un logiciel serveur conçu pour assister la gestion de développement logiciel.
</p>
<p>
Bugzilla peut authentifier un utilisateur par en-tête HTTP et auto-générer son compte avec quelques informations :
</p>
<ul>
<li class="level1"><div class="li"> User ID</div>
</li>
<li class="level1"><div class="li"> Email</div>
</li>
<li class="level1"><div class="li"> Real name</div>
</li>
</ul>
</div><!-- EDIT2 SECTION "Presentation" [65-338] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Configuration" [339-365] -->
<h3 class="sectionedit4" id="bugzilla_administration">Administration de Bugzilla</h3>
<div class="level3">
<p>
Dans l'interface d'administration, allez dans <code>Parameters</code> » <code>User authentication</code>
</p>
<p>
et indiquez :
</p>
<ul>
<li class="level1"><div class="li"> <strong>auth_env_id</strong>: HTTP_AUTH_USER</div>
</li>
<li class="level1"><div class="li"> <strong>auth_env_email</strong>: HTTP_AUTH_MAIL</div>
</li>
<li class="level1"><div class="li"> <strong>auth_env_realname</strong>: HTTP_AUTH_CN</div>
</li>
<li class="level1"><div class="li"> <strong>user_info_class</strong>: Env or Env,CGI</div>
</li>
</ul>
</div><!-- EDIT4 SECTION "Bugzilla administration" [366-653] -->
<h3 class="sectionedit5" id="bugzilla_virtual_host">Hôte virtuel Bugzilla</h3>
<div class="level3">
<p>
Configurer l'hôte virtuel Bugzilla comme n'importe quel autre <a href="../configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">hôte virtuel protégé</a>.
</p>
<ul>
<li class="level1"><div class="li"> Pour Apache:</div>
</li>
</ul>
<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
<span class="kw1">ServerName</span> bugzilla.example.com
&nbsp;
PerlHeaderParserHandler Lemonldap::NG::Handler
&nbsp;
...
&nbsp;
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>
<ul>
<li class="level1"><div class="li"> Pour Nginx:</div>
</li>
</ul>
<pre class="code file nginx">server {
listen 80;
server_name bugzilla.example.com;
root /path/to/application;
# Requête interne d'authentification
location = /lmauth {
internal;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
# Ignorer les données postées
fastcgi_pass_request_body off;
fastcgi_param CONTENT_LENGTH "";
# Conserver le nom d'hôte original
fastcgi_param HOST $http_host;
# Conserver la requête originale (le serveur LLNG va recevoir /llauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
&nbsp;
# Requêtes clients
location / {
auth_request /lmauth;
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
auth_request_set $lmlocation $upstream_http_location;
error_page 401 $lmlocation;
try_files $uri $uri/ =404;
&nbsp;
...
&nbsp;
include /etc/lemonldap-ng/nginx-lua-headers.conf;
}
location / {
try_files $uri $uri/ =404;
}
}</pre>
</div><!-- EDIT5 SECTION "Bugzilla virtual host" [654-1913] -->
<h3 class="sectionedit6" id="bugzilla_virtual_host_in_manager">Hôte virtuel Bugzilla dans le manager</h3>
<div class="level3">
<p>
Aller dans le manager et <a href="../configvhost.html#lemonldapng_configuration" class="wikilink1" title="documentation:2.0:configvhost">créer un nouvel hôte virtuel</a> pour Bugzilla.
</p>
<p>
Configurer les <a href="../writingrulesand_headers.html#rules" class="wikilink1" title="documentation:2.0:writingrulesand_headers">règles d'accès</a>.
</p>
<p>
Configurer les <a href="../writingrulesand_headers.html#headers" class="wikilink1" title="documentation:2.0:writingrulesand_headers">en-têtes</a> suivants.
</p>
<ul>
<li class="level1"><div class="li"> <strong>Auth-User</strong>: $uid</div>
</li>
<li class="level1"><div class="li"> <strong>Auth-Mail</strong>: $mail</div>
</li>
<li class="level1"><div class="li"> <strong>Auth-Cn</strong>: $cn</div>
</li>
</ul>
</div><!-- EDIT6 SECTION "Bugzilla virtual host in Manager" [1914-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/bugzilla_logo.png_documentation_2.0_applications_bugzilla.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:bugzilla_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="bugzilla.html"/>
<link rel="contents" href="bugzilla.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:bugzilla_logo.png </h1>
<div class="content">
<a href="bugzilla_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="61" height="80" class="img_detail" alt="bugzilla_logo.png" title="bugzilla_logo.png" src="bugzilla_logo.f274c243263eb23ca6744a85c48196e8.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> bugzilla_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>bugzilla_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>6KB</dd><dt>Width:</dt><dd>61</dd><dt>Height:</dt><dd>80</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="bugzilla.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:bugzilla [B]">Back to documentation:2.0:applications:bugzilla</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

177
po-doc/fr/pages/documentation/current/applications/cornerstone.html
View File

@ -1,177 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:cornerstone</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,cornerstone"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="cornerstone.html"/>
<link rel="contents" href="cornerstone.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:cornerstone","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#new_service_provider">Nouveau fournisseur de service</a></div></li>
<li class="level2"><div class="li"><a href="#csod_control_panel">Panneau de configuration CSOD</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#certificate">Certificat</a></div></li>
<li class="level3"><div class="li"><a href="#saml_assertion">Assertion SAML</a></div></li>
</ul></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="cornerstone_on_demand">Cornerstone On Demand</h1>
<div class="level1">
<p>
<a href="csod_logo.png_documentation_2.0_applications_cornerstone.html" class="media" title="applications:csod_logo.png"><img src="csod_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "Cornerstone On Demand" [1-73] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://www.cornerstoneondemand.com/" class="urlextern" title="http://www.cornerstoneondemand.com/" rel="nofollow">CornerStone On Demand (CSOD)</a> allows one to use <abbr title="Security Assertion Markup Language">SAML</abbr> to authenticate users. Il fonctionne par défaut avec un mécanisme initié par l'IDP mais permet un fonctionnement standard initié par le SP.
</p>
<p>
Pour fonctionner avec <abbr title="LemonLDAP::NG">LL::NG</abbr> il faut :
</p>
<ul>
<li class="level1"><div class="li"> un compte entreprise</div>
</li>
<li class="level1"><div class="li"> <abbr title="LemonLDAP::NG">LL::NG</abbr> configuré comme <a href="../idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">fournisseur d'identité SAML</a></div>
</li>
<li class="level1"><div class="li"> Enregistrer les utilisateurs dans CSOD avec la même adresse mail que celle utilisée dans <abbr title="LemonLDAP::NG">LL::NG</abbr> (l'adresse mail sera le NameID échangé entre CSOD et <abbr title="LemonLDAP::NG">LL::NG</abbr>)</div>
</li>
</ul>
</div><!-- EDIT2 SECTION "Presentation" [74-578] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Configuration" [579-605] -->
<h3 class="sectionedit4" id="new_service_provider">Nouveau fournisseur de service</h3>
<div class="level3">
<p>
Il est nécessaire d'avoir configuré <abbr title="LemonLDAP::NG">LL::NG</abbr> comme <a href="../idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">fournisseur d'identité SAML</a>,
</p>
<p>
Ajouter CSOD comme nouveau fournisseur de service <abbr title="Security Assertion Markup Language">SAML</abbr> :
</p>
<ol>
<li class="level1"><div class="li"> Dans le manager, cliquer sur fournisseurs de service <abbr title="Security Assertion Markup Language">SAML</abbr> puis sur le bouton <code>Nouveau fournisseur de service</code>.</div>
</li>
<li class="level1"><div class="li"> Mettre csod comme nom de fournisseur de service.</div>
</li>
<li class="level1"><div class="li"> Mettre <code>Email</code> dans <code>Options</code> » <code>Réponse d'authentification</code> » <code>Format NameID par défaut</code></div>
</li>
<li class="level1"><div class="li"> Selectionner <code>Metadata</code>, et déprotéger le champ pour y mettre :</div>
</li>
</ol>
<pre class="code file xml"><span class="sc3"><span class="re1">&lt;md:EntityDescriptor</span> <span class="re0">entityID</span>=<span class="st0">"mycompanyid.csod.com"</span> <span class="re0">xmlns</span>=<span class="st0">"urn:oasis:names:tc:SAML:2.0:metadata"</span> <span class="re0">xmlns:ds</span>=<span class="st0">"http://www.w3.org/2000/09/xmldsig#"</span> <span class="re0">xmlns:md</span>=<span class="st0">"urn:oasis:names:tc:SAML:2.0:metadata"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;SPSSODescriptor</span> <span class="re0">protocolSupportEnumeration</span>=<span class="st0">"urn:oasis:names:tc:SAML:2.0:protocol"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;KeyDescriptor</span> <span class="re0">use</span>=<span class="st0">"signing"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;ds:KeyInfo</span> <span class="re0">xmlns:ds</span>=<span class="st0">"http://www.w3.org/2000/09/xmldsig#"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;ds:X509Data<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;ds:X509Certificate<span class="re2">&gt;</span></span></span>
Base64 encoded CSOD certificate
<span class="sc3"><span class="re1">&lt;/ds:X509Certificate<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/ds:X509Data<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/ds:KeyInfo<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/KeyDescriptor<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;AssertionConsumerService</span> <span class="re0">Binding</span>=<span class="st0">"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"</span> <span class="re0">Location</span>=<span class="st0">"https://mycompanyid.csod.com/samldefault.aspx"</span> <span class="re0">index</span>=<span class="st0">"1"</span> <span class="re2">/&gt;</span></span>
<span class="sc3"><span class="re1">&lt;NameIDFormat<span class="re2">&gt;</span></span></span>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress<span class="sc3"><span class="re1">&lt;/NameIDFormat<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/SPSSODescriptor<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/md:EntityDescriptor<span class="re2">&gt;</span></span></span></pre>
<div class="noteimportant">Changer <strong>mycompanyid</strong> (dans <code>AssertionConsumerService</code> markup, parameter <code>Location</code>) avec l'ID CSOD de l'entreprise et mettre la valeur du certificat dans ds:X509Certificate markup
</div>
</div><!-- EDIT4 SECTION "New Service Provider" [606-2120] -->
<h3 class="sectionedit5" id="csod_control_panel">Panneau de configuration CSOD</h3>
<div class="level3">
<p>
CSOD nécessite 2 éléments pour configurer <abbr title="LemonLDAP::NG">LL::NG</abbr> comme IDP :
</p>
<ul>
<li class="level1"><div class="li"> Certificat</div>
</li>
<li class="level1"><div class="li"> Assertion <abbr title="Security Assertion Markup Language">SAML</abbr></div>
</li>
</ul>
</div>
<h4 id="certificate">Certificat</h4>
<div class="level4">
<p>
Voir les <a href="../samlservice.html#security_parameters" class="wikilink1" title="documentation:2.0:samlservice">paramètres de sécurité SAML</a> pour générer un certificat avec une clef privée <abbr title="Security Assertion Markup Language">SAML</abbr>.
</p>
</div>
<h4 id="saml_assertion">Assertion SAML</h4>
<div class="level4">
<p>
Il faut utiliser la fonctionnalité initiée par l'IDP de <abbr title="LemonLDAP::NG">LL::NG</abbr>. Lancer simplement cette <abbr title="Uniform Resource Locator">URL</abbr>:
</p>
<pre class="code">https://auth.example.com/saml/singleSignOn?IDPInitiated=1&amp;sp=mycompanyid.csod.com</pre>
</div><!-- EDIT5 SECTION "CSOD control panel" [2121-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/csod_logo.png_documentation_2.0_applications_cornerstone.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:csod_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="cornerstone.html"/>
<link rel="contents" href="cornerstone.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:csod_logo.png </h1>
<div class="content">
<a href="csod_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="293" height="108" class="img_detail" alt="csod_logo.png" title="csod_logo.png" src="csod_logo.98601d1d0f9c2c830e0058d139a1d95e.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> csod_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>csod_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>32KB</dd><dt>Width:</dt><dd>293</dd><dt>Height:</dt><dd>108</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="cornerstone.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:cornerstone [B]">Back to documentation:2.0:applications:cornerstone</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

77
po-doc/fr/pages/documentation/current/applications/django.html
View File

@ -1,77 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:django</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,django"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="django.html"/>
<link rel="contents" href="django.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:django","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="django">Django</h1>
<div class="level1">
</div><!-- EDIT1 SECTION "Django" [1-22] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="https://www.djangoproject.com/" class="urlextern" title="https://www.djangoproject.com/" rel="nofollow">Django</a> est un framework web de haut niveau écrit en Python qui favorise le développement rapide et propre et un design pragmatique.
</p>
</div><!-- EDIT2 SECTION "Presentation" [23-191] -->
<h2 class="sectionedit3" id="connector">Connecteur</h2>
<div class="level2">
<p>
The Django connector is available on GitHub: <a href="https://github.com/rclsilver/django-lemonldap" class="urlextern" title="https://github.com/rclsilver/django-lemonldap" rel="nofollow">https://github.com/rclsilver/django-lemonldap</a>
</p>
<p>
Voir le README pour l'installer et le configurer.
</p>
</div><!-- EDIT3 SECTION "Connector" [192-] -->
</div>
</body>
</html>

218
po-doc/fr/pages/documentation/current/applications/dokuwiki.html
View File

@ -1,218 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:dokuwiki</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,dokuwiki"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="dokuwiki.html"/>
<link rel="contents" href="dokuwiki.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:dokuwiki","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#http_headers">HTTP headers</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#plugin_installation">Plugin installation</a></div></li>
<li class="level2"><div class="li"><a href="#dokuwiki_configuration">Dokuwiki configuration</a></div></li>
<li class="level2"><div class="li"><a href="#dokuwiki_virtual_host">Dokuwiki virtual host</a></div></li>
<li class="level2"><div class="li"><a href="#dokuwiki_virtual_host_in_manager">Hôte virtuel Dokuwiki dans le manager</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="dokuwiki">Dokuwiki</h1>
<div class="level1">
<p>
<a href="dokuwiki_logo.png_documentation_2.0_applications_dokuwiki.html" class="media" title="applications:dokuwiki_logo.png"><img src="dokuwiki_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "Dokuwiki" [1-64] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://www.dokuwiki.org/" class="urlextern" title="http://www.dokuwiki.org/" rel="nofollow">DokuWiki</a> est un wiki simple et standard principalement destiné à la création de documents de toute nature. Il est destiné aux équipes de développeurs, groupes de travail ou petites entreprises. Il dispose d'une syntaxe simple mais puissante qui fait que les fichiers de données restent lisibles en dehors du Wiki, et facilite la création de textes structurés. Toutes les données sont stockées dans des fichiers texte, aucune base de données n'est nécessaire.
</p>
<div class="notetip">Le wiki LemonLDAP::NG est un Dokuwiki !
</div>
</div><!-- EDIT2 SECTION "Presentation" [65-559] -->
<h2 class="sectionedit3" id="http_headers">HTTP headers</h2>
<div class="level2">
<p>
You need to install a Dokuwiki plugin, available on <a href="https://www.dokuwiki.org/plugins" class="urlextern" title="https://www.dokuwiki.org/plugins" rel="nofollow">Dokuwiki plugins registry</a>: <a href="https://www.dokuwiki.org/plugin:authlemonldap" class="urlextern" title="https://www.dokuwiki.org/plugin:authlemonldap" rel="nofollow">https://www.dokuwiki.org/plugin:authlemonldap</a>
</p>
</div><!-- EDIT3 SECTION "HTTP headers" [560-748] -->
<h3 class="sectionedit4" id="plugin_installation">Plugin installation</h3>
<div class="level3">
<p>
Install the plugin using the <a href="https://www.dokuwiki.org/plugin:plugin" class="urlextern" title="https://www.dokuwiki.org/plugin:plugin" rel="nofollow">Plugin Manager</a>.
</p>
</div><!-- EDIT4 SECTION "Plugin installation" [749-868] -->
<h3 class="sectionedit5" id="dokuwiki_configuration">Dokuwiki configuration</h3>
<div class="level3">
<p>
As administrator, go in Dokuwiki parameters and set:
</p>
<ul>
<li class="level1"><div class="li"> Authentication backend: authlemonldap</div>
</li>
<li class="level1"><div class="li"> Manager: set which users and/or groups will be admin</div>
</li>
</ul>
<p>
<a href="screenshot_dokuwiki_configuration.png_documentation_2.0_applications_dokuwiki.html" class="media" title="applications:screenshot_dokuwiki_configuration.png"><img src="screenshot_dokuwiki_configuration.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT5 SECTION "Dokuwiki configuration" [869-1114] -->
<h3 class="sectionedit6" id="dokuwiki_virtual_host">Dokuwiki virtual host</h3>
<div class="level3">
<p>
Configurer l'hôte virtuel Dokuwiki comme n'importe quel autre <a href="../configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">hôte virtuel protégé</a>.
</p>
<ul>
<li class="level1"><div class="li"> Pour Apache:</div>
</li>
</ul>
<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
<span class="kw1">ServerName</span> dokuwiki.example.com
&nbsp;
PerlHeaderParserHandler Lemonldap::NG::Handler
&nbsp;
...
&nbsp;
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>
<ul>
<li class="level1"><div class="li"> Pour Nginx:</div>
</li>
</ul>
<pre class="code file nginx">server {
listen 80;
server_name dokuwiki.example.com;
root /path/to/application;
# Requête interne d'authentification
location = /lmauth {
internal;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
# Ignorer les données postées
fastcgi_pass_request_body off;
fastcgi_param CONTENT_LENGTH "";
# Conserver le nom d'hôte original
fastcgi_param HOST $http_host;
# Conserver la requête originale (le serveur LLNG va recevoir /llauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
&nbsp;
# Requêtes clients
location / {
auth_request /lmauth;
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
auth_request_set $lmlocation $upstream_http_location;
error_page 401 $lmlocation;
try_files $uri $uri/ =404;
&nbsp;
...
&nbsp;
include /etc/lemonldap-ng/nginx-lua-headers.conf;
}
location / {
try_files $uri $uri/ =404;
}
}</pre>
</div><!-- EDIT6 SECTION "Dokuwiki virtual host" [1115-2376] -->
<h3 class="sectionedit7" id="dokuwiki_virtual_host_in_manager">Hôte virtuel Dokuwiki dans le manager</h3>
<div class="level3">
<p>
Aller dans le manager et <a href="../configvhost.html#lemonldapng_configuration" class="wikilink1" title="documentation:2.0:configvhost">créer un nouvel hôte virtuel</a> pour Dokuwiki.
</p>
<p>
Configurer les <a href="../writingrulesand_headers.html#rules" class="wikilink1" title="documentation:2.0:writingrulesand_headers">règles d'accès</a>.
</p>
<p>
Configure the <a href="../writingrulesand_headers.html#headers" class="wikilink1" title="documentation:2.0:writingrulesand_headers">headers</a>:
</p>
<ul>
<li class="level1"><div class="li"> Auth-User $uid</div>
</li>
<li class="level1"><div class="li"> Auth-Cn: $cn</div>
</li>
<li class="level1"><div class="li"> Auth-Mail: $mail</div>
</li>
<li class="level1"><div class="li"> Auth-Groups: encode_base64($groups,'')</div>
</li>
</ul>
<div class="noteimportant">To allow execution of encode_base64() method, you must deactivate the <a href="../safejail.html" class="wikilink1" title="documentation:2.0:safejail">Safe jail</a>.
</div>
</div><!-- EDIT7 SECTION "Dokuwiki virtual host in Manager" [2377-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/dokuwiki_logo.png_documentation_2.0_applications_dokuwiki.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:dokuwiki_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="dokuwiki.html"/>
<link rel="contents" href="dokuwiki.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:dokuwiki_logo.png </h1>
<div class="content">
<a href="dokuwiki_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="80" height="80" class="img_detail" alt="dokuwiki_logo.png" title="dokuwiki_logo.png" src="dokuwiki_logo.6fc278ad7805b3a76d4a755c7e77efee.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> dokuwiki_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>dokuwiki_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>14KB</dd><dt>Width:</dt><dd>80</dd><dt>Height:</dt><dd>80</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="dokuwiki.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:dokuwiki [B]">Back to documentation:2.0:applications:dokuwiki</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

230
po-doc/fr/pages/documentation/current/applications/drupal.html
View File

@ -1,230 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:drupal</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,drupal"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="drupal.html"/>
<link rel="contents" href="drupal.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:drupal","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#installation">Installation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#drupal_module_activation">Activation du module Drupal</a></div></li>
<li class="level2"><div class="li"><a href="#drupal_virtual_host">Hôte virtuel Drupal</a></div></li>
<li class="level2"><div class="li"><a href="#drupal_virtual_host_in_manager">Hôte virtuel Drupal dans le manager</a></div></li>
<li class="level2"><div class="li"><a href="#protect_only_the_administration_pages">Protéger seulement la page d'administration</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="drupal">Drupal</h1>
<div class="level1">
<p>
<a href="drupal_logo.png_documentation_2.0_applications_drupal.html" class="media" title="applications:drupal_logo.png"><img src="drupal_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "Drupal" [1-60] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://drupal.org" class="urlextern" title="http://drupal.org" rel="nofollow">Drupal</a> est un <abbr title="Système de gestion de contenu">CMS</abbr> écrit en PHP. Il peut utiliser des modules externes pour étendre ses fonctionnalités. L'un de ses modules peut être utilisé pour déléger l'authentification serveur au serveur web : <a href="http://drupal.org/project/Webserver_auth" class="urlextern" title="http://drupal.org/project/Webserver_auth" rel="nofollow">Webserver Auth</a>.
</p>
</div><!-- EDIT2 SECTION "Presentation" [61-353] -->
<h2 class="sectionedit3" id="installation">Installation</h2>
<div class="level2">
<p>
Télécharger et installer le module <a href="http://drupal.org/project/Webserver_auth" class="urlextern" title="http://drupal.org/project/Webserver_auth" rel="nofollow">Webserver Auth</a>, en le décompressant dans le répertoire modules/.
</p>
</div><!-- EDIT3 SECTION "Installation" [354-526] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT4 SECTION "Configuration" [527-553] -->
<h3 class="sectionedit5" id="drupal_module_activation">Activation du module Drupal</h3>
<div class="level3">
<p>
Aller dans l'interface administration et activer le module Webserver Auth.
</p>
</div><!-- EDIT5 SECTION "Drupal module activation" [554-666] -->
<h3 class="sectionedit6" id="drupal_virtual_host">Hôte virtuel Drupal</h3>
<div class="level3">
<p>
Configurer l'hôte virtuel Drupal comme n'importe quel autre <a href="../configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">hôte virtuel protégé</a>.
</p>
<div class="noteimportant">Si Drupal est protégé par un reverse-proxy <abbr title="LemonLDAP::NG">LL::NG</abbr>, <a href="../header_remote_user_conversion.html" class="wikilink1" title="documentation:2.0:header_remote_user_conversion">convertir l'en-tête en variable d'environnement REMOTE_USER</a>.
</div><ul>
<li class="level1"><div class="li"> Pour Apache:</div>
</li>
</ul>
<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
<span class="kw1">ServerName</span> drupal.example.com
&nbsp;
PerlHeaderParserHandler Lemonldap::NG::Handler
&nbsp;
...
&nbsp;
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>
<ul>
<li class="level1"><div class="li"> Pour Nginx:</div>
</li>
</ul>
<pre class="code file nginx">server {
listen 80;
server_name drupal.example.com;
root /path/to/application;
# Requête interne d'authentification
location = /lmauth {
internal;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
# Ignorer les données postées
fastcgi_pass_request_body off;
fastcgi_param CONTENT_LENGTH "";
# Conserver le nom d'hôte original
fastcgi_param HOST $http_host;
# Conserver la requête originale (le serveur LLNG va recevoir /llauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
&nbsp;
# Requêtes clients
location / {
auth_request /lmauth;
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
auth_request_set $lmlocation $upstream_http_location;
error_page 401 $lmlocation;
try_files $uri $uri/ =404;
&nbsp;
...
&nbsp;
include /etc/lemonldap-ng/nginx-lua-headers.conf;
}
location / {
try_files $uri $uri/ =404;
}
}</pre>
</div><!-- EDIT6 SECTION "Drupal virtual host" [667-2092] -->
<h3 class="sectionedit7" id="drupal_virtual_host_in_manager">Hôte virtuel Drupal dans le manager</h3>
<div class="level3">
<p>
Aller dans le manager et <a href="../configvhost.html#lemonldapng_configuration" class="wikilink1" title="documentation:2.0:configvhost">créer un nouvel hôte virtuel</a> pour Drupal.
</p>
<p>
Configurer simplement la <a href="../writingrulesand_headers.html#rules" class="wikilink1" title="documentation:2.0:writingrulesand_headers">règle d'accès</a>.
</p>
<p>
Si <abbr title="LemonLDAP::NG">LL::NG</abbr> est utilisé par reverse-proxy, configurer l'<a href="../writingrulesand_headers.html#headers" class="wikilink1" title="documentation:2.0:writingrulesand_headers">en-tête</a> <code>Auth-User</code>, aucun autre en-tête n'est utile.
</p>
</div><!-- EDIT7 SECTION "Drupal virtual host in Manager" [2093-2446] -->
<h3 class="sectionedit8" id="protect_only_the_administration_pages">Protéger seulement la page d'administration</h3>
<div class="level3">
<p>
Avec la solution ci-dessus, tout le site Drupal sera protégé, ainsi aucun accès anonyme ne sera autorisé.
</p>
<div class="noteimportant">Vous ne pouvez pas utiliser la règle <code>unprotect</code> car la navigation Drupal est basée sur des requêtes basées sur des attributs (?q=admin, ?q=user, etc.), et la règle unprotect ne fonctionne que sur des correspondances d'<abbr title="Uniform Resource Locator">URL</abbr>.
</div>
<p>
Vous pouvez créer un hôte virtuel particulier et utiliser <a href="http://httpd.apache.org/docs/current/mod/mod_rewrite.html" class="urlextern" title="http://httpd.apache.org/docs/current/mod/mod_rewrite.html" rel="nofollow">le module rewrite d'Apache</a> pour choisir entre le site ouvert et le protégé :
</p>
<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
<span class="kw1">ServerName</span> drupal.example.com
&nbsp;
<span class="co1"># DocumentRoot</span>
<span class="kw1">DocumentRoot</span> /var/www/html/drupal/
<span class="kw1">DirectoryIndex</span> index.php
&nbsp;
<span class="co1"># Redirect admin pages</span>
<span class="kw1">RewriteEngine</span> <span class="kw2">On</span>
<span class="kw1">RewriteCond</span> %{QUERY_STRING} q=(admin|<span class="kw1">user</span>)
<span class="kw1">RewriteRule</span> ^/(.*)$ http://admindrupal.example.com/$1 [R]
&nbsp;
<span class="kw1">LogLevel</span> warn
<span class="kw1">ErrorLog</span> /var/log/httpd/drupal-error.log
<span class="kw1">CustomLog</span> /var/log/httpd/drupal-access.log combined
&lt;/<span class="kw3">VirtualHost</span>&gt;
&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
<span class="kw1">ServerName</span> admindrupal.example.com
&nbsp;
<span class="co1"># Protection SSO</span>
PerlHeaderParserHandler Lemonldap::NG::Handler
&nbsp;
<span class="co1"># DocumentRoot</span>
<span class="kw1">DocumentRoot</span> /var/www/html/drupal/
<span class="kw1">DirectoryIndex</span> index.php
&nbsp;
<span class="kw1">LogLevel</span> warn
<span class="kw1">ErrorLog</span> /var/log/httpd/admindrupal-error.log
<span class="kw1">CustomLog</span> /var/log/httpd/admindrupal-access.log combined
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>
</div><!-- EDIT8 SECTION "Protect only the administration pages" [2447-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/drupal_logo.png_documentation_2.0_applications_drupal.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:drupal_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="drupal.html"/>
<link rel="contents" href="drupal.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:drupal_logo.png </h1>
<div class="content">
<a href="drupal_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="70" height="80" class="img_detail" alt="drupal_logo.png" title="drupal_logo.png" src="drupal_logo.0d0fb793c9f8bb9348d27771468adf1c.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> drupal_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>drupal_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>6KB</dd><dt>Width:</dt><dd>70</dd><dt>Height:</dt><dd>80</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="drupal.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:drupal [B]">Back to documentation:2.0:applications:drupal</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

120
po-doc/fr/pages/documentation/current/applications/fusiondirectory.html
View File

@ -1,120 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:fusiondirectory</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,fusiondirectory"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="fusiondirectory.html"/>
<link rel="contents" href="fusiondirectory.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:fusiondirectory","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#fusiondirectory1">FusionDirectory</a></div></li>
<li class="level2"><div class="li"><a href="#llng">LL::NG</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="fusiondirectory">FusionDirectory</h1>
<div class="level1">
<p>
<img src="fusiondirectory-logo.jpeg" class="mediacenter" alt="" />
</p>
</div><!-- EDIT1 SECTION "FusionDirectory" [1-85] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="https://www.fusiondirectory.org/" class="urlextern" title="https://www.fusiondirectory.org/" rel="nofollow">FusionDirectory</a> provides a solution to daily management of data stored in an LDAP directory.
</p>
</div><!-- EDIT2 SECTION "Presentation" [86-242] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Configuration" [243-269] -->
<h3 class="sectionedit4" id="fusiondirectory1">FusionDirectory</h3>
<div class="level3">
<p>
Go in Configuration and in Login and Session panel. Set:
</p>
<ul>
<li class="level1"><div class="li"> <strong>HTTP Header authentication</strong>: Activate</div>
</li>
<li class="level1"><div class="li"> <strong>Header name</strong>: Auth-User</div>
</li>
</ul>
<p>
See also <a href="https://documentation.fusiondirectory.org/en/documentation/admin_installation/core_configuration#login-and-session" class="urlextern" title="https://documentation.fusiondirectory.org/en/documentation/admin_installation/core_configuration#login-and-session" rel="nofollow">https://documentation.fusiondirectory.org/en/documentation/admin_installation/core_configuration#login-and-session</a>
</p>
</div><!-- EDIT4 SECTION "FusionDirectory" [270-555] -->
<h3 class="sectionedit5" id="llng">LL::NG</h3>
<div class="level3">
<p>
Renseigner simplement l'en-tête <code>Auth-User</code> avec l'attribut qui contient le nom de login, par exemple <code>$uid</code>.
</p>
</div><!-- EDIT5 SECTION "LL::NG" [556-] -->
</div>
</body>
</html>

216
po-doc/fr/pages/documentation/current/applications/gitlab.html
View File

@ -1,216 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:gitlab</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,gitlab"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="gitlab.html"/>
<link rel="contents" href="gitlab.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:gitlab","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#saml">SAML</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#gitlab_configuration">Gitlab configuration</a></div></li>
<li class="level2"><div class="li"><a href="#llng_configuration">LL::NG configuration</a></div></li>
<li class="level2"><div class="li"><a href="#manage_groups">Manage groups</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="gitlab">Gitlab</h1>
<div class="level1">
<p>
<img src="gitlab_logo.png" class="mediacenter" alt="" />
</p>
</div><!-- EDIT1 SECTION "Gitlab" [1-67] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
See <a href="https://about.gitlab.com/" class="urlextern" title="https://about.gitlab.com/" rel="nofollow">Gitlab</a> page for product presentation.
</p>
<p>
Gitlab allows one to use <abbr title="Security Assertion Markup Language">SAML</abbr> to authenticate users, see <a href="https://docs.gitlab.com/ee/integration/saml.html" class="urlextern" title="https://docs.gitlab.com/ee/integration/saml.html" rel="nofollow">official documentation</a>
</p>
</div><!-- EDIT2 SECTION "Presentation" [68-300] -->
<h2 class="sectionedit3" id="saml">SAML</h2>
<div class="level2">
<p>
For this example, we use these sample values:
* Gitlab <abbr title="Uniform Resource Locator">URL</abbr> : <a href="https://gitlab.example.com" class="urlextern" title="https://gitlab.example.com" rel="nofollow">https://gitlab.example.com</a>
* <abbr title="LemonLDAP::NG">LL::NG</abbr> portal <abbr title="Uniform Resource Locator">URL</abbr> : <a href="https://auth.example.com" class="urlextern" title="https://auth.example.com" rel="nofollow">https://auth.example.com</a>
</p>
</div><!-- EDIT3 SECTION "SAML" [301-456] -->
<h3 class="sectionedit4" id="gitlab_configuration">Gitlab configuration</h3>
<div class="level3">
<p>
Find the gitlab.rb file and add these settings:
</p>
<pre class="code">vi /etc/gitlab/gitlab.rb</pre>
<pre class="code file ruby">gitlab_rails<span class="br0">[</span><span class="st0">'omniauth_enabled'</span><span class="br0">]</span> = <span class="kw2">true</span>
gitlab_rails<span class="br0">[</span><span class="st0">'omniauth_allow_single_sign_on'</span><span class="br0">]</span> = <span class="br0">[</span><span class="st0">'saml'</span><span class="br0">]</span>
gitlab_rails<span class="br0">[</span><span class="st0">'omniauth_auto_link_saml_user'</span><span class="br0">]</span> = <span class="kw2">true</span>
gitlab_rails<span class="br0">[</span><span class="st0">'omniauth_block_auto_created_users'</span><span class="br0">]</span> = <span class="kw2">false</span>
&nbsp;
gitlab_rails<span class="br0">[</span><span class="st0">'omniauth_providers'</span><span class="br0">]</span> = <span class="br0">[</span>
<span class="br0">{</span>
name: <span class="st0">'saml'</span>,
args: <span class="br0">{</span>
assertion_consumer_service_url: <span class="st0">'https://gitlab.example.com/users/auth/saml/callback'</span>,
idp_cert_fingerprint: <span class="st0">'99:BE:7B:68:3F:XX:7D:EF:6B:C3:XX:C0:0E:XX:D4:EA:02:XX:83:2A'</span>,
idp_sso_target_url: <span class="st0">'https://auth.example.com/saml/singleSignOn'</span>,
issuer: <span class="st0">'https://gitlab.example.com'</span>,
name_identifier_format: <span class="st0">'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'</span>
<span class="br0">}</span>,
label: <span class="st0">'Login with LL::NG'</span> <span class="co1"># optional label for SAML login button</span>
<span class="br0">}</span>
<span class="br0">]</span></pre>
<div class="notetip">To get the fingerprint of IDP certificate, copy <abbr title="Security Assertion Markup Language">SAML</abbr> certificate from <abbr title="LemonLDAP::NG">LL::NG</abbr> configuration in a file and use openssl:
<pre class="code">openssl x509 -in CERT.pem -noout -fingerprint</pre>
</div>
<p>
You can force <abbr title="Security Assertion Markup Language">SAML</abbr> by default with this option:
</p>
<pre class="code file ruby">gitlab_rails<span class="br0">[</span><span class="st0">'omniauth_auto_sign_in_with_provider'</span><span class="br0">]</span> = <span class="st0">'saml'</span></pre>
<p>
In this case, users won't be able to log directly on gitlab. Set it once you are sure the <abbr title="Security Assertion Markup Language">SAML</abbr> configuration is valid.
</p>
<p>
To apply changes:
</p>
<pre class="code">gitlab-ctl reconfigure</pre>
</div><!-- EDIT4 SECTION "Gitlab configuration" [457-1849] -->
<h3 class="sectionedit5" id="llng_configuration">LL::NG configuration</h3>
<div class="level3">
<p>
We suppose <abbr title="LemonLDAP::NG">LL::NG</abbr> is configured as <abbr title="Security Assertion Markup Language">SAML</abbr> IDP, and that you converted the public key into a certificate for <abbr title="Security Assertion Markup Language">SAML</abbr> signature. You must enable the option to send certificates in response. If you don't want to, you need to copy the certificate value into Gitlab configuration, in `idp_cert` parameter.
</p>
<p>
You can get Gitlab <abbr title="Security Assertion Markup Language">SAML</abbr> metadata on <a href="https://gitlab.example.com/users/auth/saml/metadata" class="urlextern" title="https://gitlab.example.com/users/auth/saml/metadata" rel="nofollow">https://gitlab.example.com/users/auth/saml/metadata</a>
</p>
<p>
Register them in <abbr title="LemonLDAP::NG">LL::NG</abbr> and send these <abbr title="Security Assertion Markup Language">SAML</abbr> attributes:
</p>
<ul>
<li class="level1"><div class="li"> mail ⇒ email</div>
</li>
<li class="level1"><div class="li"> uid ⇒ uid</div>
</li>
<li class="level1"><div class="li"> cn ⇒ name</div>
</li>
</ul>
<div class="noteimportant">The value from <abbr title="LemonLDAP::NG">LL::NG</abbr> mail session attribute must be the email of the user in Gitlab database, in order to associate accounts.
</div>
</div><!-- EDIT5 SECTION "LL::NG configuration" [1850-2524] -->
<h3 class="sectionedit6" id="manage_groups">Manage groups</h3>
<div class="level3">
<p>
You can pass groups to Gitlab. For this, declare groups attribute in gitlab.rb:
</p>
<pre class="code file ruby">...
<span class="me1">gitlab_rails</span><span class="br0">[</span><span class="st0">'omniauth_providers'</span><span class="br0">]</span> = <span class="br0">[</span>
<span class="br0">{</span>
name: <span class="st0">'saml'</span>,
groups_attribute: <span class="st0">'groups'</span>,
...</pre>
<p>
And in <abbr title="LemonLDAP::NG">LL::NG</abbr>, export the groups attribute:
</p>
<ul>
<li class="level1"><div class="li"> groups ⇒ groups</div>
</li>
</ul>
</div><!-- EDIT6 SECTION "Manage groups" [2525-] -->
</div>
</body>
</html>

90
po-doc/fr/pages/documentation/current/applications/glpi.html
View File

@ -1,90 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:glpi</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,glpi"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="glpi.html"/>
<link rel="contents" href="glpi.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:glpi","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="glpi">GLPI</h1>
<div class="level1">
<p>
<img src="glpi_logo.png" class="mediacenter" alt="" />
</p>
</div><!-- EDIT1 SECTION "GLPI" [1-63] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://www.glpi-project.org" class="urlextern" title="http://www.glpi-project.org" rel="nofollow">GLPI</a> est un gestionnaire d'informations de ressources avec une interface additionnelle d'administration. On peut construire une base de données contenant un inventaire de l'entreprise (ordinateurs, logiciels, imprimantes,…). Il dispose de functions avancées pour faciliter la vie des administrateurs, telle un détecteur de tâches avec notification par mail et des méthodes pour construire la base de données avec des informations minimales sur la topologie du réseau.
</p>
</div><!-- EDIT2 SECTION "Presentation" [64-531] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
<p>
Pour GLPI &gt;= 0.71, une simple configuration de GLPI suffit : Setup → Authentication. Dans “External authentications” cliquer sur “Others” et dans “Field holding the login in the _SERVER array” choisir “REMOTE_USER”
</p>
<p>
Pour les versions plus anciennes, voir <a href="http://wiki.glpi-project.org/doku.php?id=en:authautoad" class="urlextern" title="http://wiki.glpi-project.org/doku.php?id=en:authautoad" rel="nofollow">http://wiki.glpi-project.org/doku.php?id=en:authautoad</a>
</p>
<p>
If you use Nginx, you need to add this in configuration:
</p>
<pre class="code file nginx">proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;</pre>
</div><!-- EDIT3 SECTION "Configuration" [532-] -->
</div>
</body>
</html>

234
po-doc/fr/pages/documentation/current/applications/googleapps.html
View File

@ -1,234 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:googleapps</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,googleapps"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="googleapps.html"/>
<link rel="contents" href="googleapps.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:googleapps","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#google_apps_control_panel">Panneua de contrôle Google Apps</a></div></li>
<li class="level2"><div class="li"><a href="#certificate">Certificat</a></div></li>
<li class="level2"><div class="li"><a href="#new_service_provider">Nouveau fournisseur de service</a></div></li>
<li class="level2"><div class="li"><a href="#application_menu">Menu application</a></div></li>
<li class="level2"><div class="li"><a href="#logout">Déconnexion</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="google_apps">Google Apps</h1>
<div class="level1">
<p>
<a href="googleapps_logo.png_documentation_2.0_applications_googleapps.html" class="media" title="applications:googleapps_logo.png"><img src="googleapps_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "Google Apps" [1-69] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://www.google.com/apps/" class="urlextern" title="http://www.google.com/apps/" rel="nofollow">Les applications Google</a> peuvent utiliser <abbr title="Security Assertion Markup Language">SAML</abbr> pour authentifier les utilisateurs, en se comportant comme des fournisseurs de service <abbr title="Security Assertion Markup Language">SAML</abbr>, tel qu'expliqué <a href="http://code.google.com/googleapps/domain/sso/saml_reference_implementation.html" class="urlextern" title="http://code.google.com/googleapps/domain/sso/saml_reference_implementation.html" rel="nofollow">ici</a>.
</p>
<p>
Pour fonctionner avec <abbr title="LemonLDAP::NG">LL::NG</abbr> il faut :
</p>
<ul>
<li class="level1"><div class="li"> Un <a href="http://www.google.com/apps/intl/en/business/index.html" class="urlextern" title="http://www.google.com/apps/intl/en/business/index.html" rel="nofollow">compte applicatif Google entreprise</a></div>
</li>
<li class="level1"><div class="li"> <abbr title="LemonLDAP::NG">LL::NG</abbr> configuré comme <a href="../idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">fournisseur d'identité SAML</a></div>
</li>
<li class="level1"><div class="li"> Enregistrer les utilisateurs dans Google Apps avec la même adresse mail que celle utilisée dans <abbr title="LemonLDAP::NG">LL::NG</abbr> (l'adresse mail sera le NameID échangé entre Google Apps et <abbr title="LemonLDAP::NG">LL::NG</abbr>)</div>
</li>
</ul>
</div><!-- EDIT2 SECTION "Presentation" [70-660] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Configuration" [661-687] -->
<h3 class="sectionedit4" id="google_apps_control_panel">Panneua de contrôle Google Apps</h3>
<div class="level3">
<div class="noteclassic">Cette section est basée sur la <a href="http://simplesamlphp.org/docs/1.6/simplesamlphp-googleapps" class="urlextern" title="http://simplesamlphp.org/docs/1.6/simplesamlphp-googleapps" rel="nofollow">documentation SimpleSAMLPHP</a>.
</div>
<p>
Comme administrateur, aller dans le panneau de contrôle Google Apps et cliquer sur les outils avancés click (Advanced tools) :
</p>
<p>
<a href="../documentation/googleapps-menu.png_documentation_2.0_applications_googleapps.html" class="media" title="documentation:googleapps-menu.png"><img src="../documentation/googleapps-menu.png" class="mediacenter" alt="" /></a>
</p>
<p>
Ensuite sélectionner <code>Set up single sign-on (<abbr title="Authentification unique (Single Sign On)">SSO</abbr>)</code>:
</p>
<p>
<a href="../documentation/googleapps-sso.png_documentation_2.0_applications_googleapps.html" class="media" title="documentation:googleapps-sso.png"><img src="../documentation/googleapps-sso.png" class="mediacenter" alt="" /></a>
</p>
<p>
Puis configurer tous les paramètres <abbr title="Security Assertion Markup Language">SAML</abbr> :
</p>
<p>
<a href="../documentation/googleapps-ssoconfig.png_documentation_2.0_applications_googleapps.html" class="media" title="documentation:googleapps-ssoconfig.png"><img src="../documentation/googleapps-ssoconfig.png" class="mediacenter" alt="" /></a>
</p>
<ul>
<li class="level1"><div class="li"> <strong>Enable Single Sign-On</strong>: sélectionner. Le désélectionner désactive l'authentification <abbr title="Security Assertion Markup Language">SAML</abbr> (à utiliser, si votre fournisseur d'identité est hors service).</div>
</li>
<li class="level1"><div class="li"> <strong>Sign-in page <abbr title="Uniform Resource Locator">URL</abbr></strong>: point d'accès <abbr title="Authentification unique (Single Sign On)">SSO</abbr> (HTTP-Redirect binding). Exemple : <a href="http://auth.example.com/saml/singleSignOn" class="urlextern" title="http://auth.example.com/saml/singleSignOn" rel="nofollow">http://auth.example.com/saml/singleSignOn</a></div>
</li>
<li class="level1"><div class="li"> <strong>Sign-out page <abbr title="Uniform Resource Locator">URL</abbr></strong>: il ne s'agit pas du point d'accès de déconnexion globale (SLO) (Google Apps ne le supporte pas), mais de la page de déconnexion. Exemple: <a href="http://auth.example.com/?logout=1" class="urlextern" title="http://auth.example.com/?logout=1" rel="nofollow">http://auth.example.com/?logout=1</a></div>
</li>
<li class="level1"><div class="li"> <strong>Change password <abbr title="Uniform Resource Locator">URL</abbr></strong>: où les utilisateurs peuvent changer leur mot-de-passe. Exemple: <a href="http://auth.example.com" class="urlextern" title="http://auth.example.com" rel="nofollow">http://auth.example.com</a></div>
</li>
</ul>
</div><!-- EDIT4 SECTION "Google Apps control panel" [688-1671] -->
<h3 class="sectionedit5" id="certificate">Certificat</h3>
<div class="level3">
<p>
Pour le certificate, vous pouvez le construire en signant la clef privée enregistrée dans le Manager. Selectionner la clef, et l'exporter (bouton <code>Télécharger</code>): Ceci télécharge les clefs publique et privée.
</p>
<p>
Garder la clef privée dans un fichier, par exemple lemonldap-ng-priv.key, et utiliser openssl pour générer un certificat auto-signé :
</p>
<pre class="code">openssl req -new -key lemonldap-ng-priv.key -out cert.csr
openssl x509 -req -days 3650 -in cert.csr -signkey lemonldap-ng-priv.key -out cert.pem</pre>
<p>
Télécharger ensuite le certificat (<code>cert.pem</code>) dans Google Apps.
</p>
<div class="notetip">On peut aussi utiliser le certificat au lieu de la clef publique dans les métadatas <abbr title="Security Assertion Markup Language">SAML</abbr>, voir <a href="../samlservice.html#security_parameters" class="wikilink1" title="documentation:2.0:samlservice">configuration du service SAML</a>
</div>
</div><!-- EDIT5 SECTION "Certificate" [1672-2407] -->
<h3 class="sectionedit6" id="new_service_provider">Nouveau fournisseur de service</h3>
<div class="level3">
<p>
Il est nécessaire d'avoir configuré <abbr title="LemonLDAP::NG">LL::NG</abbr> comme <a href="../idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">fournisseur d'identité SAML</a>,
</p>
<p>
Ajouter ensuite Google Apps comme nouveau fournisseur de service <abbr title="Security Assertion Markup Language">SAML</abbr> :
</p>
<ol>
<li class="level1"><div class="li"> Dans le manager, cliquer sur fournisseurs de service <abbr title="Security Assertion Markup Language">SAML</abbr> puis sur le bouton <code>Nouveau fournisseur de service</code>.</div>
</li>
<li class="level1"><div class="li"> Mettre GoogleApps comme nom de fournisseur de service.</div>
</li>
<li class="level1"><div class="li"> Mettre <code>Email</code> dans <code>Options</code> » <code>Réponse d'authentification</code> » <code>Format NameID par défaut</code></div>
</li>
<li class="level1"><div class="li"> Désactiver toutes les cases dans <code>Options</code> » <code>Signature</code>, excepté <code>Signer les messages <abbr title="Authentification unique (Single Sign On)">SSO</abbr></code> qui doit être activée</div>
</li>
<li class="level1"><div class="li"> Selectionner <code>Metadata</code>, et déprotéger le champ pour y mettre :</div>
</li>
</ol>
<pre class="code file xml"><span class="sc3"><span class="re1">&lt;md:EntityDescriptor</span> <span class="re0">entityID</span>=<span class="st0">"google.com"</span> <span class="re0">xmlns</span>=<span class="st0">"urn:oasis:names:tc:SAML:2.0:metadata"</span> <span class="re0">xmlns:ds</span>=<span class="st0">"http://www.w3.org/2000/09/xmldsig#"</span> <span class="re0">xmlns:md</span>=<span class="st0">"urn:oasis:names:tc:SAML:2.0:metadata"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;SPSSODescriptor</span> <span class="re0">protocolSupportEnumeration</span>=<span class="st0">"urn:oasis:names:tc:SAML:2.0:protocol"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;AssertionConsumerService</span> <span class="re0">Binding</span>=<span class="st0">"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"</span> <span class="re0">Location</span>=<span class="st0">"https://www.google.com/a/mydomain.org/acs"</span> <span class="re0">index</span>=<span class="st0">"1"</span> <span class="re2">/&gt;</span></span>
<span class="sc3"><span class="re1">&lt;NameIDFormat<span class="re2">&gt;</span></span></span>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress<span class="sc3"><span class="re1">&lt;/NameIDFormat<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/SPSSODescriptor<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/md:EntityDescriptor<span class="re2">&gt;</span></span></span></pre>
<div class="noteimportant">Changer <strong>mydomain.org</strong> (dans <code>AssertionConsumerService</code> markup, parameter <code>Location</code>) en votre domaine Google Apps. Adapter également l' "entityID" pour qu'elle corresponde à l'émetteur de l'assertion : google.com/a/mydomain.org
</div>
</div><!-- EDIT6 SECTION "New Service Provider" [2408-3803] -->
<h3 class="sectionedit7" id="application_menu">Menu application</h3>
<div class="level3">
<p>
Il est possible d'ajouter un lien dans le <a href="../portalmenu.html#categories_and_applications" class="wikilink1" title="documentation:2.0:portalmenu">menu application</a> pour afficher Google Apps.
</p>
<p>
Certains paramètres doivent être adaptés :
</p>
<ul>
<li class="level1"><div class="li"> <strong>Address</strong> : indiquer une des <abbr title="Uniform Resource Locator">URL</abbr> de Google Apps (chaque application Google Apps produit une <abbr title="Uniform Resource Locator">URL</abbr> distincte), par exemple <a href="http://www.google.com/calendar/hosted/mydomain.org/render" class="urlextern" title="http://www.google.com/calendar/hosted/mydomain.org/render" rel="nofollow">http://www.google.com/calendar/hosted/mydomain.org/render</a></div>
</li>
<li class="level1"><div class="li"> <strong>Display</strong> : comme Google Apps n'est pas une application protégée, indiquer <code>On</code> pour toujours l'afficher</div>
</li>
</ul>
<div class="noteimportant">Mettre <strong>mydomain.org</strong> dans le domaine Google Apps
</div>
</div><!-- EDIT7 SECTION "Application menu" [3804-4317] -->
<h3 class="sectionedit8" id="logout">Déconnexion</h3>
<div class="level3">
<p>
Google Apps ne supporte pas le Single Logout (SLO).
</p>
<p>
Google Apps ne dispose pas de paramètre de configuration pour rediriger les utilisateurs vers une <abbr title="Uniform Resource Locator">URL</abbr> spécifique après la déconnexion Google Apps (voir <a href="#google_apps_control_panel" title="documentation:2.0:applications:googleapps ↵" class="wikilink1">Google Apps control panel</a>).
</p>
<p>
Pour gérer l'autre voie (<abbr title="LemonLDAP::NG">LL::NG</abbr> → Google Apps), ajouter une <a href="../logoutforward.html" class="wikilink1" title="documentation:2.0:logoutforward">règle de redirection après déconnexion</a>:
</p>
<pre class="code">GoogleApps =&gt; http://www.google.com/calendar/hosted/mydomain.org/logout</pre>
<div class="noteimportant">Mettre <strong>mydomain.org</strong> dans le domaine Google Apps
</div>
</div><!-- EDIT8 SECTION "Logout" [4318-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/googleapps_logo.png_documentation_2.0_applications_googleapps.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:googleapps_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="googleapps.html"/>
<link rel="contents" href="googleapps.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:googleapps_logo.png </h1>
<div class="content">
<a href="googleapps_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="81" height="80" class="img_detail" alt="googleapps_logo.png" title="googleapps_logo.png" src="googleapps_logo.e7d814bf754051d6354bb729a827fea1.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> googleapps_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>googleapps_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>12KB</dd><dt>Width:</dt><dd>81</dd><dt>Height:</dt><dd>80</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="googleapps.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:googleapps [B]">Back to documentation:2.0:applications:googleapps</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

152
po-doc/fr/pages/documentation/current/applications/grr.html
View File

@ -1,152 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:grr</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,grr"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="grr.html"/>
<link rel="contents" href="grr.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:grr","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#http_header">HTTP header</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#configuration">Configuration</a></div></li>
<li class="level2"><div class="li"><a href="#grr_virtual_host_in_llng">GRR virtual host in LL::NG</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="grr">GRR</h1>
<div class="level1">
<p>
<img src="grr_logo.png" class="mediacenter" alt="" />
</p>
</div><!-- EDIT1 SECTION "GRR" [1-61] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://grr.devome.com/fr/" class="urlextern" title="http://grr.devome.com/fr/" rel="nofollow">GRR</a> est un logiciel de réservation de chambres.
</p>
</div><!-- EDIT2 SECTION "Presentation" [62-150] -->
<h2 class="sectionedit3" id="http_header">HTTP header</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "HTTP header" [151-175] -->
<h3 class="sectionedit4" id="configuration">Configuration</h3>
<div class="level3">
<p>
GRR dispose d'une page de configuration du <abbr title="Authentification unique (Single Sign On)">SSO</abbr> dans son panneau de configuration.
</p>
<p>
Do not use Lemonldap mode, which is for a very old Lemonldap version, but HTTP authentication.
</p>
<p>
Set the default profile of connected users and which headers contains surname, firstname and mail.
</p>
<p>
<img src="screenshot_grr_configuration.png" class="mediacenter" alt="" />
</p>
<p>
GRR will check the username in REMOTE_USER, so use <a href="../header_remote_user_conversion.html" class="wikilink1" title="documentation:2.0:header_remote_user_conversion">remote header conversion</a> if you are in proxy mode.
</p>
</div><!-- EDIT4 SECTION "Configuration" [176-660] -->
<h3 class="sectionedit5" id="grr_virtual_host_in_llng">GRR virtual host in LL::NG</h3>
<div class="level3">
<p>
Access rules:
</p>
<ul>
<li class="level1"><div class="li"> ^/index.php ⇒ accept</div>
</li>
<li class="level1"><div class="li"> default ⇒ unprotect</div>
</li>
</ul>
<p>
Headers:
</p>
<ul>
<li class="level1"><div class="li"> Auth-User $uid</div>
</li>
<li class="level1"><div class="li"> Auth-Sn: $sn</div>
</li>
<li class="level1"><div class="li"> Auth-GivenName: $givenName</div>
</li>
<li class="level1"><div class="li"> Auth-Mail: $mail</div>
</li>
</ul>
</div><!-- EDIT5 SECTION "GRR virtual host in LL::NG" [661-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/http_logo.png_documentation_2.0_applications_authbasic.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:http_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authbasic.html"/>
<link rel="contents" href="authbasic.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:http_logo.png </h1>
<div class="content">
<a href="http_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="107" height="80" class="img_detail" alt="http_logo.png" title="http_logo.png" src="http_logo.481fb3a7e569a7f2445a77db41e6f4c4.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> http_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>http_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>15KB</dd><dt>Width:</dt><dd>107</dd><dt>Height:</dt><dd>80</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="authbasic.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:authbasic [B]">Back to documentation:2.0:applications:authbasic</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

233
po-doc/fr/pages/documentation/current/applications/img/icons.png
View File

@ -1,233 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
lang="en" dir="ltr" class="no-js">
<head>
<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<title>documentation:2.0:applications:img:icons.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script>
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="/lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="/lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link type="text/css" rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootswatch/3.3.4/flatly/bootstrap.min.css" />
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,follow"/>
<meta name="keywords" content="documentation,2.0,applications,img,icons.png"/>
<link rel="search" type="application/opensearchdescription+xml" href="/lib/exe/opensearch.php" title="LemonLDAP::NG"/>
<link rel="start" href="/"/>
<link rel="contents" href="/documentation/2.0/applications/img/icons.png?do=index" title="Sitemap"/>
<link rel="alternate" type="application/rss+xml" title="Recent changes" href="/feed.php"/>
<link rel="alternate" type="application/rss+xml" title="Current namespace" href="/feed.php?mode=list&amp;ns=documentation:2.0:applications:img"/>
<link rel="alternate" type="text/html" title="Plain HTML" href="/_export/xhtml/documentation/2.0/applications/img/icons.png"/>
<link rel="alternate" type="text/plain" title="Wiki Markup" href="/_export/raw/documentation/2.0/applications/img/icons.png"/>
<link rel="stylesheet" type="text/css" href="/lib/exe/css.php?t=bootstrap3&amp;tseed=68165aeb4a485b8d6b99b5c80ffc4981"/>
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications:img';var JSINFO = {"id":"documentation:2.0:applications:img:icons.png","namespace":"documentation:2.0:applications:img"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="/lib/exe/js.php?tseed=68165aeb4a485b8d6b99b5c80ffc4981&amp;template=bootstrap3"></script>
<script type="text/javascript" src="/lib/tpl/bootstrap3/assets/bootstrap/js/bootstrap.min.js"></script>
<style type="text/css">
body { padding-top: 20px; }
</style>
<!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script type="text/javascript" src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
<script type="text/javascript" src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body class="flatly page-on-panel">
<!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__site" class="container">
<div id="dokuwiki__top" class="site dokuwiki mode_show tpl_bootstrap3 notFound hasSidebar">
<!-- header -->
<div id="dokuwiki__header">
<nav class="navbar navbar-default" role="navigation">
<div class="container-fluid">
<div class="navbar-header">
<button class="navbar-toggle" type="button" data-toggle="collapse" data-target=".navbar-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a href="/start" accesskey="h" title="[H]" class="navbar-brand"><img src="/_media/wiki/logo.png" alt="LemonLDAP::NG" class="pull-left" id="dw__logo" width="20" height="20" /> <span id="dw__title" >LemonLDAP::NG</span></a>
</div>
<div class="collapse navbar-collapse">
<ul class="nav navbar-nav" id="dw__navbar">
<!-- <li>
<a href="/start" ><i class="glyphicon glyphicon-home"></i> Home</a></li> -->
<li>
<a href="/download" ><i class="glyphicon glyphicon-download"></i> Download</a></li>
<li>
<a href="/documentation" ><i class="glyphicon glyphicon-book"></i> Documentation</a></li>
<li>
<a href="/screenshots" ><i class="glyphicon glyphicon-picture"></i> Screenshots</a></li>
<li class="dropdown ">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><span class="glyphicon glyphicon-question-sign"></span> Contact <b class="caret"></b></a>
<ul class="dropdown-menu">
<li><a href="/contact" ><i class="glyphicon glyphicon-envelope"></i> Mails, IRC and more</a></li>
<li><a href="/team" ><i class="glyphicon glyphicon-user"></i> The team</a></li>
<li><a href="/professionalservices" ><i class="glyphicon glyphicon-briefcase"></i> Professional Services</a></li>
<li><a href="/references" ><i class="glyphicon glyphicon-sunglasses"></i> References</a></li>
<li><a href="/sponsors" ><i class="glyphicon glyphicon-piggy-bank"></i> Sponsors</a></li>
</ul>
</li>
</ul>
<div class="navbar-right">
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=5e53528a309f1afd578fccb6a5f04cf7" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
</div>
</div>
</nav>
</div>
<!-- /header -->
<div id="dw__breadcrumbs">
<hr/>
<div class="breadcrumb"><span class="bchead">You are here: </span><span class="home"><bdi><a href="/start" class="wikilink1" title="start">start</a></bdi></span> » <bdi><a href="/documentation" class="wikilink1" title="documentation">documentation</a></bdi> » <bdi><a href="/documentation/2.0/start" class="wikilink1" title="documentation:2.0:start">2.0</a></bdi> » <bdi><a href="/documentation/2.0/applications" class="wikilink1" title="documentation:2.0:applications">applications</a></bdi> » <bdi><a href="/documentation/2.0/applications/img/start" class="wikilink2" title="documentation:2.0:applications:img:start" rel="nofollow">img</a></bdi> » <bdi><span class="curid"><a href="/documentation/2.0/applications/img/icons.png" class="wikilink2" title="documentation:2.0:applications:img:icons.png" rel="nofollow">icons.png</a></span></bdi></div>
<hr/>
</div>
<p class="pageId text-right">
<span class="label label-default">documentation:2.0:applications:img:icons.png</span>
</p>
<div id="dw__msgarea">
</div>
<main class="main row" role="main">
<!-- ********** CONTENT ********** -->
<article id="dokuwiki__content" class="col-sm-9 col-md-10 " >
<div class="panel panel-default" >
<div class="page group panel-body">
<div class="pull-right hidden-print" data-spy="affix" data-offset-top="150" style="z-index:1024; top:10px; right:10px;">
</div>
<!-- wikipage start -->
<h1 class="sectionedit1" id="this_topic_does_not_exist_yet">This topic does not exist yet</h1>
<div class="level1">
<p>
You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissions allow, you may create it by clicking on “Create this page”.
</p>
</div>
<!-- wikipage stop -->
</div>
</div>
</article>
<!-- ********** ASIDE ********** -->
<aside id="dokuwiki__aside" class="dw__sidebar col-sm-3 col-md-2 hidden-print">
<div class="content">
<div class="toogle hidden-lg hidden-md hidden-sm" data-toggle="collapse" data-target="#dokuwiki__aside .collapse">
<i class="glyphicon glyphicon-th-list"></i> Sidebar </div>
<div class="collapse in">
<p>
<div class="text-center">
</p>
<h3 class="sectionedit1" id="hosted_by">Hosted by</h3>
<div class="level3">
<p>
<a href="http://www.ow2.org" class="media" title="http://www.ow2.org" rel="nofollow"><img src="/_media/logos/ow2.png?w=150&amp;tok=b7af43" class="mediacenter" alt="" width="150" /></a>
</div>
</p>
<hr />
<p>
<div class="text-center">
</p>
</div>
<!-- EDIT1 SECTION "Hosted by" [40-174] -->
<h3 class="sectionedit2" id="certifications">Certifications</h3>
<div class="level3">
<p>
<a href="https://partenaires.franceconnect.gouv.fr/references#LogicielslibresFranceConnectables" class="media" title="https://partenaires.franceconnect.gouv.fr/references#LogicielslibresFranceConnectables" rel="nofollow"><img src="/_media/applications/franceconnect_logo.png" class="mediacenter" alt="" /></a>
<strong>France Connect</strong>
</div>
</p>
<hr />
<p>
<div class="text-center">
</p>
<p>
<script type="text/javascript" src="http://www.openhub.net/p/12421/widgets/project_users.js?style=blue"></script>
</div>
</p>
<script type='text/javascript'>
var ab_h = '321e562442494652658acbc3fd84ec80';
var ab_s = '6ca5df30810665e075f684a87e742175';
</script>
<script type='text/javascript' src='http://cdn1.adbard.net/js/ab1.js'></script>
</div>
<!-- EDIT2 SECTION "Certifications" [175-] --> </div>
</div>
</aside>
</main>
<footer id="dokuwiki__footer" class="small hidden-print">
<a href="javascript:void(0)" class="back-to-top hidden-print btn btn-default btn-sm" title="skip to content>" id="back-to-top"><i class="glyphicon glyphicon-chevron-up"></i></a>
<div class="text-center">
<p id="dw__license">
<div class="license">Except where otherwise noted, content on this wiki is licensed under the following license: <bdi><a href="http://creativecommons.org/licenses/by-nc-sa/3.0/" rel="license" class="urlextern">CC Attribution-Noncommercial-Share Alike 3.0 Unported</a></bdi></div> </p>
</div>
</footer>
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1526585770" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>
<span class="visible-md"></span>
<span class="visible-lg"></span>
</div>
</div>
<!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

233
po-doc/fr/pages/documentation/current/applications/img/loader.gif
View File

@ -1,233 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
lang="en" dir="ltr" class="no-js">
<head>
<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<title>documentation:2.0:applications:img:loader.gif [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script>
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="/lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="/lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link type="text/css" rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootswatch/3.3.4/flatly/bootstrap.min.css" />
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,follow"/>
<meta name="keywords" content="documentation,2.0,applications,img,loader.gif"/>
<link rel="search" type="application/opensearchdescription+xml" href="/lib/exe/opensearch.php" title="LemonLDAP::NG"/>
<link rel="start" href="/"/>
<link rel="contents" href="/documentation/2.0/applications/img/loader.gif?do=index" title="Sitemap"/>
<link rel="alternate" type="application/rss+xml" title="Recent changes" href="/feed.php"/>
<link rel="alternate" type="application/rss+xml" title="Current namespace" href="/feed.php?mode=list&amp;ns=documentation:2.0:applications:img"/>
<link rel="alternate" type="text/html" title="Plain HTML" href="/_export/xhtml/documentation/2.0/applications/img/loader.gif"/>
<link rel="alternate" type="text/plain" title="Wiki Markup" href="/_export/raw/documentation/2.0/applications/img/loader.gif"/>
<link rel="stylesheet" type="text/css" href="/lib/exe/css.php?t=bootstrap3&amp;tseed=68165aeb4a485b8d6b99b5c80ffc4981"/>
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications:img';var JSINFO = {"id":"documentation:2.0:applications:img:loader.gif","namespace":"documentation:2.0:applications:img"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="/lib/exe/js.php?tseed=68165aeb4a485b8d6b99b5c80ffc4981&amp;template=bootstrap3"></script>
<script type="text/javascript" src="/lib/tpl/bootstrap3/assets/bootstrap/js/bootstrap.min.js"></script>
<style type="text/css">
body { padding-top: 20px; }
</style>
<!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script type="text/javascript" src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
<script type="text/javascript" src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body class="flatly page-on-panel">
<!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__site" class="container">
<div id="dokuwiki__top" class="site dokuwiki mode_show tpl_bootstrap3 notFound hasSidebar">
<!-- header -->
<div id="dokuwiki__header">
<nav class="navbar navbar-default" role="navigation">
<div class="container-fluid">
<div class="navbar-header">
<button class="navbar-toggle" type="button" data-toggle="collapse" data-target=".navbar-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a href="/start" accesskey="h" title="[H]" class="navbar-brand"><img src="/_media/wiki/logo.png" alt="LemonLDAP::NG" class="pull-left" id="dw__logo" width="20" height="20" /> <span id="dw__title" >LemonLDAP::NG</span></a>
</div>
<div class="collapse navbar-collapse">
<ul class="nav navbar-nav" id="dw__navbar">
<!-- <li>
<a href="/start" ><i class="glyphicon glyphicon-home"></i> Home</a></li> -->
<li>
<a href="/download" ><i class="glyphicon glyphicon-download"></i> Download</a></li>
<li>
<a href="/documentation" ><i class="glyphicon glyphicon-book"></i> Documentation</a></li>
<li>
<a href="/screenshots" ><i class="glyphicon glyphicon-picture"></i> Screenshots</a></li>
<li class="dropdown ">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><span class="glyphicon glyphicon-question-sign"></span> Contact <b class="caret"></b></a>
<ul class="dropdown-menu">
<li><a href="/contact" ><i class="glyphicon glyphicon-envelope"></i> Mails, IRC and more</a></li>
<li><a href="/team" ><i class="glyphicon glyphicon-user"></i> The team</a></li>
<li><a href="/professionalservices" ><i class="glyphicon glyphicon-briefcase"></i> Professional Services</a></li>
<li><a href="/references" ><i class="glyphicon glyphicon-sunglasses"></i> References</a></li>
<li><a href="/sponsors" ><i class="glyphicon glyphicon-piggy-bank"></i> Sponsors</a></li>
</ul>
</li>
</ul>
<div class="navbar-right">
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=5e53528a309f1afd578fccb6a5f04cf7" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
</div>
</div>
</nav>
</div>
<!-- /header -->
<div id="dw__breadcrumbs">
<hr/>
<div class="breadcrumb"><span class="bchead">You are here: </span><span class="home"><bdi><a href="/start" class="wikilink1" title="start">start</a></bdi></span> » <bdi><a href="/documentation" class="wikilink1" title="documentation">documentation</a></bdi> » <bdi><a href="/documentation/2.0/start" class="wikilink1" title="documentation:2.0:start">2.0</a></bdi> » <bdi><a href="/documentation/2.0/applications" class="wikilink1" title="documentation:2.0:applications">applications</a></bdi> » <bdi><a href="/documentation/2.0/applications/img/start" class="wikilink2" title="documentation:2.0:applications:img:start" rel="nofollow">img</a></bdi> » <bdi><span class="curid"><a href="/documentation/2.0/applications/img/loader.gif" class="wikilink2" title="documentation:2.0:applications:img:loader.gif" rel="nofollow">loader.gif</a></span></bdi></div>
<hr/>
</div>
<p class="pageId text-right">
<span class="label label-default">documentation:2.0:applications:img:loader.gif</span>
</p>
<div id="dw__msgarea">
</div>
<main class="main row" role="main">
<!-- ********** CONTENT ********** -->
<article id="dokuwiki__content" class="col-sm-9 col-md-10 " >
<div class="panel panel-default" >
<div class="page group panel-body">
<div class="pull-right hidden-print" data-spy="affix" data-offset-top="150" style="z-index:1024; top:10px; right:10px;">
</div>
<!-- wikipage start -->
<h1 class="sectionedit1" id="this_topic_does_not_exist_yet">This topic does not exist yet</h1>
<div class="level1">
<p>
You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissions allow, you may create it by clicking on “Create this page”.
</p>
</div>
<!-- wikipage stop -->
</div>
</div>
</article>
<!-- ********** ASIDE ********** -->
<aside id="dokuwiki__aside" class="dw__sidebar col-sm-3 col-md-2 hidden-print">
<div class="content">
<div class="toogle hidden-lg hidden-md hidden-sm" data-toggle="collapse" data-target="#dokuwiki__aside .collapse">
<i class="glyphicon glyphicon-th-list"></i> Sidebar </div>
<div class="collapse in">
<p>
<div class="text-center">
</p>
<h3 class="sectionedit1" id="hosted_by">Hosted by</h3>
<div class="level3">
<p>
<a href="http://www.ow2.org" class="media" title="http://www.ow2.org" rel="nofollow"><img src="/_media/logos/ow2.png?w=150&amp;tok=b7af43" class="mediacenter" alt="" width="150" /></a>
</div>
</p>
<hr />
<p>
<div class="text-center">
</p>
</div>
<!-- EDIT1 SECTION "Hosted by" [40-174] -->
<h3 class="sectionedit2" id="certifications">Certifications</h3>
<div class="level3">
<p>
<a href="https://partenaires.franceconnect.gouv.fr/references#LogicielslibresFranceConnectables" class="media" title="https://partenaires.franceconnect.gouv.fr/references#LogicielslibresFranceConnectables" rel="nofollow"><img src="/_media/applications/franceconnect_logo.png" class="mediacenter" alt="" /></a>
<strong>France Connect</strong>
</div>
</p>
<hr />
<p>
<div class="text-center">
</p>
<p>
<script type="text/javascript" src="http://www.openhub.net/p/12421/widgets/project_users.js?style=blue"></script>
</div>
</p>
<script type='text/javascript'>
var ab_h = '321e562442494652658acbc3fd84ec80';
var ab_s = '6ca5df30810665e075f684a87e742175';
</script>
<script type='text/javascript' src='http://cdn1.adbard.net/js/ab1.js'></script>
</div>
<!-- EDIT2 SECTION "Certifications" [175-] --> </div>
</div>
</aside>
</main>
<footer id="dokuwiki__footer" class="small hidden-print">
<a href="javascript:void(0)" class="back-to-top hidden-print btn btn-default btn-sm" title="skip to content>" id="back-to-top"><i class="glyphicon glyphicon-chevron-up"></i></a>
<div class="text-center">
<p id="dw__license">
<div class="license">Except where otherwise noted, content on this wiki is licensed under the following license: <bdi><a href="http://creativecommons.org/licenses/by-nc-sa/3.0/" rel="license" class="urlextern">CC Attribution-Noncommercial-Share Alike 3.0 Unported</a></bdi></div> </p>
</div>
</footer>
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1526585770" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>
<span class="visible-md"></span>
<span class="visible-lg"></span>
</div>
</div>
<!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

263
po-doc/fr/pages/documentation/current/applications/liferay.html
View File

@ -1,263 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:liferay</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,liferay"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="liferay.html"/>
<link rel="contents" href="liferay.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:liferay","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#liferay_administration">Administration Liferay</a></div></li>
<li class="level2"><div class="li"><a href="#liferay_virtual_host">Hôte virtuel Liferay</a></div></li>
<li class="level2"><div class="li"><a href="#liferay_virtual_host_in_manager">Hôte virtuel Liferay dans le manager</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="liferay">Liferay</h1>
<div class="level1">
<p>
<a href="liferay_logo.png_documentation_2.0_applications_liferay.html" class="media" title="applications:liferay_logo.png"><img src="liferay_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "Liferay" [1-62] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://www.liferay.com/" class="urlextern" title="http://www.liferay.com/" rel="nofollow">Liferay</a> est un portail d'entreprise.
</p>
<p>
Liferay peut utiliser <abbr title="LemonLDAP::NG">LL::NG</abbr> comme fournisseur <abbr title="Authentification unique (Single Sign On)">SSO</abbr> mais il faut gérer la création des comptes utilisateurs :
</p>
<ul>
<li class="level1"><div class="li"> À la main dans les écrans d'administration de Liferay</div>
</li>
<li class="level1"><div class="li"> Importés d'un serveur LDAP</div>
</li>
</ul>
<p>
Bien sûr, l'integration est complète si le serveur LDAP est utilisé comme base de données des utilisateurs dans <abbr title="LemonLDAP::NG">LL::NG</abbr> et Liferay.
</p>
<div class="noteimportant">Si le compte n'est pas créé ou ne peut être créé par un import LDAP, la connexion à Liferay sera refusée. Avec LDAP, login, mail, nom et prénom dont des attributs exigés. Si l'un est manquant, le compte ne sera pas créé.
</div>
<p>
Cette documentation explique seulement comment activer la partie <abbr title="Authentification unique (Single Sign On)">SSO</abbr>. Se reporter à la documentation Liferay pour activer l'alimentation LDAP.
</p>
</div><!-- EDIT2 SECTION "Presentation" [63-811] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Configuration" [812-838] -->
<h3 class="sectionedit4" id="liferay_administration">Administration Liferay</h3>
<div class="level3">
<p>
Accès à Liferay (première connexion):
</p>
<p>
<a href="../documentation/liferay_1.png_documentation_2.0_applications_liferay.html" class="media" title="documentation:liferay_1.png"><img src="../documentation/liferay_1.94a72585e62a429cc5c188c3d9a9c85c.png" class="mediacenter" alt="" width="600" /></a>
</p>
<p>
Se connecter comme administrateur:
</p>
<p>
<a href="../documentation/liferay_2.png_documentation_2.0_applications_liferay.html" class="media" title="documentation:liferay_2.png"><img src="../documentation/liferay_2.b944cb61ce083c0d7aff1c6bb39760a8.png" class="mediacenter" alt="" width="600" /></a>
</p>
<p>
Aller dans <code>My account</code>:
</p>
<p>
<a href="../documentation/liferay_3.png_documentation_2.0_applications_liferay.html" class="media" title="documentation:liferay_3.png"><img src="../documentation/liferay_3.106daffc84135665df6492b59ba36161.png" class="mediacenter" alt="" width="600" /></a>
</p>
<p>
Aller dans <code>Portal</code> » <code>Settings</code>:
</p>
<p>
<a href="../documentation/liferay_4.png_documentation_2.0_applications_liferay.html" class="media" title="documentation:liferay_4.png"><img src="../documentation/liferay_4.9717b5c8fd0a478a12196d8d5e1594bf.png" class="mediacenter" alt="" width="600" /></a>
</p>
<p>
Aller dans <code>Configuration</code> » <code>Authentication</code>:
</p>
<p>
<a href="../documentation/liferay_5.png_documentation_2.0_applications_liferay.html" class="media" title="documentation:liferay_5.png"><img src="../documentation/liferay_5.5ef2170a751fda36715b5b189c9ca156.png" class="mediacenter" alt="" width="600" /></a>
</p>
<p>
Dans <code>General</code>, remplir au moins les informations suivantes :
</p>
<ul>
<li class="level1"><div class="li"> <strong>How do users authenticate?</strong>: by login</div>
</li>
</ul>
<div class="notetip">Il est conseillé de désactiver les autres options, car les utilisateurs utiliseront le portail <abbr title="LemonLDAP::NG">LL::NG</abbr> pour modifier ou réinitialiser leur mot-de-passe.
</div>
<p>
<a href="../documentation/liferay_6.png_documentation_2.0_applications_liferay.html" class="media" title="documentation:liferay_6.png"><img src="../documentation/liferay_6.b1ca978c06cd86fd0c88798e4edf1f67.png" class="mediacenter" alt="" width="600" /></a>
</p>
<div class="noteimportant">Il faut activer l'authentification LDAP sinon l'authentification <abbr title="Authentification unique (Single Sign On)">SSO</abbr> ne marchera pas. Faire ceci dans le panneau de contrôle ou dans le fichier de configuration :
<pre class="file">ldap.auth.enabled=true</pre>
</div>
<p>
Utiliser ensuite le paragraphe <code>SiteMinder</code> pour configurer le <abbr title="Authentification unique (Single Sign On)">SSO</abbr> :
</p>
<ul>
<li class="level1"><div class="li"> <strong>Enabled</strong>: Yes</div>
</li>
<li class="level1"><div class="li"> <strong>Import from LDAP</strong>: Yes (voir <a href="#presentation" title="documentation:2.0:applications:liferay ↵" class="wikilink1">présentation</a>)</div>
</li>
<li class="level1"><div class="li"> <strong>User Header</strong>: Auth-User (case sensitive)</div>
</li>
</ul>
<p>
<a href="../documentation/liferay_7.png_documentation_2.0_applications_liferay.html" class="media" title="documentation:liferay_7.png"><img src="../documentation/liferay_7.89d02254915d5717ce4e8d315559763f.png" class="mediacenter" alt="" width="600" /></a>
</p>
<div class="noteimportant">Ne pas oublier de sauvegarder les changements !
</div>
</div><!-- EDIT4 SECTION "Liferay administration" [839-2004] -->
<h3 class="sectionedit5" id="liferay_virtual_host">Hôte virtuel Liferay</h3>
<div class="level3">
<p>
Configurer l'hôte virtuel Liferay comme n'importe quel autre <a href="../configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">hôte virtuel protégé</a>.
</p>
<ul>
<li class="level1"><div class="li"> Pour Apache:</div>
</li>
</ul>
<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
<span class="kw1">ServerName</span> liferay.example.com
&nbsp;
PerlHeaderParserHandler Lemonldap::NG::Handler
&nbsp;
...
&nbsp;
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>
<ul>
<li class="level1"><div class="li"> Pour Nginx:</div>
</li>
</ul>
<pre class="code file nginx">server {
listen 80;
server_name liferay.example.com;
root /path/to/application;
# Requête interne d'authentification
location = /lmauth {
internal;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
# Ignorer les données postées
fastcgi_pass_request_body off;
fastcgi_param CONTENT_LENGTH "";
# Conserver le nom d'hôte original
fastcgi_param HOST $http_host;
# Conserver la requête originale (le serveur LLNG va recevoir /llauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
&nbsp;
# Requêtes clients
location / {
auth_request /lmauth;
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
auth_request_set $lmlocation $upstream_http_location;
error_page 401 $lmlocation;
try_files $uri $uri/ =404;
&nbsp;
...
&nbsp;
include /etc/lemonldap-ng/nginx-lua-headers.conf;
}
location / {
try_files $uri $uri/ =404;
}
}</pre>
</div><!-- EDIT5 SECTION "Liferay virtual host" [2005-3261] -->
<h3 class="sectionedit6" id="liferay_virtual_host_in_manager">Hôte virtuel Liferay dans le manager</h3>
<div class="level3">
<p>
Aller dans le manager et <a href="../configvhost.html#lemonldapng_configuration" class="wikilink1" title="documentation:2.0:configvhost">créer un nouvel hôte virtuel</a> pour Liferay.
</p>
<p>
Configurer simplement la <a href="../writingrulesand_headers.html#rules" class="wikilink1" title="documentation:2.0:writingrulesand_headers">règle d'accès</a>. Il est possible d'ajouter une règle pour la déconnexion :
</p>
<pre class="code"> ^/c/portal/logout =&gt; logout_sso</pre>
<p>
Configurer l'<a href="../writingrulesand_headers.html#headers" class="wikilink1" title="documentation:2.0:writingrulesand_headers">en-tête</a> <code>Auth-User</code>.
</p>
</div><!-- EDIT6 SECTION "Liferay virtual host in Manager" [3262-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/liferay_logo.png_documentation_2.0_applications_liferay.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:liferay_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="liferay.html"/>
<link rel="contents" href="liferay.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:liferay_logo.png </h1>
<div class="content">
<a href="liferay_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="160" height="80" class="img_detail" alt="liferay_logo.png" title="liferay_logo.png" src="liferay_logo.7d29538169646fbbb91133a78a0c2ff8.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> liferay_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>liferay_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>7KB</dd><dt>Width:</dt><dd>160</dd><dt>Height:</dt><dd>80</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="liferay.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:liferay [B]">Back to documentation:2.0:applications:liferay</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

225
po-doc/fr/pages/documentation/current/applications/limesurvey.html
View File

@ -1,225 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:limesurvey</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,limesurvey"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="limesurvey.html"/>
<link rel="contents" href="limesurvey.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:limesurvey","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#http_headers">HTTP Headers</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#limesurvey_configuration">Configuration de LimeSurvey</a></div></li>
<li class="level2"><div class="li"><a href="#limesurvey_virtual_host">Hôte virtuel LimeSurvey</a></div></li>
<li class="level2"><div class="li"><a href="#limesurvey_virtual_host_in_manager">Hôte virtuel LimeSurvey dans le manager</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#headers">En-têtes</a></div></li>
<li class="level3"><div class="li"><a href="#rules">Règles</a></div></li>
</ul></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="limesurvey">LimeSurvey</h1>
<div class="level1">
<p>
<a href="limesurvey_logo.png_documentation_2.0_applications_limesurvey.html" class="media" title="applications:limesurvey_logo.png"><img src="limesurvey_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "LimeSurvey" [1-70] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://www.limesurvey.org" class="urlextern" title="http://www.limesurvey.org" rel="nofollow">LimeSurvey</a> est un logiciel de sondage écrit en PHP.
</p>
</div><!-- EDIT2 SECTION "Presentation" [71-180] -->
<h2 class="sectionedit3" id="http_headers">HTTP Headers</h2>
<div class="level2">
<p>
LimeSurvey has a webserver authentication mode that allows one to integrate it directly into LemonLDAP::NG.
</p>
<p>
To have a stronger integration, we will configure LimeSurvey to autocreate unknown users and use HTTP headers to fill name and mail.
</p>
<div class="noteclassic">On suppose que LimeSurvey est installé dans /var/www/html/limesurvey
</div>
</div><!-- EDIT3 SECTION "HTTP Headers" [181-531] -->
<h3 class="sectionedit4" id="limesurvey_configuration">Configuration de LimeSurvey</h3>
<div class="level3">
<p>
In Administration panel, go in Configuration &gt; Parameters &gt; Extensions manager. Select the WebServer module and configure it.
</p>
<p>
<img src="screenshot_limesurvey_configuration.png" class="mediacenter" title="
" alt="
" />
</p>
<p>
This is enough for the authentication part.
</p>
<div class="notetip">If you are blocked, you can deactivate the plugin with this request in database:
<pre class="code">update lime_plugins SET active=0 where name="Authwebserver";</pre>
</div>
<p>
To configure account autocreation, you need to edit application/config/config.php:
The configuration is done in config.php:
</p>
<pre class="code">vi /var/www/html/limesurvey/application/config/config.php</pre>
<pre class="code file php"> <span class="st_h">'config'</span><span class="sy0">=&gt;</span><a href="http://www.php.net/array"><span class="kw3">array</span></a><span class="br0">(</span>
<span class="co1">// debug: Set this to 1 if you are looking for errors. If you still get no errors after enabling this</span>
<span class="co1">// then please check your error-logs - either in your hosting provider admin panel or in some /logs directory</span>
<span class="co1">// on your webspace.</span>
<span class="co1">// LimeSurvey developers: Set this to 2 to additionally display STRICT PHP error messages and get full access to standard templates</span>
<span class="st_h">'debug'</span><span class="sy0">=&gt;</span><span class="nu0">0</span><span class="sy0">,</span>
<span class="st_h">'debugsql'</span><span class="sy0">=&gt;</span><span class="nu0">0</span><span class="sy0">,</span> <span class="co1">// Set this to 1 to enanble sql logging, only active when debug = 2</span>
<span class="co1">// Update default LimeSurvey config here</span>
<span class="st_h">'auth_webserver_autocreate_user'</span> <span class="sy0">=&gt;</span> <span class="kw4">true</span><span class="sy0">,</span>
<span class="st_h">'auth_webserver_autocreate_profile'</span> <span class="sy0">=&gt;</span> <a href="http://www.php.net/array"><span class="kw3">Array</span></a><span class="br0">(</span><span class="st_h">'full_name'</span> <span class="sy0">=&gt;</span> <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st_h">'HTTP_AUTH_CN'</span><span class="br0">]</span><span class="sy0">,</span><span class="st_h">'email'</span> <span class="sy0">=&gt;</span> <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st_h">'HTTP_AUTH_MAIL'</span><span class="br0">]</span><span class="sy0">,</span><span class="st_h">'lang'</span><span class="sy0">=&gt;</span><span class="st_h">'en'</span><span class="br0">)</span><span class="sy0">,</span>
<span class="st_h">'auth_webserver_autocreate_permissions'</span> <span class="sy0">=&gt;</span> <a href="http://www.php.net/array"><span class="kw3">Array</span></a><span class="br0">(</span><span class="st_h">'surveys'</span> <span class="sy0">=&gt;</span> <a href="http://www.php.net/array"><span class="kw3">array</span></a><span class="br0">(</span><span class="st_h">'create'</span><span class="sy0">=&gt;</span><span class="kw4">true</span><span class="sy0">,</span><span class="st_h">'read'</span><span class="sy0">=&gt;</span><span class="kw4">false</span><span class="sy0">,</span><span class="st_h">'update'</span><span class="sy0">=&gt;</span><span class="kw4">false</span><span class="sy0">,</span><span class="st_h">'delete'</span><span class="sy0">=&gt;</span><span class="kw4">false</span><span class="br0">)</span><span class="br0">)</span><span class="sy0">,</span>
<span class="br0">)</span></pre>
<p>
See also <a href="https://manual.limesurvey.org/Optional_settings#Authentication_delegation_with_automatic_user_import" class="urlextern" title="https://manual.limesurvey.org/Optional_settings#Authentication_delegation_with_automatic_user_import" rel="nofollow">https://manual.limesurvey.org/Optional_settings#Authentication_delegation_with_automatic_user_import</a>
</p>
</div><!-- EDIT4 SECTION "LimeSurvey configuration" [532-2298] -->
<h3 class="sectionedit5" id="limesurvey_virtual_host">Hôte virtuel LimeSurvey</h3>
<div class="level3">
<p>
Configurer l'hôte virtuel LimeSurvey comme n'importe quel autre <a href="../configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">hôte virtuel protégé</a>.
</p>
</div><!-- EDIT5 SECTION "LimeSurvey virtual host" [2299-2422] -->
<h3 class="sectionedit6" id="limesurvey_virtual_host_in_manager">Hôte virtuel LimeSurvey dans le manager</h3>
<div class="level3">
<p>
Aller dans le manager et <a href="../configvhost.html#lemonldapng_configuration" class="wikilink1" title="documentation:2.0:configvhost">créer un nouvel hôte virtuel</a> pour LimeSurvey.
</p>
</div>
<h4 id="headers">En-têtes</h4>
<div class="level4">
<div class="table sectionedit7"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Nom d'en-tête </th><th class="col1 centeralign"> Description </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> Auth-User </td><td class="col1 centeralign"> nom de connexion </td>
</tr>
<tr class="row2 roweven">
<td class="col0 centeralign"> Auth-Cn </td><td class="col1 centeralign"> Nom complet de l'utilisateur </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> Auth-Mail </td><td class="col1 centeralign"> Email de l'utilisateur </td>
</tr>
</table></div><!-- EDIT7 TABLE [2595-2723] -->
</div>
<h4 id="rules">Règles</h4>
<div class="level4">
<div class="table sectionedit8"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Nom de la règle </th><th class="col1 centeralign"> Expression </th><th class="col2 centeralign"> Description </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> Déconnexion </td><td class="col1 centeralign"> /sa/logout$ </td><td class="col2 centeralign"> Règle de déconnexion (par exemple logout_app_sso) </td>
</tr>
<tr class="row2 roweven">
<td class="col0 centeralign"> Admin </td><td class="col1 centeralign"> ^/(index\.php/)?admin </td><td class="col2 centeralign"> Allow only admin and superadmin users </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> Défaut </td><td class="col1 centeralign"> default </td><td class="col2 centeralign"> Autorise seulement les utilisateurs avec un rôle LimeSurvey </td>
</tr>
</table></div><!-- EDIT8 TABLE [2740-3024] -->
<div class="notetip">Il est possible de mettre l'accès par défaut à :<ul>
<li class="level1"><div class="li"> <strong>accept</strong> : tous les utilisateurs authentifiés peuvent accéder aux surveillances</div>
</li>
<li class="level1"><div class="li"> <strong>unprotect</strong> : aucune authentification n'est nécessaire pour accéder aux surveillances </div>
</li>
</ul>
</div>
</div><!-- EDIT6 SECTION "LimeSurvey virtual host in Manager" [2423-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/limesurvey_logo.png_documentation_2.0_applications_limesurvey.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:limesurvey_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="limesurvey.html"/>
<link rel="contents" href="limesurvey.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:limesurvey_logo.png </h1>
<div class="content">
<a href="limesurvey_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="208" height="155" class="img_detail" alt="limesurvey_logo.png" title="limesurvey_logo.png" src="limesurvey_logo.7289f5fab790c74ee63749c18e6c6735.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> limesurvey_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>limesurvey_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>32KB</dd><dt>Width:</dt><dd>208</dd><dt>Height:</dt><dd>155</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="limesurvey.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:limesurvey [B]">Back to documentation:2.0:applications:limesurvey</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

272
po-doc/fr/pages/documentation/current/applications/mediawiki.html
View File

@ -1,272 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:mediawiki</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,mediawiki"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="mediawiki.html"/>
<link rel="contents" href="mediawiki.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:mediawiki","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#installation">Installation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#mediwiki_local_configuration">Configuration locale MediaWiki</a></div></li>
<li class="level2"><div class="li"><a href="#mediawiki_virtual_host">Hôte virtuel MediaWiki</a></div></li>
<li class="level2"><div class="li"><a href="#mediawiki_virtual_host_in_manager">Hôte virtuel Mediawiki dans le manager</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="mediawiki">MediaWiki</h1>
<div class="level1">
<p>
<a href="mediawiki_logo.png_documentation_2.0_applications_mediawiki.html" class="media" title="applications:mediawiki_logo.png"><img src="mediawiki_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "MediaWiki" [1-66] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://www.mediawiki.org" class="urlextern" title="http://www.mediawiki.org" rel="nofollow">MediaWiki</a> est un logiciel wiki utilisé par le très connu <a href="http://www.wikipedia.org" class="urlextern" title="http://www.wikipedia.org" rel="nofollow">Wikipedia</a>.
</p>
<p>
Several extensions allows one to configure <abbr title="Authentification unique (Single Sign On)">SSO</abbr> on MediaWiki:
</p>
<ul>
<li class="level1"><div class="li"> <a href="http://www.mediawiki.org/wiki/Extension:AutomaticREMOTE_USER" class="urlextern" title="http://www.mediawiki.org/wiki/Extension:AutomaticREMOTE_USER" rel="nofollow">Automatic REMOTE_USER</a></div>
</li>
<li class="level1"><div class="li"> <a href="http://www.mediawiki.org/wiki/Extension:Siteminder_Authentication" class="urlextern" title="http://www.mediawiki.org/wiki/Extension:Siteminder_Authentication" rel="nofollow">Siteminder Authentication</a></div>
</li>
</ul>
<p>
Nous expliquons ici comment utiliser l'extension <a href="http://www.mediawiki.org/wiki/Extension:AutomaticREMOTE_USER" class="urlextern" title="http://www.mediawiki.org/wiki/Extension:AutomaticREMOTE_USER" rel="nofollow">REMOTE_USER automatique</a>.
</p>
</div><!-- EDIT2 SECTION "Presentation" [67-594] -->
<h2 class="sectionedit3" id="installation">Installation</h2>
<div class="level2">
<p>
L'extension est présentée ici : <a href="http://www.mediawiki.org/wiki/Extension:AutomaticREMOTE_USER" class="urlextern" title="http://www.mediawiki.org/wiki/Extension:AutomaticREMOTE_USER" rel="nofollow">http://www.mediawiki.org/wiki/Extension:AutomaticREMOTE_USER</a>
</p>
<p>
Il est possible de télécharger le code source ici : <a href="https://www.mediawiki.org/wiki/Special:ExtensionDistributor/Auth_remoteuser" class="urlextern" title="https://www.mediawiki.org/wiki/Special:ExtensionDistributor/Auth_remoteuser" rel="nofollow">https://www.mediawiki.org/wiki/Special:ExtensionDistributor/Auth_remoteuser</a>
</p>
<p>
Il faut installer <code> Auth_remoteuser</code> dans le répertoire des <code>extensions/</code> ve votre serveur MediaWiki :
</p>
<pre class="code">cp -a Auth_remoteuser/ extensions/</pre>
</div><!-- EDIT3 SECTION "Installation" [595-989] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT4 SECTION "Configuration" [990-1016] -->
<h3 class="sectionedit5" id="mediwiki_local_configuration">Configuration locale MediaWiki</h3>
<div class="level3">
<p>
Éditer ensuite les paramètres locaux MediaWiki
</p>
<pre class="code">vi LocalSettings.php</pre>
<pre class="code file php"><span class="kw1">require_once</span> <span class="st0">"<span class="es4">$IP</span>/extensions/Auth_remoteuser/Auth_remoteuser.php"</span><span class="sy0">;</span>
<span class="re0">$wgAuth</span> <span class="sy0">=</span> <span class="kw2">new</span> Auth_remoteuser<span class="br0">(</span><span class="br0">)</span><span class="sy0">;</span></pre>
<p>
Puis, configuration de l'extension, par exemple :
</p>
<pre class="code file php"><span class="re0">$wgAuthRemoteuserAuthz</span> <span class="sy0">=</span> <span class="kw4">true</span><span class="sy0">;</span> <span class="coMULTI">/* Your own authorization test */</span>
<span class="re0">$wgAuthRemoteuserName</span> <span class="sy0">=</span> <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st0">"HTTP_AUTH_CN"</span><span class="br0">]</span><span class="sy0">;</span> <span class="coMULTI">/* User's name */</span>
<span class="re0">$wgAuthRemoteuserMail</span> <span class="sy0">=</span> <span class="re0">$_SERVER</span><span class="br0">[</span><span class="st0">"HTTP_AUTH_MAIL"</span><span class="br0">]</span><span class="sy0">;</span> <span class="coMULTI">/* User's Mail */</span>
<span class="re0">$wgAuthRemoteuserNotify</span> <span class="sy0">=</span> <span class="kw4">false</span><span class="sy0">;</span> <span class="coMULTI">/* Do not send mail notifications */</span>
<span class="co1">//$wgAuthRemoteuserDomain = "NETBIOSDOMAIN"; /* Remove NETBIOSDOMAIN\ from the beginning or @NETBIOSDOMAIN at the end of a IWA username */</span>
<span class="coMULTI">/* User's mail domain to append to the user name to make their email address */</span>
<span class="co1">//$wgAuthRemoteuserMailDomain = "example.com";</span>
&nbsp;
<span class="co1">// see http://www.mediawiki.org/wiki/Manual:Hooks/SpecialPage_initList</span>
<span class="co1">// and http://www.mediawiki.org/w/Manual:Special_pages</span>
<span class="co1">// and http://lists.wikimedia.org/pipermail/mediawiki-l/2009-June/031231.html</span>
<span class="co1">// disable login and logout functions for all users</span>
<span class="kw2">function</span> LessSpecialPages<span class="br0">(</span><span class="sy0">&amp;</span><span class="re0">$list</span><span class="br0">)</span> <span class="br0">{</span>
<a href="http://www.php.net/unset"><span class="kw3">unset</span></a><span class="br0">(</span> <span class="re0">$list</span><span class="br0">[</span><span class="st_h">'Userlogout'</span><span class="br0">]</span> <span class="br0">)</span><span class="sy0">;</span>
<a href="http://www.php.net/unset"><span class="kw3">unset</span></a><span class="br0">(</span> <span class="re0">$list</span><span class="br0">[</span><span class="st_h">'Userlogin'</span><span class="br0">]</span> <span class="br0">)</span><span class="sy0">;</span>
<span class="kw1">return</span> <span class="kw4">true</span><span class="sy0">;</span>
<span class="br0">}</span>
<span class="re0">$wgHooks</span><span class="br0">[</span><span class="st_h">'SpecialPage_initList'</span><span class="br0">]</span><span class="br0">[</span><span class="br0">]</span><span class="sy0">=</span><span class="st_h">'LessSpecialPages'</span><span class="sy0">;</span>
&nbsp;
<span class="co1">// http://www.mediawiki.org/wiki/Extension:Windows_NTLM_LDAP_Auto_Auth</span>
<span class="co1">// remove login and logout buttons for all users</span>
<span class="kw2">function</span> StripLogin<span class="br0">(</span><span class="sy0">&amp;</span><span class="re0">$personal_urls</span><span class="sy0">,</span> <span class="sy0">&amp;</span><span class="re0">$wgTitle</span><span class="br0">)</span> <span class="br0">{</span>
<a href="http://www.php.net/unset"><span class="kw3">unset</span></a><span class="br0">(</span> <span class="re0">$personal_urls</span><span class="br0">[</span><span class="st0">"login"</span><span class="br0">]</span> <span class="br0">)</span><span class="sy0">;</span>
<a href="http://www.php.net/unset"><span class="kw3">unset</span></a><span class="br0">(</span> <span class="re0">$personal_urls</span><span class="br0">[</span><span class="st0">"logout"</span><span class="br0">]</span> <span class="br0">)</span><span class="sy0">;</span>
<a href="http://www.php.net/unset"><span class="kw3">unset</span></a><span class="br0">(</span> <span class="re0">$personal_urls</span><span class="br0">[</span><span class="st_h">'anonlogin'</span><span class="br0">]</span> <span class="br0">)</span><span class="sy0">;</span>
<span class="kw1">return</span> <span class="kw4">true</span><span class="sy0">;</span>
<span class="br0">}</span>
<span class="re0">$wgHooks</span><span class="br0">[</span><span class="st_h">'PersonalUrls'</span><span class="br0">]</span><span class="br0">[</span><span class="br0">]</span> <span class="sy0">=</span> <span class="st_h">'StripLogin'</span><span class="sy0">;</span></pre>
<div class="notewarning">In last version of Auth_remoteuser and Mediawiki, empty passwords are not authorized, so you may need to patch the extension code if you get the error:
“Unexpected REMOTE_USER authentication failure. Login Error was:EmptyPass”.
</div>
<p>
If necessary, use the code below to patch the extension:
</p>
<pre class="code">sed -i "s/'wpPassword' =&gt; ''/'wpPassword' =&gt; 'none'/" extensions/Auth_remoteuser/Auth_remoteuser.body.php</pre>
<div class="notewarning">In last version of Auth_remoteuser and Mediawiki, auto-provisioning requires REMOTE_USER to match the normalized mediawiki username (for example: john_doe → john doe), so you may need to patch the extension code if you get the error:
“Unexpected REMOTE_USER authentication failure. Login Error was:WrongPluginPass”
</div>
<p>
You can use the code below for normalizing logins containing “_” in the extension:
</p>
<pre class="code">sed -i '/$usertest = $this-&gt;getRemoteUsername();/a\ $usertest = str_replace( "_"," ", $usertest );' extensions/Auth_remoteuser/Auth_remoteuser.body.php</pre>
</div><!-- EDIT5 SECTION "MediWiki local configuration" [1017-3670] -->
<h3 class="sectionedit6" id="mediawiki_virtual_host">Hôte virtuel MediaWiki</h3>
<div class="level3">
<p>
Configurer l'hôte virtuel Mediawiki comme n'importe quel autre <a href="../configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">hôte virtuel protégé</a>.
</p>
<div class="noteimportant">Si Mediawiki est protégé par un reverse-proxy <abbr title="LemonLDAP::NG">LL::NG</abbr>, <a href="../header_remote_user_conversion.html" class="wikilink1" title="documentation:2.0:header_remote_user_conversion">convertir l'en-tête en variable d'environnement REMOTE_USER</a>.
</div><ul>
<li class="level1"><div class="li"> Pour Apache:</div>
</li>
</ul>
<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
<span class="kw1">ServerName</span> mediawiki.example.com
&nbsp;
PerlHeaderParserHandler Lemonldap::NG::Handler
&nbsp;
...
&nbsp;
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>
<ul>
<li class="level1"><div class="li"> Pour Nginx:</div>
</li>
</ul>
<pre class="code file nginx">server {
listen 80;
server_name mediawiki.example.com;
root /path/to/application;
# Requête interne d'authentification
location = /lmauth {
internal;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
# Ignorer les données postées
fastcgi_pass_request_body off;
fastcgi_param CONTENT_LENGTH "";
# Conserver le nom d'hôte original
fastcgi_param HOST $http_host;
# Conserver la requête originale (le serveur LLNG va recevoir /llauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
&nbsp;
# Requêtes clients
location / {
auth_request /lmauth;
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
auth_request_set $lmlocation $upstream_http_location;
error_page 401 $lmlocation;
try_files $uri $uri/ =404;
&nbsp;
...
&nbsp;
include /etc/lemonldap-ng/nginx-lua-headers.conf;
}
location / {
try_files $uri $uri/ =404;
}
}</pre>
</div><!-- EDIT6 SECTION "MediaWiki virtual host" [3671-5110] -->
<h3 class="sectionedit7" id="mediawiki_virtual_host_in_manager">Hôte virtuel Mediawiki dans le manager</h3>
<div class="level3">
<p>
Aller dans le manager et <a href="../configvhost.html#lemonldapng_configuration" class="wikilink1" title="documentation:2.0:configvhost">créer un nouvel hôte virtuel</a> pour Mediawiki.
</p>
<p>
Configurer simplement la <a href="../writingrulesand_headers.html#rules" class="wikilink1" title="documentation:2.0:writingrulesand_headers">règle d'accès</a>. Il est possible d'ajouter une règle pour la déconnexion :
</p>
<pre class="code">Userlogout =&gt; logout_sso</pre>
<p>
On peut créer ces 2 en-têtes pour qu'ils corresponde au nom d'utilisateur et a son adresse mail (voir la configuration de l'extension) :
</p>
<pre class="code">Auth-Cn =&gt; $cn
Auth-Mail =&gt; $mail</pre>
<p>
Si <abbr title="LemonLDAP::NG">LL::NG</abbr> est utilisé par reverse-proxy, configurer l'<a href="../writingrulesand_headers.html#headers" class="wikilink1" title="documentation:2.0:writingrulesand_headers">en-tête</a> <code>Auth-User</code>,
</p>
</div><!-- EDIT7 SECTION "MediaWiki virtual host in Manager" [5111-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/mediawiki_logo.png_documentation_2.0_applications_mediawiki.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:mediawiki_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="mediawiki.html"/>
<link rel="contents" href="mediawiki.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:mediawiki_logo.png </h1>
<div class="content">
<a href="mediawiki_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="80" height="80" class="img_detail" alt="mediawiki_logo.png" title="mediawiki_logo.png" src="mediawiki_logo.1e04dd2f14d5abb0fedfeeff2a2e79f7.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> mediawiki_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>mediawiki_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>12KB</dd><dt>Width:</dt><dd>80</dd><dt>Height:</dt><dd>80</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="mediawiki.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:mediawiki [B]">Back to documentation:2.0:applications:mediawiki</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/my_domain_salesforce-resize-web.png_documentation_2.0_applications_salesforce.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:my_domain_salesforce-resize-web.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="salesforce.html"/>
<link rel="contents" href="salesforce.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:my_domain_salesforce-resize-web.png </h1>
<div class="content">
<a href="my_domain_salesforce-resize-web.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="800" height="413" class="img_detail" alt="my_domain_salesforce-resize-web.png" title="my_domain_salesforce-resize-web.png" src="my_domain_salesforce-resize-web.6d9d167b858214e467e92cfb5e26c5d7.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> my_domain_salesforce-resize-web.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>my_domain_salesforce-resize-web.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>88KB</dd><dt>Width:</dt><dd>800</dd><dt>Height:</dt><dd>413</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="salesforce.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:salesforce [B]">Back to documentation:2.0:applications:salesforce</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

266
po-doc/fr/pages/documentation/current/applications/nextcloud.html
View File

@ -1,266 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:nextcloud</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,nextcloud"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="nextcloud.html"/>
<link rel="contents" href="nextcloud.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:nextcloud","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#pre-requisites">Pre-requisites</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#nextcloud1">NextCloud</a></div></li>
<li class="level2"><div class="li"><a href="#llng">LL:NG</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#nextcloud_saml_20_configuration">NextCloud, SAML 2.0 configuration</a></div></li>
<li class="level1"><div class="li"><a href="#llng_saml_20_service_provider_configuration">LL:NG, SAML 2.0 Service Provider configuration</a></div></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="nextcloud">NextCloud</h1>
<div class="level1">
<p>
<img src="nextcloud-logo.png" class="mediacenter" alt="" />
</p>
</div><!-- EDIT1 SECTION "NextCloud" [1-73] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="https://nextcloud.com/" class="urlextern" title="https://nextcloud.com/" rel="nofollow">NextCloud</a> is a fork of Owncloud, suite of client-server software for creating file hosting services and using them.
</p>
<p>
This documentation explains how to interconnect LemonLDAP::NG and NextCloud using <abbr title="Security Assertion Markup Language">SAML</abbr> 2.0 protocol.
</p>
</div><!-- EDIT2 SECTION "Presentation" [74-345] -->
<h2 class="sectionedit3" id="pre-requisites">Pre-requisites</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Pre-requisites" [346-373] -->
<h3 class="sectionedit4" id="nextcloud1">NextCloud</h3>
<div class="level3">
<p>
You need to <a href="https://docs.nextcloud.com/server/10/admin_manual/installation/index.html" class="urlextern" title="https://docs.nextcloud.com/server/10/admin_manual/installation/index.html" rel="nofollow">install the software</a>.
</p>
<div class="notetip">If your NextCloud is behind a proxy (thus having a private <abbr title="Internet Protocol">IP</abbr>), metadata generated by NextCloud won't work.
<p>
Consider changing the configuration of NextCloud to force the domain, in <strong>$nextcloudrootwww/config/config.php</strong>, add the following:
</p>
<pre class="code php"><span class="st_h">'overwritehost'</span> <span class="sy0">=&gt;</span> <span class="st_h">'nextcloud.example.com'</span><span class="sy0">,</span></pre>
</div>
<p>
You also need to enable the “<abbr title="Security Assertion Markup Language">SAML</abbr> authentication” plugin in your NextCloud.
</p>
<pre class="code"> + Apps -&gt; Not enabled -&gt; SAML authentication</pre>
</div><!-- EDIT4 SECTION "NextCloud" [374-966] -->
<h3 class="sectionedit5" id="llng">LL:NG</h3>
<div class="level3">
<p>
You need to enable <abbr title="Security Assertion Markup Language">SAML</abbr> 2.0 issuer module in LL:NG:
</p>
<pre class="code">"General Parameters -&gt; Issuer modules -&gt; SAML -&gt; Activation"</pre>
<p>
<img src="nextcloud_saml_activation.png" class="mediacenter" alt="" />
</p>
</div><!-- EDIT5 SECTION "LL:NG" [967-1168] -->
<h2 class="sectionedit6" id="nextcloud_saml_20_configuration">NextCloud, SAML 2.0 configuration</h2>
<div class="level2">
<p>
Configuration of <abbr title="Security Assertion Markup Language">SAML</abbr> 2.0 in NextCloud is pretty straightforward.
</p>
<pre class="code">Administration -&gt; SAML authentication</pre>
<p>
You will find the following fields:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Attribute to map the UID to</strong>: Identity attribute provided by your LL:NG that will be used as UID in NextCloud.</div>
</li>
<li class="level1"><div class="li"> <strong>Identity Provider Data</strong>:</div>
<ul>
<li class="level2"><div class="li"> <strong>Identifier of the IdP entity</strong>: <abbr title="Security Assertion Markup Language">SAML</abbr> Metadata <abbr title="Uniform Resource Locator">URL</abbr> of your LL:NG</div>
</li>
<li class="level2"><div class="li"> <strong><abbr title="Uniform Resource Locator">URL</abbr> Target of the IdP where the SP will send the Authentication Request Message</strong>: SingleSignOn <abbr title="Uniform Resource Locator">URL</abbr> of your LL:NG</div>
</li>
<li class="level2"><div class="li"> <strong><abbr title="Uniform Resource Locator">URL</abbr> Location of the IdP where the SP will send the SLO Request</strong>: SingleLogOut <abbr title="Uniform Resource Locator">URL</abbr> of your LL:NG</div>
</li>
<li class="level2"><div class="li"> <strong>Public X.509 certificate of the IdP</strong>: Certificate of your LL:NG (see below for instructions)</div>
</li>
</ul>
</li>
</ul>
<p>
We need a few steps to generate our LL:NG certificate (unless you already have one).
You first need to create a pair of SSH Keys in LL:NG:
</p>
<pre class="code">SAML 2 Service -&gt; Security Parameters -&gt; Signature</pre>
<p>
and click “New keys”
<img src="nextcloud_certificate_keys.png" class="mediacenter" alt="" />
</p>
<p>
Take the private key in a private.key file, and run the following:
</p>
<pre class="code">openssl req -new -key private.key -out cert.csr
openssl x509 -req -days 3650 -in cert.csr -signkey private.key -out cert.pem</pre>
<p>
Copy/Paste the content of your new cert.pem in the “Public X.509 certificate of the IdP” field of your NextCloud.
</p>
<p>
Your fields should look like this:
<img src="nextcloud_saml_configuration.png" class="mediacenter" alt="" />
</p>
<p>
You can now download your metadata xml file.
</p>
</div><!-- EDIT6 SECTION "NextCloud, SAML 2.0 configuration" [1169-2671] -->
<h2 class="sectionedit7" id="llng_saml_20_service_provider_configuration">LL:NG, SAML 2.0 Service Provider configuration</h2>
<div class="level2">
<p>
We now have to define a service provider (e.g our nextcloud) in LL:NG.
</p>
<p>
Go to “<abbr title="Security Assertion Markup Language">SAML</abbr> service providers”, click on “Add <abbr title="Security Assertion Markup Language">SAML</abbr> SP” and name it as you want (example : 'NextCloud')
</p>
<p>
In the new subtree 'NextCloud', open 'Metadata' and paste the content of your previously downloaded file (or upload the file)
</p>
<p>
<img src="nextcloud_service_metadata.png" class="mediacenter" alt="" />
</p>
<p>
Now go in “Exported attributes” and add, at least, the 'uid'
</p>
<p>
<img src="nextcloud_service_exportedattributes.png" class="mediacenter" alt="" />
</p>
<p>
Don't forget to save your configuration.
</p>
<p>
You are now good to go, and you can add the application in <a href="../portalmenu.html" class="wikilink1" title="documentation:2.0:portalmenu">your menu</a> and <a href="../configvhost.html#lemonldapng_configuration" class="wikilink1" title="documentation:2.0:configvhost">your virtual hosts</a>.
</p>
</div><!-- EDIT7 SECTION "LL:NG, SAML 2.0 Service Provider configuration" [2672-] -->
</div>
</body>
</html>

64
po-doc/fr/pages/documentation/current/applications/nginx.html
View File

@ -1,64 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:nginx</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,nginx"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="nginx.html"/>
<link rel="contents" href="nginx.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:nginx","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="nginx">Nginx</h1>
<div class="level1">
<div class="noteimportant">Nginx est pleinement supporté par LemonLDAP::NG depuis la version 1.9.
</div>
</div><!-- EDIT1 SECTION "Nginx" [1-106] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
Nginx est un serveur web particulièrement performant. Il peut être utilisé pour héberger le portail ou le manager au travers de son support FastCGI et peut être utilisé pour protéger des applications en utilisant le module auth_request (qui dialogue avec un serveur d'autorisations FastCGI). Voir les <a href="../documentation/1.9/start.html#installation" class="wikilink1" title="documentation:1.9:start">pages d'installation</a> pour apprendre à l'installer et l'utiliser.
</p>
</div><!-- EDIT2 SECTION "Presentation" [107-] -->
</div>
</body>
</html>

404
po-doc/fr/pages/documentation/current/applications/obm.html
View File

@ -1,404 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:obm</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,obm"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="obm.html"/>
<link rel="contents" href="obm.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:obm","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#obm1">OBM</a></div></li>
<li class="level2"><div class="li"><a href="#llng">LL::NG</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#attributes_and_macros">Attributs et macros</a></div></li>
<li class="level3"><div class="li"><a href="#virtual_host">Hôte virtuel</a></div></li>
<li class="level3"><div class="li"><a href="#other">Autres</a></div></li>
</ul></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="obm">OBM</h1>
<div class="level1">
<p>
<a href="obm_logo.png_documentation_2.0_applications_obm.html" class="media" title="applications:obm_logo.png"><img src="obm_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "OBM" [1-54] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://obm.org" class="urlextern" title="http://obm.org" rel="nofollow">OBM</a> est une plateforme collaborative et de messagerie pour entreprises ou groupes de travail comprenant plusieurs milliers d'utilisateurs. OBM inclut un groupware, un serveur de messagerie, un CRM, un annuaire LDAP, un domaine Windows, un dispositif de synchronisation pour smartphone et PDA…
</p>
<p>
OBM est livré avec un composant <abbr title="LemonLDAP::NG">LL::NG</abbr> apportant les fonctionnalités suivantes :
</p>
<ul>
<li class="level1"><div class="li"> <abbr title="Authentification unique (Single Sign On)">SSO</abbr> sur l'interface web d'OBM</div>
</li>
<li class="level1"><div class="li"> Déconnexion</div>
</li>
<li class="level1"><div class="li"> Importation des comptes utilisateurs (auto-création à la première connexion)</div>
</li>
</ul>
</div><!-- EDIT2 SECTION "Presentation" [55-488] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Configuration" [489-515] -->
<h3 class="sectionedit4" id="obm1">OBM</h3>
<div class="level3">
<p>
Pour activer le composant d'authentification <abbr title="LemonLDAP::NG">LL::NG</abbr>, aller dans <code>/etc/obm/obm_conf.inc</code>:
</p>
<pre class="code file php"><span class="re0">$auth_kind</span> <span class="sy0">=</span> <span class="st_h">'LemonLDAP'</span><span class="sy0">;</span>
&nbsp;
<span class="re0">$lemonldap_config</span> <span class="sy0">=</span> <a href="http://www.php.net/array"><span class="kw3">Array</span></a><span class="br0">(</span>
<span class="st0">"auto_update"</span> <span class="sy0">=&gt;</span> <span class="kw4">true</span><span class="sy0">,</span>
<span class="st0">"auto_update_force_user"</span> <span class="sy0">=&gt;</span> <span class="kw4">true</span><span class="sy0">,</span>
<span class="st0">"auto_update_force_group"</span> <span class="sy0">=&gt;</span> <span class="kw4">false</span><span class="sy0">,</span>
<span class="st0">"url_logout"</span> <span class="sy0">=&gt;</span> <span class="st0">"https://OBMURL/logout"</span><span class="sy0">,</span>
<span class="st0">"server_ip_address"</span> <span class="sy0">=&gt;</span> <span class="st0">"localhost"</span><span class="sy0">,</span>
<span class="st0">"server_ip_check"</span> <span class="sy0">=&gt;</span> <span class="kw4">false</span><span class="sy0">,</span>
<span class="st0">"debug_level"</span> <span class="sy0">=&gt;</span> <span class="st0">"NONE"</span><span class="sy0">,</span>
<span class="co1">// "debug_header_name" =&gt; "HTTP_OBM_UID",</span>
<span class="co1">// "group_header_name" =&gt; "HTTP_OBM_GROUPS",</span>
<span class="st0">"headers_map"</span> <span class="sy0">=&gt;</span> <a href="http://www.php.net/array"><span class="kw3">Array</span></a><span class="br0">(</span>
<span class="co1">//"userobm_gid" =&gt; "HTTP_OBM_GID",</span>
<span class="co1">//"userobm_domain_id" =&gt; ,</span>
<span class="st0">"userobm_login"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_UID"</span><span class="sy0">,</span>
<span class="st0">"userobm_password"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_USERPASSWORD"</span><span class="sy0">,</span>
<span class="co1">//"userobm_password_type" =&gt; ,</span>
<span class="st0">"userobm_perms"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_PERMS"</span><span class="sy0">,</span>
<span class="co1">//"userobm_kind" =&gt; ,</span>
<span class="st0">"userobm_lastname"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_SN"</span><span class="sy0">,</span>
<span class="st0">"userobm_firstname"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_GIVENNAME"</span><span class="sy0">,</span>
<span class="co1">// "userobm_title" =&gt; "HTTP_OBM_TITLE",</span>
<span class="st0">"userobm_email"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_MAIL"</span><span class="sy0">,</span>
<span class="st0">"userobm_datebegin"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_DATEBEGIN"</span><span class="sy0">,</span>
<span class="co1">//"userobm_account_dateexp" =&gt; ,</span>
<span class="co1">//"userobm_delegation_target" =&gt; ,</span>
<span class="co1">//"userobm_delegation" =&gt; ,</span>
<span class="st0">"userobm_description"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_DESCRIPTION"</span><span class="sy0">,</span>
<span class="co1">//"userobm_archive" =&gt; ,</span>
<span class="co1">//"userobm_hidden" =&gt; ,</span>
<span class="co1">//"userobm_status" =&gt; ,</span>
<span class="co1">//"userobm_local" =&gt; ,</span>
<span class="co1">//"userobm_photo_id" =&gt; ,</span>
<span class="st0">"userobm_phone"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_TELEPHONENUMBER"</span><span class="sy0">,</span>
<span class="co1">//"userobom_phone2" =&gt; ,</span>
<span class="co1">//"userobm_mobile" =&gt; ,</span>
<span class="st0">"userobm_fax"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_FACSIMILETELEPHONENUMBER"</span><span class="sy0">,</span>
<span class="co1">//"userobm_fax2" =&gt; ,</span>
<span class="st0">"userobm_company"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_O"</span><span class="sy0">,</span>
<span class="co1">//"userobm_direction" =&gt; ,</span>
<span class="st0">"userobm_service"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_OU"</span><span class="sy0">,</span>
<span class="st0">"userobm_address1"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_POSTALADDRESS"</span><span class="sy0">,</span>
<span class="co1">//"userobm_address2" =&gt; ,</span>
<span class="co1">//"userobm_address3" =&gt; ,</span>
<span class="st0">"userobm_zipcode"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_POSTALCODE"</span><span class="sy0">,</span>
<span class="st0">"userobm_town"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_L"</span><span class="sy0">,</span>
<span class="st0">"userobm_zipcode"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_POSTALCODE"</span><span class="sy0">,</span>
<span class="st0">"userobm_town"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_L"</span><span class="sy0">,</span>
<span class="co1">//"userobm_expresspostal" =&gt; ,</span>
<span class="co1">//"userobm_host_id" =&gt; ,</span>
<span class="co1">//"userobm_web_perms" =&gt; ,</span>
<span class="co1">//"userobm_web_list" =&gt; ,</span>
<span class="co1">//"userobm_web_all" =&gt; ,</span>
<span class="co1">//"userobm_mail_perms" =&gt; ,</span>
<span class="co1">//"userobm_mail_ext_perms" =&gt; ,</span>
<span class="co1">//"userobm_mail_server_id" =&gt; ,</span>
<span class="co1">//"userobm_mail_server_hostname" =&gt; ,</span>
<span class="st0">"userobm_mail_quota"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_MAILQUOTA"</span><span class="sy0">,</span>
<span class="co1">//"userobm_nomade_perms" =&gt; ,</span>
<span class="co1">//"userobm_nomade_enable" =&gt; ,</span>
<span class="co1">//"userobm_nomade_local_copy" =&gt; ,</span>
<span class="co1">//"userobm_email_nomade" =&gt; ,</span>
<span class="co1">//"userobm_vacation_enable" =&gt; ,</span>
<span class="co1">//"userobm_vacation_datebegin" =&gt; ,</span>
<span class="co1">//"userobm_vacation_dateend" =&gt; ,</span>
<span class="co1">//"userobm_vacation_message" =&gt; ,</span>
<span class="co1">//"userobm_samba_perms" =&gt; ,</span>
<span class="co1">//"userobm_samba_home" =&gt; ,</span>
<span class="co1">//"userobm_samba_home_drive" =&gt; ,</span>
<span class="co1">//"userobm_samba_logon_script" =&gt; ,</span>
<span class="co1">// ---- Unused values ? ----</span>
<span class="st0">"userobm_ext_id"</span> <span class="sy0">=&gt;</span> <span class="st0">"HTTP_OBM_SERIALNUMBER"</span><span class="sy0">,</span>
<span class="co1">//"userobm_system" =&gt; ,</span>
<span class="co1">//"userobm_nomade_datebegin" =&gt; ,</span>
<span class="co1">//"userobm_nomade_dateend" =&gt; ,</span>
<span class="co1">//"userobm_location" =&gt; ,</span>
<span class="co1">//"userobm_education" =&gt; ,</span>
<span class="br0">)</span><span class="sy0">,</span>
<span class="br0">)</span><span class="sy0">;</span></pre>
<p>
Paramètres:
</p>
<ul>
<li class="level1"><div class="li"> <strong>url_logout</strong>: <abbr title="Uniform Resource Locator">URL</abbr> utilisée par OBM pour les déconnexions, sera appelée par <abbr title="LemonLDAP::NG">LL::NG</abbr></div>
</li>
<li class="level1"><div class="li"> <strong>headers_map</strong>: établit la correspondance entre les champs internes d'OBM et les en-têtes <abbr title="LemonLDAP::NG">LL::NG</abbr></div>
</li>
</ul>
<p>
Éditer également la configuration d'OBM pour activer le « handler » <abbr title="LemonLDAP::NG">LL::NG</abbr> :
</p>
<ul>
<li class="level1"><div class="li"> Pour Apache:</div>
</li>
</ul>
<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
<span class="kw1">ServerName</span> obm.example.com
&nbsp;
<span class="co1"># Protection SSO</span>
PerlHeaderParserHandler Lemonldap::NG::Handler
&nbsp;
<span class="kw1">DocumentRoot</span> /usr/share/obm/php
&nbsp;
...
&nbsp;
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>
<ul>
<li class="level1"><div class="li"> Pour Nginx:</div>
</li>
</ul>
<pre class="code file nginx">server {
listen 80;
server_name obm.example.com;
root /usr/share/obm/php;
# Requête interne d'authentification
location = /lmauth {
internal;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
# Ignorer les données postées
fastcgi_pass_request_body off;
fastcgi_param CONTENT_LENGTH "";
# Conserver le nom d'hôte original
fastcgi_param HOST $http_host;
# Conserver la requête originale (le serveur LLNG va recevoir /llauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
&nbsp;
# Requêtes clients
location ~ \.php$ {
auth_request /lmauth;
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
auth_request_set $lmlocation $upstream_http_location;
error_page 401 $lmlocation;
try_files $uri $uri/ =404;
&nbsp;
...
&nbsp;
include /etc/lemonldap-ng/nginx-lua-headers.conf;
}
location / {
try_files $uri $uri/ =404;
}
}</pre>
</div><!-- EDIT4 SECTION "OBM" [516-7008] -->
<h3 class="sectionedit5" id="llng">LL::NG</h3>
<div class="level3">
</div>
<h4 id="attributes_and_macros">Attributs et macros</h4>
<div class="level4">
<p>
Il faut collecter tous les attributs nécessaires pour créer un compte OBM :
</p>
<ul>
<li class="level1"><div class="li"> Prénom</div>
</li>
<li class="level1"><div class="li"> Nom</div>
</li>
<li class="level1"><div class="li"> login</div>
</li>
<li class="level1"><div class="li"> Mail</div>
</li>
<li class="level1"><div class="li"></div>
</li>
</ul>
<p>
Pour ajouter ces attributs, aller dans le manager, <code>Variables</code> » <code>Variables exportées</code>.
</p>
<div class="noteimportant">S'il est prévu de transmettre le mot-de-passe utilisateur à OBM, <a href="../passwordstore.html" class="wikilink1" title="documentation:2.0:passwordstore">conserver le mot-de-passe dans la session</a>.
</div>
<p>
Il est également possible de créer ces macros pour gérer le compte administrateur OBM (<code>Variables</code> » <code>Macros</code>):
</p>
<div class="table sectionedit6"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0">champ </th><th class="col1">valeur </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0"> uidR </td><td class="col1 leftalign"> ($uid =~ /^admin0/i)[0] ? "admin0\@global.virt" : $uid </td>
</tr>
<tr class="row2 roweven">
<td class="col0 leftalign"> mailR </td><td class="col1 leftalign"> ($uid =~ /^admin0/i)[0] ? "" : ($mail =~ /^([^@]+)/)[0] . "\@example.com" </td>
</tr>
</table></div><!-- EDIT6 TABLE [7522-7701] -->
</div>
<h4 id="virtual_host">Hôte virtuel</h4>
<div class="level4">
<p>
Créer l'hôte virtuel OBM (par exemple obm.example.com) dans la configuration <abbr title="LemonLDAP::NG">LL::NG</abbr> : <code>Hôtes virtuels</code> » <code>Nouvel hôte virtuel</code>.
</p>
<p>
Éditer ensuite les règles et en-têtes.
</p>
</div>
<h5 id="rules">Règles</h5>
<div class="level5">
<p>
Definir au moins :
</p>
<ul>
<li class="level1"><div class="li"> <strong>Règle default</strong> : qui peut accéder à l'application</div>
</li>
<li class="level1"><div class="li"> <strong>Règle logout</strong> : intercepter la déconnexion OBM</div>
</li>
<li class="level1"><div class="li"> <strong>Exceptions</strong> : autoriser l'accès anonyme pour les URLs spécifiques (connecteurs, etc.)</div>
</li>
</ul>
<div class="table sectionedit7"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0">champ </th><th class="col1">valeur </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0">^/logout</td><td class="col1">logout_sso</td>
</tr>
<tr class="row2 roweven">
<td class="col0">^/obm-sync</td><td class="col1">unprotect</td>
</tr>
<tr class="row3 rowodd">
<td class="col0">^/minig</td><td class="col1">unprotect</td>
</tr>
<tr class="row4 roweven">
<td class="col0">^/Microsoft-Server-ActiveSync</td><td class="col1">unprotect</td>
</tr>
<tr class="row5 rowodd">
<td class="col0">^/caldav</td><td class="col1">unprotect</td>
</tr>
<tr class="row6 roweven">
<td class="col0">default</td><td class="col1">accept (ou la valeur désirée)</td>
</tr>
</table></div><!-- EDIT7 TABLE [8083-8306] -->
</div>
<h5 id="headers">En-têtes</h5>
<div class="level5">
<p>
Definir les en-têtes utilisés pour les correspondances OBM, par exemple :
</p>
<div class="table sectionedit8"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0">champ </th><th class="col1">valeur </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0">OBM_GIVENNAME</td><td class="col1">$givenName</td>
</tr>
<tr class="row2 roweven">
<td class="col0">OBM_GROUPS</td><td class="col1">$groups</td>
</tr>
<tr class="row3 rowodd">
<td class="col0">OBM_UID</td><td class="col1">$uidR</td>
</tr>
<tr class="row4 roweven">
<td class="col0">OBM_MAIL</td><td class="col1">$mailR</td>
</tr>
<tr class="row5 rowodd">
<td class="col0">OBM_USERPASSWORD</td><td class="col1">$_password</td>
</tr>
</table></div><!-- EDIT8 TABLE [8372-8500] -->
</div>
<h4 id="other">Autres</h4>
<div class="level4">
<p>
Ne pas oblier d'ajouter OBM dans le <a href="../portalmenu.html#categories_and_applications" class="wikilink1" title="documentation:2.0:portalmenu">menu des applications</a>.
</p>
</div><!-- EDIT5 SECTION "LL::NG" [7009-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/obm_logo.png_documentation_2.0_applications_obm.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:obm_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="obm.html"/>
<link rel="contents" href="obm.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:obm_logo.png </h1>
<div class="content">
<a href="obm_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="145" height="80" class="img_detail" alt="obm_logo.png" title="obm_logo.png" src="obm_logo.a692fa6793fe87c4f20291b6b961fd8e.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> obm_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>obm_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>13KB</dd><dt>Width:</dt><dd>145</dd><dt>Height:</dt><dd>80</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="obm.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:obm [B]">Back to documentation:2.0:applications:obm</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

180
po-doc/fr/pages/documentation/current/applications/office365.html
View File

@ -1,180 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:office365</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,office365"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="office365.html"/>
<link rel="contents" href="office365.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:office365","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#office_3651">Office 365</a></div></li>
<li class="level2"><div class="li"><a href="#lemonldapng">LemonLDAP::NG</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="office_365">Office 365</h1>
<div class="level1">
<p>
<img src="logo_office_365.png" class="mediacenter" alt="" />
</p>
</div><!-- EDIT1 SECTION "Office 365" [1-74] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="https://en.wikipedia.org/wiki/Office_365" class="urlextern" title="https://en.wikipedia.org/wiki/Office_365" rel="nofollow">Office 365</a> provides online access to Microsoft products like Office, Outlook or Yammer. Authentication is done on <a href="https://login.microsoftonline.com/" class="urlextern" title="https://login.microsoftonline.com/" rel="nofollow">https://login.microsoftonline.com/</a> and can be forwarded to an <abbr title="Security Assertion Markup Language">SAML</abbr> Identity Provider.
</p>
</div><!-- EDIT2 SECTION "Presentation" [75-346] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Configuration" [347-373] -->
<h3 class="sectionedit4" id="office_3651">Office 365</h3>
<div class="level3">
<p>
You first need to install AzureAD PowerShell to be able to run administrative commands.
</p>
<p>
Then run this script:
</p>
<pre class="code bash"><span class="re1">$dom</span> = <span class="st0">"mycompany.com"</span>
<span class="re1">$brand</span> = <span class="st0">"My Company"</span>
<span class="re1">$url</span> = <span class="st0">"https://auth.example.com/saml/singleSignOn"</span>
<span class="re1">$uri</span> = <span class="st0">"https://auth.example.com/saml/metadata"</span>
<span class="re1">$logouturl</span> = <span class="st0">"https://auth.example.com/?logout=1"</span>
<span class="re1">$cert</span> = <span class="st0">"xxxxxxxxxxxxxxxxxxx"</span>
&nbsp;
Set-MsolDomainAuthentication DomainName <span class="re1">$dom</span> <span class="re5">-FederationBrandName</span> <span class="re1">$brand</span> <span class="re5">-Authentication</span> Federated <span class="re5">-PassiveLogOnUri</span> <span class="re1">$url</span> <span class="re5">-SigningCertificate</span> <span class="re1">$cert</span> <span class="re5">-IssuerUri</span> <span class="re1">$uri</span> <span class="re5">-LogOffUri</span> <span class="re1">$logouturl</span> <span class="re5">-PreferredAuthenticationProtocol</span> SAMLP</pre>
<p>
Where parameters are:
</p>
<ul>
<li class="level1"><div class="li"> dom: Your Office 365 domain</div>
</li>
<li class="level1"><div class="li"> brand: Simple label</div>
</li>
<li class="level1"><div class="li"> url: The <abbr title="Security Assertion Markup Language">SAML</abbr> <abbr title="Authentification unique (Single Sign On)">SSO</abbr> endpoint</div>
</li>
<li class="level1"><div class="li"> uri: The <abbr title="Security Assertion Markup Language">SAML</abbr> metadata endpoint</div>
</li>
<li class="level1"><div class="li"> logouturl: Logout <abbr title="Uniform Resource Locator">URL</abbr></div>
</li>
<li class="level1"><div class="li"> cert: The <abbr title="Security Assertion Markup Language">SAML</abbr> certificate containing the signature public key</div>
</li>
</ul>
<p>
If you have several Office365 domains, you can't use the same URLs for each domains. To be able to have a single <abbr title="Security Assertion Markup Language">SAML</abbr> IDP for several domains, you must add the 'domain' GET parameters at the end of <abbr title="Authentification unique (Single Sign On)">SSO</abbr> endpoint and metadata URLs, for example:
</p>
<ul>
<li class="level1"><div class="li"> domain 'mycompany.com':</div>
<ul>
<li class="level2"><div class="li"> url: <a href="https://auth.example.com/saml/singleSignOn?domain=mycompany" class="urlextern" title="https://auth.example.com/saml/singleSignOn?domain=mycompany" rel="nofollow">https://auth.example.com/saml/singleSignOn?domain=mycompany</a></div>
</li>
<li class="level2"><div class="li"> uri: <a href="https://auth.example.com/saml/metadata?domain=mycompany" class="urlextern" title="https://auth.example.com/saml/metadata?domain=mycompany" rel="nofollow">https://auth.example.com/saml/metadata?domain=mycompany</a></div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> domain 'myfirm.com':</div>
<ul>
<li class="level2"><div class="li"> url: <a href="https://auth.example.com/saml/singleSignOn?domain=myfirm" class="urlextern" title="https://auth.example.com/saml/singleSignOn?domain=myfirm" rel="nofollow">https://auth.example.com/saml/singleSignOn?domain=myfirm</a></div>
</li>
<li class="level2"><div class="li"> uri: <a href="https://auth.example.com/saml/metadata?domain=myfirm" class="urlextern" title="https://auth.example.com/saml/metadata?domain=myfirm" rel="nofollow">https://auth.example.com/saml/metadata?domain=myfirm</a></div>
</li>
</ul>
</li>
</ul>
</div><!-- EDIT4 SECTION "Office 365" [374-1788] -->
<h3 class="sectionedit5" id="lemonldapng">LemonLDAP::NG</h3>
<div class="level3">
<p>
Create a new <abbr title="Security Assertion Markup Language">SAML</abbr> Service Provider and import Microsoft metadata from <a href="https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml" class="urlextern" title="https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml" rel="nofollow">https://nexus.microsoftonline-p.com/federationmetadata/saml20/federationmetadata.xml</a>
</p>
<p>
Set the NameID value to persistent, or any immutable value for the user.
</p>
<p>
Create a <abbr title="Security Assertion Markup Language">SAML</abbr> attribute named IDPEmail which contains the user principal name (UPN).
</p>
</div><!-- EDIT5 SECTION "LemonLDAP::NG" [1789-] -->
</div>
</body>
</html>

182
po-doc/fr/pages/documentation/current/applications/phpldapadmin.html
View File

@ -1,182 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:phpldapadmin</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,phpldapadmin"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="phpldapadmin.html"/>
<link rel="contents" href="phpldapadmin.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:phpldapadmin","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#phpldapadmin_local_configuration">Configuration locale phpLDAPadmin</a></div></li>
<li class="level2"><div class="li"><a href="#phpldapadmin_virtual_host">Hôte virtuel phpLDAPadmin</a></div></li>
<li class="level2"><div class="li"><a href="#phpldapadmin_virtual_host_in_manager">Hôte virtuel phpLDAPadmin dans le manager</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="phpldapadmin">phpLDAPadmin</h1>
<div class="level1">
<p>
<a href="phpldapadmin_logo.png_documentation_2.0_applications_phpldapadmin.html" class="media" title="applications:phpldapadmin_logo.png"><img src="phpldapadmin_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "phpLDAPadmin" [1-72] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://phpldapadmin.sourceforge.net" class="urlextern" title="http://phpldapadmin.sourceforge.net" rel="nofollow">phpLDAPadmin</a> est un outil d'administration LDAP écrit en PHP.
</p>
<p>
phpLDAPadmin se connecte au serveur avec un <abbr title="Distinguished Name">DN</abbr> et un mot-de-passe statique et ne requiert ainsi aucune authentification. L'accès à phpLDAPadmin sera protégé par LemonLDAP::NG avec une règle particulière d'accès.
</p>
<div class="notewarning">phpLDAPadmin ne connaît donc pas le nom du l'utilisateur connecté au WebSSO. Ainsi un simple utilisateur aura un accès administrateur au serveur LDAP si votre règle d'accès est trop permisive.
</div>
</div><!-- EDIT2 SECTION "Presentation" [73-598] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Configuration" [599-625] -->
<h3 class="sectionedit4" id="phpldapadmin_local_configuration">Configuration locale phpLDAPadmin</h3>
<div class="level3">
<p>
Mettre juste le type d'authentification à <code>config</code> et indiquer le <abbr title="Distinguished Name">DN</abbr> et le mot-de-passe dans le fichier <code>config.php</code>:
</p>
<pre class="code file php"><span class="re0">$ldapservers</span><span class="sy0">-&gt;</span><span class="me1">SetValue</span><span class="br0">(</span><span class="re0">$i</span><span class="sy0">,</span><span class="st_h">'server'</span><span class="sy0">,</span><span class="st_h">'auth_type'</span><span class="sy0">,</span><span class="st_h">'config'</span><span class="br0">)</span><span class="sy0">;</span>
<span class="re0">$ldapservers</span><span class="sy0">-&gt;</span><span class="me1">SetValue</span><span class="br0">(</span><span class="re0">$i</span><span class="sy0">,</span><span class="st_h">'login'</span><span class="sy0">,</span><span class="st_h">'dn'</span><span class="sy0">,</span><span class="st_h">'cn=Manager,dc=example,dc=com'</span><span class="br0">)</span><span class="sy0">;</span>
<span class="re0">$ldapservers</span><span class="sy0">-&gt;</span><span class="me1">SetValue</span><span class="br0">(</span><span class="re0">$i</span><span class="sy0">,</span><span class="st_h">'login'</span><span class="sy0">,</span><span class="st_h">'pass'</span><span class="sy0">,</span><span class="st_h">'secret'</span><span class="br0">)</span><span class="sy0">;</span></pre>
</div><!-- EDIT4 SECTION "phpLDAPadmin local configuration" [626-980] -->
<h3 class="sectionedit5" id="phpldapadmin_virtual_host">Hôte virtuel phpLDAPadmin</h3>
<div class="level3">
<p>
Configurer l'hôte virtuel phpLDAPadmin comme n'importe quel autre <a href="../configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">hôte virtuel protégé</a>.
</p>
<ul>
<li class="level1"><div class="li"> Pour Apache:</div>
</li>
</ul>
<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
<span class="kw1">ServerName</span> phpldapadmin.example.com
&nbsp;
PerlHeaderParserHandler Lemonldap::NG::Handler
&nbsp;
...
&nbsp;
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>
<ul>
<li class="level1"><div class="li"> Pour Nginx:</div>
</li>
</ul>
<pre class="code file nginx">server {
listen 80;
server_name phpldapadmin.example.com;
root /path/to/application;
# Requête interne d'authentification
location = /lmauth {
internal;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
# Ignorer les données postées
fastcgi_pass_request_body off;
fastcgi_param CONTENT_LENGTH "";
# Conserver le nom d'hôte original
fastcgi_param HOST $http_host;
# Conserver la requête originale (le serveur LLNG va recevoir /llauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
&nbsp;
# Requêtes clients
location / {
auth_request /lmauth;
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
auth_request_set $lmlocation $upstream_http_location;
error_page 401 $lmlocation;
try_files $uri $uri/ =404;
&nbsp;
...
&nbsp;
include /etc/lemonldap-ng/nginx-lua-headers.conf;
}
location / {
try_files $uri $uri/ =404;
}
}</pre>
</div><!-- EDIT5 SECTION "phpLDAPadmin virtual host" [981-2256] -->
<h3 class="sectionedit6" id="phpldapadmin_virtual_host_in_manager">Hôte virtuel phpLDAPadmin dans le manager</h3>
<div class="level3">
<p>
Aller dans le manager et <a href="../configvhost.html#lemonldapng_configuration" class="wikilink1" title="documentation:2.0:configvhost">créer un nouvel hôte virtuel</a> pour phpLDAPadmin.
</p>
<p>
Configurer simplement la <a href="../writingrulesand_headers.html#rules" class="wikilink1" title="documentation:2.0:writingrulesand_headers">règle d'accès</a>.
</p>
<p>
Aucun <a href="../writingrulesand_headers.html#headers" class="wikilink1" title="documentation:2.0:writingrulesand_headers">en-tête</a> n'est nécessaire.
</p>
</div><!-- EDIT6 SECTION "phpLDAPadmin virtual host in Manager" [2257-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/phpldapadmin_logo.png_documentation_2.0_applications_phpldapadmin.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:phpldapadmin_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="phpldapadmin.html"/>
<link rel="contents" href="phpldapadmin.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:phpldapadmin_logo.png </h1>
<div class="content">
<a href="phpldapadmin_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="136" height="80" class="img_detail" alt="phpldapadmin_logo.png" title="phpldapadmin_logo.png" src="phpldapadmin_logo.898ec3d9e834a0ad659f5ebbf0e0eaf2.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> phpldapadmin_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>phpldapadmin_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>12KB</dd><dt>Width:</dt><dd>136</dd><dt>Height:</dt><dd>80</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="phpldapadmin.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:phpldapadmin [B]">Back to documentation:2.0:applications:phpldapadmin</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

119
po-doc/fr/pages/documentation/current/applications/roundcube.html
View File

@ -1,119 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:roundcube</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,roundcube"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="roundcube.html"/>
<link rel="contents" href="roundcube.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:roundcube","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#lemonldapng">LemonLDAP::NG</a></div></li>
<li class="level2"><div class="li"><a href="#roundcube1">RoundCube</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="roundcube">RoundCube</h1>
<div class="level1">
</div><!-- EDIT1 SECTION "RoundCube" [1-25] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
Le webmail <a href="http://www.roundcube.net" class="urlextern" title="http://www.roundcube.net" rel="nofollow">RoundCube</a> est un client IMAP web multilingue une interface riche type application. Il fournit toutes les fonctionnalités attendues d'un client email, y compris support MIME, carnet d'adresses, manipulation des dossiers, recherche de messages et correcteur d'orthographe.
</p>
</div><!-- EDIT2 SECTION "Presentation" [26-346] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Configuration" [347-373] -->
<h3 class="sectionedit4" id="lemonldapng">LemonLDAP::NG</h3>
<div class="level3">
<ul>
<li class="level1"><div class="li"> Ajouter un nouvel hôte virtuel webmail.domain.tld</div>
</li>
<li class="level1"><div class="li"> Ajouter une nouvelle règle :</div>
</li>
</ul>
<pre class="code">"^/\?_task\=logout" -&gt; "logout_app https://auth.domain.tld"</pre>
<ul>
<li class="level1"><div class="li"> Dans les en-têtes HTTP, ajouter Auth-User ($mail) and Auth-Pw ($_password).</div>
</li>
</ul>
<div class="noteclassic">Pour savoir comment transmettre les mots de passe à RoundCube, voir <a href="../passwordstore.html" class="wikilink1" title="documentation:2.0:passwordstore">comment stocker le mot de passe dans la session</a>
</div><ul>
<li class="level1"><div class="li"> Configurer l'<a href="../configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">hôte virtuel Apache ou Nginx</a></div>
</li>
</ul>
</div><!-- EDIT4 SECTION "LemonLDAP::NG" [374-790] -->
<h3 class="sectionedit5" id="roundcube1">RoundCube</h3>
<div class="level3">
<ul>
<li class="level1"><div class="li"> installer le plugin http_authentication</div>
</li>
<li class="level1"><div class="li"> Le modifier pour remplacer PHP_AUTH_* par HTTP_AUTH_*</div>
</li>
<li class="level1"><div class="li"> activer le plugin http_authentication dans main.inc.php :</div>
</li>
</ul>
<pre class="code file php"><span class="re0">$rcmail_config</span><span class="br0">[</span><span class="st_h">'plugins'</span><span class="br0">]</span> <span class="sy0">=</span> <a href="http://www.php.net/array"><span class="kw3">array</span></a><span class="br0">(</span><span class="st_h">'http_authentication'</span><span class="br0">)</span><span class="sy0">;</span></pre>
</div><!-- EDIT5 SECTION "RoundCube" [791-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/salesforce-logo.jpg_documentation_2.0_applications_salesforce.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:salesforce-logo.jpg [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="salesforce.html"/>
<link rel="contents" href="salesforce.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:salesforce-logo.jpg </h1>
<div class="content">
<a href="salesforce-logo.0fea6a13c52b4d4725368f24b045ca84.jpeg" title="View original file"><img width="150" height="95" class="img_detail" alt="salesforce-logo.jpg" title="salesforce-logo.jpg" src="salesforce-logo.2217574689cb70fa0fedc777d452e6ff.jpeg"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> salesforce-logo.jpg</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2014/12/22 18:05</dd><dt>Filename:</dt><dd>salesforce-logo.jpg</dd><dt>Format:</dt><dd>JPEG</dd><dt>Size:</dt><dd>15KB</dd><dt>Width:</dt><dd>150</dd><dt>Height:</dt><dd>95</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="salesforce.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:salesforce [B]">Back to documentation:2.0:applications:salesforce</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

219
po-doc/fr/pages/documentation/current/applications/salesforce.html
View File

@ -1,219 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:salesforce</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,salesforce"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="salesforce.html"/>
<link rel="contents" href="salesforce.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:salesforce","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#create_salesforce_domain">Créer le domaine Salesforce</a></div></li>
<li class="level2"><div class="li"><a href="#saml_settings">Paramètres SAML</a></div></li>
<li class="level2"><div class="li"><a href="#configure_federation_id">Configurer l'identifiant de fédération</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="salesforce">SalesForce</h1>
<div class="level1">
<p>
<a href="salesforce-logo.jpg_documentation_2.0_applications_salesforce.html" class="media" title="applications:salesforce-logo.jpg"><img src="salesforce-logo.jpeg" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "SalesForce" [1-68] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<span class="curid"><a href="salesforce.html" class="wikilink1" title="documentation:2.0:applications:salesforce">Salesforce</a></span> Salesforce Inc. est une entreprise d'infonuagique (cloud). Elle est connue pour ses CRM et applications de réseaux sociaux.
</p>
<p>
It allows one to use <abbr title="Security Assertion Markup Language">SAML</abbr> to authenticate users. Il peut utiliser les modes initiés par le SP ou l'IdP.
</p>
<p>
Cette page présente le mode initié par le SP.
</p>
<p>
Pour fonctionner avec <abbr title="LemonLDAP::NG">LL::NG</abbr> il faut :
</p>
<ul>
<li class="level1"><div class="li"> <abbr title="LemonLDAP::NG">LL::NG</abbr> configuré comme <a href="../idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">fournisseur d'identité SAML</a></div>
</li>
</ul>
</div><!-- EDIT2 SECTION "Presentation" [69-472] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
<p>
Il est nécessaire d'avoir configuré <abbr title="LemonLDAP::NG">LL::NG</abbr> comme <a href="../idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">fournisseur d'identité SAML</a>,
</p>
</div><!-- EDIT3 SECTION "Configuration" [473-578] -->
<h3 class="sectionedit4" id="create_salesforce_domain">Créer le domaine Salesforce</h3>
<div class="level3">
<p>
<a href="my_domain_salesforce-resize-web.png_documentation_2.0_applications_salesforce.html" class="media" title="applications:my_domain_salesforce-resize-web.png"><img src="my_domain_salesforce-resize-web.png" class="mediacenter" alt="" /></a>
</p>
<p>
Pour utiliser le mode initié par le SP, il faut créer le domaine salesforce. Cette création prend jusqu'à 1 heure. (au-dessus d'1h, il y a un problème. Ces problèmes sont généralement résolus en moins de 72 heures)
</p>
<p>
Ensuite <strong>deployer</strong> ce domaine pour accéder à sa configuration.
</p>
<p>
Finalement, vérifier que :
</p>
<ul>
<li class="level1"><div class="li"> La politique de connexion</div>
</li>
<li class="level1"><div class="li"> La politique de redirection</div>
</li>
<li class="level1"><div class="li"> le nom de domaine</div>
</li>
<li class="level1"><div class="li"> le service d'authentification</div>
</li>
</ul>
<p>
correspondent aux bonnes valeurs. (adapter le domaine si nécessaire)
</p>
<div class="noteimportant">Pour l'instant, le paramètre du service d'authentification ne dispose pas d'un domaine disponible. Il faudra revenir plus tard pour adapter ce paramètre. Une fois que la cinématique <abbr title="Security Assertion Markup Language">SAML</abbr> fonctionne, mettre le domaine, et supprimer le formulaire de connexion, la redirection se fera alors automatiquement vers le fournisseur d'identité (plus besoin de cliquer pour l'utilisateur). Noter que l'on peut toujours accéder à Salesforce par la page générale de connexion : <a href="https://login.salesforce.com" class="urlextern" title="https://login.salesforce.com" rel="nofollow">https://login.salesforce.com</a>
</div>
</div><!-- EDIT4 SECTION "Create Salesforce domain" [579-1570] -->
<h3 class="sectionedit5" id="saml_settings">Paramètres SAML</h3>
<div class="level3">
<p>
Salesforce ne peut pas lire les métadatas, il faut les indiquer dans un formulaire.
</p>
<p>
<a href="saml_sso_settings-resize-web.png_documentation_2.0_applications_salesforce.html" class="media" title="applications:saml_sso_settings-resize-web.png"><img src="saml_sso_settings-resize-web.png" class="mediacenter" alt="" /></a>
</p>
<p>
Aller dans les paramètres SSO de <abbr title="Security Assertion Markup Language">SAML</abbr> et y indiquer :
</p>
<ul>
<li class="level1"><div class="li"> Name&nbsp;: devrait être automatiquement renseigné avec votre domaine</div>
</li>
<li class="level1"><div class="li"> <abbr title="Security Assertion Markup Language">SAML</abbr> Version : vérifier que la version 2.0 est utilisée</div>
</li>
<li class="level1"><div class="li"> Issuer : c'est l'identifiant d'entité de LemonLDAP::NG, qui est par défaut #PORTAL#/saml/metadata</div>
</li>
<li class="level1"><div class="li"> Identity Provider Certificate: whereas it is mentioned that this is the authentication certificate, you must give your LemonLDAP::NG (IdP) signing certificate. S'il n'en dispose pas, en créer un avec la paire de clef déjà générée (on peut le faire avec openssl). "SSL authentication (https)" ne semble pas devoir être sélectionné.</div>
</li>
<li class="level1"><div class="li"> Signing Certificate : choisir un certificat pour la signature du SP. (en créer un à défaut)</div>
</li>
<li class="level1"><div class="li"> Assertion decryption Certificate : choisir un certificat seulement si on veut chiffrer les assertions. (aucun par défaut)</div>
</li>
<li class="level1"><div class="li"> <abbr title="Security Assertion Markup Language">SAML</abbr> Identity Type : choisir "Federation ID". Ceci signifie que l'identifiant utilisateur correspondra avec le champ Federation ID. (voir section suivante)</div>
</li>
<li class="level1"><div class="li"> <abbr title="Security Assertion Markup Language">SAML</abbr> Identity Location : choisir si l'identifiant utilisateur est maintenu dans le sujet ou dans un autre attribut</div>
</li>
<li class="level1"><div class="li"> Identity Provider Login <abbr title="Uniform Resource Locator">URL</abbr> : l'emplacement du portail utilisateur/mot-de-passe <abbr title="Security Assertion Markup Language">SAML</abbr> dans l'IdP</div>
</li>
<li class="level1"><div class="li"> Identity Provider Logout <abbr title="Uniform Resource Locator">URL</abbr> : l'URL de déconnexion de l'IdP</div>
</li>
<li class="level1"><div class="li"> Custom Error <abbr title="Uniform Resource Locator">URL</abbr> : on peut rediriger l'utilisateur sur une page particulière en cas d'erreur</div>
</li>
<li class="level1"><div class="li"> SP Initiated Binding : choisir n'importe quel protocole supporté (ils le sont actuellement tous par LemonLDAP::NG), HTTP POST est un bon choix</div>
</li>
<li class="level1"><div class="li"> Salesforce Login <abbr title="Uniform Resource Locator">URL</abbr> : générée automatiquement. C'est le point d'entrée de la cinématique de connexion.</div>
</li>
<li class="level1"><div class="li"> OAuth 2.0 Token Endpoint : pas utilisé ici</div>
</li>
<li class="level1"><div class="li"> <abbr title="Interface de programmation">API</abbr> Name : renseigné automatiquement</div>
</li>
<li class="level1"><div class="li"> User Provisioning Enabled : création automatique des utilisateurs dans Salesforce (pas fonctionnel à l'heure actuelle)</div>
</li>
<li class="level1"><div class="li"> EntityId : identifiant d'entité Salesforce (le SP). Remplir ce champ en conséquence. Ce devrait être la même valeur que l'URL du domaine indiqué dans la section précédente</div>
</li>
</ul>
</div><!-- EDIT5 SECTION "SAML settings" [1571-3682] -->
<h3 class="sectionedit6" id="configure_federation_id">Configurer l'identifiant de fédération</h3>
<div class="level3">
<p>
Finalement, configurer pour chaque utilisateur son identifiant de fédération. Ce sera le lien entre l'assertion <abbr title="Security Assertion Markup Language">SAML</abbr> provenant de LemonLDAP::NG (l'IdP) et l'identifiant Salesforce. Ici, le mail a été choisi comme identifiant utilisateur.
</p>
<p>
<a href="user_federation_id-resize-web.png_documentation_2.0_applications_salesforce.html" class="media" title="applications:user_federation_id-resize-web.png"><img src="user_federation_id-resize-web.png" class="mediacenter" alt="" /></a>
</p>
<p>
Une fois ceci terminé, cliquer pour exporter les métadatas Salesforce et les importer dans LemonLDAP::NG, dans la déclaration du fournisseur de service Salesforce.
</p>
<p>
Voir <a href="../idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">Enregistrer un fournisseur de service dans LemonLDAP::NG</a>.
</p>
</div><!-- EDIT6 SECTION "Configure Federation ID" [3683-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/saml_sso_settings-resize-web.png_documentation_2.0_applications_salesforce.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:saml_sso_settings-resize-web.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="salesforce.html"/>
<link rel="contents" href="salesforce.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:saml_sso_settings-resize-web.png </h1>
<div class="content">
<a href="saml_sso_settings-resize-web.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="800" height="415" class="img_detail" alt="saml_sso_settings-resize-web.png" title="saml_sso_settings-resize-web.png" src="saml_sso_settings-resize-web.0038566eafdf98a5d2ac17b75df795bf.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> saml_sso_settings-resize-web.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>saml_sso_settings-resize-web.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>106KB</dd><dt>Width:</dt><dd>800</dd><dt>Height:</dt><dd>415</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="salesforce.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:salesforce [B]">Back to documentation:2.0:applications:salesforce</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

78
po-doc/fr/pages/documentation/current/applications/sap.html
View File

@ -1,78 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:sap</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,sap"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="sap.html"/>
<link rel="contents" href="sap.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:sap","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="sap">SAP</h1>
<div class="level1">
<p>
<a href="saplogo.gif_documentation_2.0_applications_sap.html" class="media" title="applications:saplogo.gif"><img src="saplogo.gif" class="mediacenter" title="SAP" alt="SAP" /></a>
</p>
</div><!-- EDIT1 SECTION "SAP" [1-56] -->
<h2 class="sectionedit2" id="http_header">HTTP header</h2>
<div class="level2">
<p>
Read the following documentation: <a href="http://help.sap.com/saphelp_nw70/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm" class="urlextern" title="http://help.sap.com/saphelp_nw70/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm" rel="nofollow">http://help.sap.com/saphelp_nw70/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm</a>
</p>
</div><!-- EDIT2 SECTION "HTTP header" [57-208] -->
<h2 class="sectionedit3" id="saml">SAML</h2>
<div class="level2">
<p>
Read the following documentation: <a href="https://help.sap.com/saphelp_nw70/helpdata/en/94/695b3ebd564644e10000000a114084/content.htm" class="urlextern" title="https://help.sap.com/saphelp_nw70/helpdata/en/94/695b3ebd564644e10000000a114084/content.htm" rel="nofollow">https://help.sap.com/saphelp_nw70/helpdata/en/94/695b3ebd564644e10000000a114084/content.htm</a>
</p>
</div><!-- EDIT3 SECTION "SAML" [209-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/saplogo.gif_documentation_2.0_applications_sap.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:saplogo.gif [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="sap.html"/>
<link rel="contents" href="sap.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:saplogo.gif </h1>
<div class="content">
<a href="saplogo.0fea6a13c52b4d4725368f24b045ca84.gif" title="View original file"><img width="73" height="36" class="img_detail" alt="saplogo.gif" title="saplogo.gif" src="saplogo.951291dc5d49a61fed6af1b6c94c5cf5.gif"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> saplogo.gif</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>saplogo.gif</dd><dt>Format:</dt><dd>GIF</dd><dt>Size:</dt><dd>538B</dd><dt>Width:</dt><dd>73</dd><dt>Height:</dt><dd>36</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="sap.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:sap [B]">Back to documentation:2.0:applications:sap</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/screenshot_dokuwiki_configuration.png_documentation_2.0_applications_dokuwiki.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:screenshot_dokuwiki_configuration.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="dokuwiki.html"/>
<link rel="contents" href="dokuwiki.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:screenshot_dokuwiki_configuration.png </h1>
<div class="content">
<a href="screenshot_dokuwiki_configuration.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="898" height="317" class="img_detail" alt="screenshot_dokuwiki_configuration.png" title="screenshot_dokuwiki_configuration.png" src="screenshot_dokuwiki_configuration.5c3b7e8bd8174c47fa38d992a5bf5a62.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> screenshot_dokuwiki_configuration.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2017/11/23 14:30</dd><dt>Filename:</dt><dd>screenshot_dokuwiki_configuration.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>35KB</dd><dt>Width:</dt><dd>898</dd><dt>Height:</dt><dd>317</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="dokuwiki.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:dokuwiki [B]">Back to documentation:2.0:applications:dokuwiki</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

331
po-doc/fr/pages/documentation/current/applications/simplesamlphp.html
View File

@ -1,331 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:simplesamlphp</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,simplesamlphp"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="simplesamlphp.html"/>
<link rel="contents" href="simplesamlphp.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:simplesamlphp","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#pre-requisites">Pre-requisites</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#simplesamlphp1">simpleSAMLphp</a></div></li>
<li class="level2"><div class="li"><a href="#lemonldapng">LemonLDAP::NG</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#simplesamlphp_as_service_provider">simpleSAMLphp as Service Provider</a></div></li>
<li class="level1"><div class="li"><a href="#simplesamlphp_as_identity_provider">simpleSAMLphp as Identity Provider</a></div></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="simplesamlphp">simpleSAMLphp</h1>
<div class="level1">
<p>
<img src="simplesamlphp_logo.png" class="mediacenter" alt="" />
</p>
</div><!-- EDIT1 SECTION "simpleSAMLphp" [1-81] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="https://simplesamlphp.org/" class="urlextern" title="https://simplesamlphp.org/" rel="nofollow">simpleSAMLphp</a> is an identity/service provider written in PHP. It supports a lot of protocols like <abbr title="Central Authentication Service">CAS</abbr>, OpenID and <abbr title="Security Assertion Markup Language">SAML</abbr>.
</p>
<p>
This documentation explains how to interconnect LemonLDAP::NG and simpleSAMLphp using <abbr title="Security Assertion Markup Language">SAML</abbr> 2.0 protocol.
</p>
</div><!-- EDIT2 SECTION "Presentation" [82-365] -->
<h2 class="sectionedit3" id="pre-requisites">Pre-requisites</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Pre-requisites" [366-393] -->
<h3 class="sectionedit4" id="simplesamlphp1">simpleSAMLphp</h3>
<div class="level3">
<p>
You need to <a href="https://simplesamlphp.org/docs/stable/simplesamlphp-install" class="urlextern" title="https://simplesamlphp.org/docs/stable/simplesamlphp-install" rel="nofollow">install the software</a>. If using Debian, just do:
</p>
<pre class="code">apt-get install simplesamlphp</pre>
<p>
We suppose that configuration is done in <code>/etc/simplesamlphp</code> and that simpleSAMLphp is accessible at <a href="http://localhost/simplesamlphp" class="urlextern" title="http://localhost/simplesamlphp" rel="nofollow">http://localhost/simplesamlphp</a>.
</p>
<p>
To be able to sign <abbr title="Security Assertion Markup Language">SAML</abbr> messages, you need to create a certificate. First set where certificates are stored:
</p>
<pre class="code">vi /etc/simplesamlphp/config.php</pre>
<pre class="code file php"> <span class="st_h">'certdir'</span> <span class="sy0">=&gt;</span> <span class="st_h">'/etc/simplesamlphp/certs/'</span><span class="sy0">,</span></pre>
<p>
Create directory and generate the certificate
</p>
<pre class="code">mkdir /etc/simplesamlphp/certs/
cd /etc/simplesamlphp/certs/
openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out saml.crt -keyout saml.pem</pre>
<p>
Then associate this certificate to the default SP:
</p>
<pre class="code">vi /etc/simplesamlphp/authsources.php</pre>
<pre class="code file php"> <span class="st_h">'default-sp'</span> <span class="sy0">=&gt;</span> <a href="http://www.php.net/array"><span class="kw3">array</span></a><span class="br0">(</span>
<span class="st_h">'saml:SP'</span><span class="sy0">,</span>
<span class="st_h">'privatekey'</span> <span class="sy0">=&gt;</span> <span class="st_h">'saml.pem'</span><span class="sy0">,</span>
<span class="st_h">'certificate'</span> <span class="sy0">=&gt;</span> <span class="st_h">'saml.crt'</span><span class="sy0">,</span></pre>
</div><!-- EDIT4 SECTION "simpleSAMLphp" [394-1396] -->
<h3 class="sectionedit5" id="lemonldapng">LemonLDAP::NG</h3>
<div class="level3">
<p>
You need to configure <a href="../samlservice.html" class="wikilink1" title="documentation:2.0:samlservice">SAML Service</a>. Be sure to convert public key in a certificate, as described in the <a href="../samlservice.html#security_parameters" class="wikilink1" title="documentation:2.0:samlservice">security chapter</a> as simpleSAMLphp can't use the public key.
</p>
</div><!-- EDIT5 SECTION "LemonLDAP::NG" [1397-1648] -->
<h2 class="sectionedit6" id="simplesamlphp_as_service_provider">simpleSAMLphp as Service Provider</h2>
<div class="level2">
<p>
We suppose you configured LemonLDAP::NG as <a href="../idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">SAML Identity Provider</a> and want to use simpleSAMLphp as Service Provider.
</p>
<p>
In <abbr title="LemonLDAP::NG">LL::NG</abbr> Manager, create an new SP and load simpleSAMLphp metadata trough <abbr title="Uniform Resource Locator">URL</abbr> (by default: <a href="http://localhost/simplesamlphp/module.php/saml/sp/metadata.php/default-sp" class="urlextern" title="http://localhost/simplesamlphp/module.php/saml/sp/metadata.php/default-sp" rel="nofollow">http://localhost/simplesamlphp/module.php/saml/sp/metadata.php/default-sp</a>):
</p>
<p>
<img src="simplesamlphp_sp_metadata.png" class="mediacenter" alt="" />
</p>
<p>
Then set some attributes that will be sent to simpleSAMLphp:
</p>
<p>
<img src="simplesamlphp_sp_attributes.png" class="mediacenter" alt="" />
</p>
<div class="notetip">Set <code>Mandatory</code> to <code>On</code> to force attributes in authentication response.
</div>
<p>
You can also force all signatures:
</p>
<p>
<img src="simplesamlphp_sp_signature.png" class="mediacenter" alt="" />
</p>
<p>
On simpleSAMLphp side, use the metadata converter (by default: <a href="http://localhost/simplesamlphp/admin/metadata-converter.php" class="urlextern" title="http://localhost/simplesamlphp/admin/metadata-converter.php" rel="nofollow">http://localhost/simplesamlphp/admin/metadata-converter.php</a>) to convert <abbr title="LemonLDAP::NG">LL::NG</abbr> metadata (by default: <a href="http://auth.example.com/saml/metadata" class="urlextern" title="http://auth.example.com/saml/metadata" rel="nofollow">http://auth.example.com/saml/metadata</a>) into internal PHP representation. Copy the <code>saml20-idp-remote</code> content:
</p>
<pre class="code">vi /etc/simplesamlphp/metadata/saml20-idp-remote.php</pre>
<pre class="code file php"><span class="kw2"><?php</span>
<span class="re0">$metadata</span><span class="br0">[</span><span class="st_h">'http://auth.example.com/saml/metadata'</span><span class="br0">]</span> <span class="sy0">=</span> <a href="http://www.php.net/array"><span class="kw3">array</span></a> <span class="br0">(</span>
<span class="st_h">'entityid'</span> <span class="sy0">=&gt;</span> <span class="st_h">'http://auth.example.com/saml/metadata'</span><span class="sy0">,</span>
<span class="sy0">...</span>
<span class="co1">// Add this option to force SLO requests signature</span>
<span class="st_h">'sign.logout'</span> <span class="sy0">=&gt;</span> <span class="kw4">true</span><span class="sy0">,</span>
<span class="br0">)</span><span class="sy0">;</span>
<span class="sy1">?></span></pre>
<div class="notetip">Don't forget PHP start and end tag to have a valid PHP file.
</div>
<p>
All is ready, you can now test the authentication (by default: <a href="http://localhost/simplesamlphp/module.php/core/authenticate.php" class="urlextern" title="http://localhost/simplesamlphp/module.php/core/authenticate.php" rel="nofollow">http://localhost/simplesamlphp/module.php/core/authenticate.php</a>). You should see something like that:
</p>
<p>
<img src="simplesamlphp_sp_authentication.png" class="mediacenter" alt="" />
</p>
</div><!-- EDIT6 SECTION "simpleSAMLphp as Service Provider" [1649-3258] -->
<h2 class="sectionedit7" id="simplesamlphp_as_identity_provider">simpleSAMLphp as Identity Provider</h2>
<div class="level2">
<p>
We suppose you configured LemonLDAP::NG as <a href="../authsaml.html" class="wikilink1" title="documentation:2.0:authsaml">SAML Service Provider</a> and want to use simpleSAMLphp as Identity Provider.
</p>
<p>
First, you need to activate IDP feature in simpleSAMLphp:
</p>
<pre class="code">vi /etc/simplesamlphp/config.php</pre>
<pre class="code file php"> <span class="st_h">'enable.saml20-idp'</span> <span class="sy0">=&gt;</span> <span class="kw4">true</span><span class="sy0">,</span></pre>
<p>
And create a default IDP configuration:
</p>
<pre class="code">vi /etc/simplesamlphp/metadata/saml20-idp-hosted.php</pre>
<pre class="code file php"><span class="kw2"><?php</span>
<span class="re0">$metadata</span><span class="br0">[</span><span class="st_h">'__DYNAMIC:1__'</span><span class="br0">]</span> <span class="sy0">=</span> <a href="http://www.php.net/array"><span class="kw3">array</span></a><span class="br0">(</span>
<span class="coMULTI">/*
* The hostname for this IdP. This makes it possible to run multiple
* IdPs from the same configuration. '__DEFAULT__' means that this one
* should be used by default.
*/</span>
<span class="st_h">'host'</span> <span class="sy0">=&gt;</span> <span class="st_h">'__DEFAULT__'</span><span class="sy0">,</span>
&nbsp;
<span class="coMULTI">/*
* The private key and certificate to use when signing responses.
* These are stored in the cert-directory.
*/</span>
<span class="st_h">'privatekey'</span> <span class="sy0">=&gt;</span> <span class="st_h">'saml.pem'</span><span class="sy0">,</span>
<span class="st_h">'certificate'</span> <span class="sy0">=&gt;</span> <span class="st_h">'saml.crt'</span><span class="sy0">,</span>
&nbsp;
<span class="coMULTI">/*
* The authentication source which should be used to authenticate the
* user. This must match one of the entries in config/authsources.php.
*/</span>
<span class="st_h">'auth'</span> <span class="sy0">=&gt;</span> <span class="st_h">'admin'</span><span class="sy0">,</span>
<span class="co1">// Sign SLO messages</span>
<span class="st_h">'sign.logout'</span> <span class="sy0">=&gt;</span> <span class="kw4">true</span><span class="sy0">,</span>
<span class="br0">)</span><span class="sy0">;</span>
<span class="sy1">?></span></pre>
<div class="noteimportant">You need to configure your own certificates and authentication scheme
</div>
<p>
Now in <abbr title="LemonLDAP::NG">LL::NG</abbr> Manager, create a new IDP and import metadata with <abbr title="Uniform Resource Locator">URL</abbr> (by default: <a href="http://localhost/simplesamlphp/saml2/idp/metadata.php" class="urlextern" title="http://localhost/simplesamlphp/saml2/idp/metadata.php" rel="nofollow">http://localhost/simplesamlphp/saml2/idp/metadata.php</a>):
</p>
<p>
<img src="simplesamlphp_idp_metadata.png" class="mediacenter" alt="" />
</p>
<p>
List attributes you want to collect:
</p>
<p>
<img src="simplesamlphp_idp_attributes.png" class="mediacenter" alt="" />
</p>
<div class="notetip">You can keep <code>Mandatory</code> to <code>Off</code> to not fail if attribute is not sent by IDP
</div>
<p>
And activate all signatures:
</p>
<p>
<img src="simplesamlphp_idp_signature.png" class="mediacenter" alt="" />
</p>
<p>
To finish, you need to declare <abbr title="LemonLDAP::NG">LL::NG</abbr> SP in simpleSAMLphp. Use the metadata converter (by default: <a href="http://localhost/simplesamlphp/admin/metadata-converter.php" class="urlextern" title="http://localhost/simplesamlphp/admin/metadata-converter.php" rel="nofollow">http://localhost/simplesamlphp/admin/metadata-converter.php</a>) to convert <abbr title="LemonLDAP::NG">LL::NG</abbr> metadata (by default: <a href="http://auth.example.com/saml/metadata" class="urlextern" title="http://auth.example.com/saml/metadata" rel="nofollow">http://auth.example.com/saml/metadata</a>) into internal PHP representation. Copy the <code>saml20-sp-remote</code> content:
</p>
<pre class="code">vi /etc/simplesamlphp/metadata/saml20-sp-remote.php</pre>
<pre class="code file php"><span class="kw2"><?php</span>
<span class="re0">$metadata</span><span class="br0">[</span><span class="st_h">'http://auth.example.com/saml/metadata'</span><span class="br0">]</span> <span class="sy0">=</span> <a href="http://www.php.net/array"><span class="kw3">array</span></a> <span class="br0">(</span>
<span class="st_h">'entityid'</span> <span class="sy0">=&gt;</span> <span class="st_h">'http://auth.example.com/saml/metadata'</span><span class="sy0">,</span>
<span class="sy0">...</span>
<span class="br0">)</span><span class="sy0">;</span>
<span class="sy1">?></span></pre>
<div class="notetip">Don't forget PHP start and end tag to have a valid PHP file.
</div>
<p>
All is ready, you can now test the authentication from <abbr title="LemonLDAP::NG">LL::NG</abbr> portal.
</p>
</div><!-- EDIT7 SECTION "simpleSAMLphp as Identity Provider" [3259-] -->
</div>
</body>
</html>

101
po-doc/fr/pages/documentation/current/applications/spring.html
View File

@ -1,101 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:spring</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,spring"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="spring.html"/>
<link rel="contents" href="spring.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:spring","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="spring_security_acegi">Sécurité Spring (ACEGI)</h1>
<div class="level1">
<p>
<a href="spring_logo.png_documentation_2.0_applications_spring.html" class="media" title="applications:spring_logo.png"><img src="spring_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "Spring Security (ACEGI)" [1-77] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://static.springsource.org/spring-security/site/" class="urlextern" title="http://static.springsource.org/spring-security/site/" rel="nofollow">Spring Security</a> est le nouveau nom d'ACEGI. C'est le très connu framework de sécurité des applications J2EE.
</p>
<p>
Spring Security fournit un mécansime de <code>pre-authentification</code> par défaut qui peut être utilisé pour connecter une application J2EE à <abbr title="LemonLDAP::NG">LL::NG</abbr>.
</p>
</div><!-- EDIT2 SECTION "Presentation" [78-394] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
<p>
Les informations appropriées se trouvent ici : <a href="http://static.springsource.org/spring-security/site/docs/3.0.x/reference/preauth.html" class="urlextern" title="http://static.springsource.org/spring-security/site/docs/3.0.x/reference/preauth.html" rel="nofollow">http://static.springsource.org/spring-security/site/docs/3.0.x/reference/preauth.html</a>
</p>
<p>
En résumé, pour connecter les utilisateurs vie l'entête HTTP <code>Auth-User</code>, utiliser cette configuration de Spring Security :
</p>
<pre class="code file xml"><span class="sc3"><span class="re1">&lt;bean</span> <span class="re0">id</span>=<span class="st0">"LemonLDAPNGFilter"</span> <span class="re0">class</span>=</span>
<span class="sc3"><span class="st0">"org.springframework.security.web.authentication.preauth.header.RequestHeaderPreAuthenticatedProcessingFilter"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;security:custom-filter</span> <span class="re0">position</span>=<span class="st0">"PRE_AUTH_FILTER"</span> <span class="re2">/&gt;</span></span>
<span class="sc3"><span class="re1">&lt;property</span> <span class="re0">name</span>=<span class="st0">"principalRequestHeader"</span> <span class="re0">value</span>=<span class="st0">"Auth-User"</span><span class="re2">/&gt;</span></span>
<span class="sc3"><span class="re1">&lt;property</span> <span class="re0">name</span>=<span class="st0">"authenticationManager"</span> <span class="re0">ref</span>=<span class="st0">"authenticationManager"</span> <span class="re2">/&gt;</span></span>
<span class="sc3"><span class="re1">&lt;/bean<span class="re2">&gt;</span></span></span>
&nbsp;
<span class="sc3"><span class="re1">&lt;bean</span> <span class="re0">id</span>=<span class="st0">"preauthAuthProvider"</span> <span class="re0">class</span>=<span class="st0">"org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;security:custom-authentication-provider</span> <span class="re2">/&gt;</span></span>
<span class="sc3"><span class="re1">&lt;property</span> <span class="re0">name</span>=<span class="st0">"preAuthenticatedUserDetailsService"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;bean</span> <span class="re0">id</span>=<span class="st0">"userDetailsServiceWrapper"</span> <span class="re0">class</span>=<span class="st0">"org.springframework.security.userdetails.UserDetailsByNameServiceWrapper"</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;property</span> <span class="re0">name</span>=<span class="st0">"userDetailsService"</span> <span class="re0">ref</span>=<span class="st0">"userDetailsService"</span><span class="re2">/&gt;</span></span>
<span class="sc3"><span class="re1">&lt;/bean<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/property<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/bean<span class="re2">&gt;</span></span></span>
&nbsp;
<span class="sc3"><span class="re1">&lt;security:authentication-manager</span> <span class="re0">alias</span>=<span class="st0">"authenticationManager"</span> <span class="re2">/&gt;</span></span></pre>
</div><!-- EDIT3 SECTION "Configuration" [395-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/spring_logo.png_documentation_2.0_applications_spring.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:spring_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="spring.html"/>
<link rel="contents" href="spring.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:spring_logo.png </h1>
<div class="content">
<a href="spring_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="166" height="80" class="img_detail" alt="spring_logo.png" title="spring_logo.png" src="spring_logo.4cb135dd7669739d6cfa8ccb592d88ef.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> spring_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>spring_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>4KB</dd><dt>Width:</dt><dd>166</dd><dt>Height:</dt><dd>80</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="spring.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:spring [B]">Back to documentation:2.0:applications:spring</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

282
po-doc/fr/pages/documentation/current/applications/symfony.html
View File

@ -1,282 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:symfony</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,symfony"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="symfony.html"/>
<link rel="contents" href="symfony.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:symfony","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div></li>
<li class="level1"><div class="li"><a href="#references">Références</a></div></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="php_symfony">PHP (Symfony)</h1>
<div class="level1">
<p>
<a href="symfony_logo.png_documentation_2.0_applications_symfony.html" class="media" title="applications:symfony_logo.png"><img src="symfony_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "PHP (Symfony)" [1-69] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="https://symfony.com/" class="urlextern" title="https://symfony.com/" rel="nofollow">Symfony</a> is the well-known PHP framework. It is intended to ease the development of PHP applications.
</p>
<p>
Symfony provides many methods conventions to authenticate users (basic, ldap,…) and to load external user sources (ldap, database). The method presented here relies on the “remote_user” method. (in security firewall)
</p>
</div><!-- EDIT2 SECTION "Presentation" [70-443] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
<p>
Follow these step to protect your application using the “REMOTE_USER” HTTP header.
</p>
<p>
1. Adapt the app/config/security.yml configuration file as below:
</p>
<pre class="code file json">security:
&nbsp;
encoders:
AppBundle\Security\User\HeaderUser: plaintext
&nbsp;
providers:
header:
id: AppBundle\Security\User\HeaderUserProvider
&nbsp;
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
&nbsp;
main:
pattern: ^/
remote_user:
user: HTTP_REMOTE_USER
provider: header</pre>
<ul>
<li class="level1"><div class="li"> encoders : define a password hashing scheme (useless in our case, but the parameter is mandatory)</div>
</li>
<li class="level1"><div class="li"> providers : define the user providers (even virtual)</div>
</li>
<li class="level1"><div class="li"> remote_user : define the authentication method to “assume the user is already authenticated and get an http variable to know his username”</div>
</li>
<li class="level1"><div class="li"> user : define the HTTP header containing the username</div>
</li>
<li class="level1"><div class="li"> provider : references the previously defined provider owning the user data (in our scenario, a virtual)</div>
</li>
</ul>
<p>
2. Define a “header user” class
</p>
<p>
Create the file src/AppBundle/Security/User/HeaderUser.php :
</p>
<pre class="code file php"><span class="kw2"><?php</span>
&nbsp;
<span class="co1">// src/Security/User/HeaderUser.php</span>
<span class="kw2">namespace</span> AppBundle\Security\User<span class="sy0">;</span>
&nbsp;
<span class="kw2">use</span> Symfony\Component\Security\Core\User\UserInterface<span class="sy0">;</span>
<span class="kw2">use</span> Symfony\Component\Security\Core\User\EquatableInterface<span class="sy0">;</span>
&nbsp;
<span class="kw2">class</span> HeaderUser implements UserInterface<span class="sy0">,</span> EquatableInterface
<span class="br0">{</span>
<span class="kw2">private</span> <span class="re0">$username</span><span class="sy0">;</span>
<span class="kw2">private</span> <span class="re0">$password</span><span class="sy0">;</span>
<span class="kw2">private</span> <span class="re0">$salt</span><span class="sy0">;</span>
<span class="kw2">private</span> <span class="re0">$roles</span><span class="sy0">;</span>
&nbsp;
<span class="kw2">public</span> <span class="kw2">function</span> __construct<span class="br0">(</span><span class="re0">$username</span><span class="sy0">,</span> <span class="re0">$password</span><span class="sy0">,</span> <span class="re0">$salt</span><span class="sy0">,</span> <a href="http://www.php.net/array"><span class="kw3">array</span></a> <span class="re0">$roles</span><span class="br0">)</span>
<span class="br0">{</span>
<span class="re0">$this</span><span class="sy0">-&gt;</span><span class="me1">username</span> <span class="sy0">=</span> <span class="re0">$username</span><span class="sy0">;</span>
<span class="re0">$this</span><span class="sy0">-&gt;</span><span class="me1">password</span> <span class="sy0">=</span> <span class="re0">$password</span><span class="sy0">;</span>
<span class="re0">$this</span><span class="sy0">-&gt;</span><span class="me1">salt</span> <span class="sy0">=</span> <span class="re0">$salt</span><span class="sy0">;</span>
<span class="re0">$this</span><span class="sy0">-&gt;</span><span class="me1">roles</span> <span class="sy0">=</span> <span class="re0">$roles</span><span class="sy0">;</span>
<span class="br0">}</span>
&nbsp;
<span class="kw2">public</span> <span class="kw2">function</span> getRoles<span class="br0">(</span><span class="br0">)</span>
<span class="br0">{</span>
<span class="kw1">return</span> <span class="re0">$this</span><span class="sy0">-&gt;</span><span class="me1">roles</span><span class="sy0">;</span>
<span class="br0">}</span>
&nbsp;
<span class="kw2">public</span> <span class="kw2">function</span> getPassword<span class="br0">(</span><span class="br0">)</span>
<span class="br0">{</span>
<span class="kw1">return</span> <span class="re0">$this</span><span class="sy0">-&gt;</span><span class="me1">password</span><span class="sy0">;</span>
<span class="br0">}</span>
&nbsp;
<span class="kw2">public</span> <span class="kw2">function</span> getSalt<span class="br0">(</span><span class="br0">)</span>
<span class="br0">{</span>
<span class="kw1">return</span> <span class="re0">$this</span><span class="sy0">-&gt;</span><span class="me1">salt</span><span class="sy0">;</span>
<span class="br0">}</span>
<span class="kw2">public</span> <span class="kw2">function</span> getUsername<span class="br0">(</span><span class="br0">)</span>
<span class="br0">{</span>
<span class="kw1">return</span> <span class="re0">$this</span><span class="sy0">-&gt;</span><span class="me1">username</span><span class="sy0">;</span>
<span class="br0">}</span>
&nbsp;
<span class="kw2">public</span> <span class="kw2">function</span> eraseCredentials<span class="br0">(</span><span class="br0">)</span>
<span class="br0">{</span>
<span class="br0">}</span>
&nbsp;
<span class="kw2">public</span> <span class="kw2">function</span> isEqualTo<span class="br0">(</span>UserInterface <span class="re0">$user</span><span class="br0">)</span>
<span class="br0">{</span>
<span class="kw1">if</span> <span class="br0">(</span><span class="sy0">!</span><span class="re0">$user</span> instanceof HeaderUser<span class="br0">)</span> <span class="br0">{</span>
<span class="kw1">return</span> <span class="kw4">false</span><span class="sy0">;</span>
<span class="br0">}</span>
&nbsp;
<span class="kw1">if</span> <span class="br0">(</span><span class="re0">$this</span><span class="sy0">-&gt;</span><span class="me1">username</span> <span class="sy0">!==</span> <span class="re0">$user</span><span class="sy0">-&gt;</span><span class="me1">getUsername</span><span class="br0">(</span><span class="br0">)</span><span class="br0">)</span> <span class="br0">{</span>
<span class="kw1">return</span> <span class="kw4">false</span><span class="sy0">;</span>
<span class="br0">}</span>
&nbsp;
<span class="co1">//if ($this-&gt;password !== $user-&gt;getPassword()) {</span>
<span class="co1">// return false;</span>
<span class="co1">//}</span>
&nbsp;
<span class="kw1">return</span> <span class="kw4">true</span><span class="sy0">;</span>
<span class="br0">}</span>
<span class="br0">}</span>
<span class="sy1">?></span></pre>
<p>
3. Define a “header user provider” class relying on the previous class
</p>
<p>
Create the file src/AppBundle/Security/User/HeaderUserProvider.php :
</p>
<pre class="code file php"><span class="kw2"><?php</span>
&nbsp;
<span class="co1">// src/Security/User/HeaderUserProvider.php</span>
<span class="kw2">namespace</span> AppBundle\Security\User<span class="sy0">;</span>
&nbsp;
<span class="kw2">use</span> AppBundle\Security\User\HeaderUser<span class="sy0">;</span>
<span class="kw2">use</span> Symfony\Component\Security\Core\User\UserProviderInterface<span class="sy0">;</span>
<span class="kw2">use</span> Symfony\Component\Security\Core\User\UserInterface<span class="sy0">;</span>
<span class="kw2">use</span> Symfony\Component\Security\Core\Exception\UsernameNotFoundException<span class="sy0">;</span>
<span class="kw2">use</span> Symfony\Component\Security\Core\Exception\UnsupportedUserException<span class="sy0">;</span>
&nbsp;
<span class="kw2">class</span> HeaderUserProvider implements UserProviderInterface
<span class="br0">{</span>
<span class="kw2">public</span> <span class="kw2">function</span> loadUserByUsername<span class="br0">(</span><span class="re0">$username</span><span class="br0">)</span>
<span class="br0">{</span>
&nbsp;
<span class="kw1">if</span> <span class="br0">(</span><span class="re0">$username</span><span class="br0">)</span> <span class="br0">{</span>
&nbsp;
<span class="re0">$password</span> <span class="sy0">=</span> <span class="st0">"dummy"</span><span class="sy0">;</span>
<span class="re0">$salt</span> <span class="sy0">=</span> <span class="st0">""</span><span class="sy0">;</span>
<span class="re0">$roles</span> <span class="sy0">=</span> <a href="http://www.php.net/array"><span class="kw3">array</span></a><span class="br0">(</span><span class="st_h">'ROLE_USER'</span><span class="br0">)</span><span class="sy0">;</span>
&nbsp;
<span class="kw1">return</span> <span class="kw2">new</span> HeaderUser<span class="br0">(</span><span class="re0">$username</span><span class="sy0">,</span> <span class="re0">$password</span><span class="sy0">,</span> <span class="re0">$salt</span><span class="sy0">,</span> <span class="re0">$roles</span><span class="br0">)</span><span class="sy0">;</span>
<span class="br0">}</span>
&nbsp;
<span class="kw1">throw</span> <span class="kw2">new</span> UsernameNotFoundException<span class="br0">(</span>
<a href="http://www.php.net/sprintf"><span class="kw3">sprintf</span></a><span class="br0">(</span><span class="st_h">'Username "%s" does not exist.'</span><span class="sy0">,</span> <span class="re0">$username</span><span class="br0">)</span>
<span class="br0">)</span><span class="sy0">;</span>
<span class="br0">}</span>
&nbsp;
<span class="kw2">public</span> <span class="kw2">function</span> refreshUser<span class="br0">(</span>UserInterface <span class="re0">$user</span><span class="br0">)</span>
<span class="br0">{</span>
<span class="kw1">if</span> <span class="br0">(</span><span class="sy0">!</span><span class="re0">$user</span> instanceof HeaderUser<span class="br0">)</span> <span class="br0">{</span>
<span class="kw1">throw</span> <span class="kw2">new</span> UnsupportedUserException<span class="br0">(</span>
<a href="http://www.php.net/sprintf"><span class="kw3">sprintf</span></a><span class="br0">(</span><span class="st_h">'Instances of "%s" are not supported.'</span><span class="sy0">,</span> <a href="http://www.php.net/get_class"><span class="kw3">get_class</span></a><span class="br0">(</span><span class="re0">$user</span><span class="br0">)</span><span class="br0">)</span>
<span class="br0">)</span><span class="sy0">;</span>
<span class="br0">}</span>
&nbsp;
<span class="kw1">return</span> <span class="re0">$this</span><span class="sy0">-&gt;</span><span class="me1">loadUserByUsername</span><span class="br0">(</span><span class="re0">$user</span><span class="sy0">-&gt;</span><span class="me1">getUsername</span><span class="br0">(</span><span class="br0">)</span><span class="br0">)</span><span class="sy0">;</span>
<span class="br0">}</span>
&nbsp;
<span class="kw2">public</span> <span class="kw2">function</span> supportsClass<span class="br0">(</span><span class="re0">$class</span><span class="br0">)</span>
<span class="br0">{</span>
<span class="kw1">return</span> HeaderUser<span class="sy0">::</span><span class="kw2">class</span> <span class="sy0">===</span> <span class="re0">$class</span><span class="sy0">;</span>
<span class="br0">}</span>
<span class="br0">}</span>
&nbsp;
<span class="sy1">?></span></pre>
</div><!-- EDIT3 SECTION "Configuration" [444-4373] -->
<h2 class="sectionedit4" id="references">Références</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> <a href="http://symfony.com/doc/current/security/pre_authenticated.html#remote-user-based-authentication" class="urlextern" title="http://symfony.com/doc/current/security/pre_authenticated.html#remote-user-based-authentication" rel="nofollow">http://symfony.com/doc/current/security/pre_authenticated.html#remote-user-based-authentication</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://symfony.com/doc/current/security/custom_provider.html" class="urlextern" title="https://symfony.com/doc/current/security/custom_provider.html" rel="nofollow">https://symfony.com/doc/current/security/custom_provider.html</a></div>
</li>
</ul>
</div><!-- EDIT4 SECTION "References" [4374-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/symfony_logo.png_documentation_2.0_applications_symfony.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:symfony_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="symfony.html"/>
<link rel="contents" href="symfony.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:symfony_logo.png </h1>
<div class="content">
<a href="symfony_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="300" height="77" class="img_detail" alt="symfony_logo.png" title="symfony_logo.png" src="symfony_logo.94212cff216d8b290c2355a72fd7995e.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> symfony_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2018/03/02 11:11</dd><dt>Filename:</dt><dd>symfony_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>4KB</dd><dt>Width:</dt><dd>300</dd><dt>Height:</dt><dd>77</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="symfony.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:symfony [B]">Back to documentation:2.0:applications:symfony</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

206
po-doc/fr/pages/documentation/current/applications/sympa.html
View File

@ -1,206 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:sympa</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,sympa"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="sympa.html"/>
<link rel="contents" href="sympa.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:sympa","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#sympa_configuration">Configuration Sympa</a></div></li>
<li class="level2"><div class="li"><a href="#sympa_virtual_host">Hôte virtuel Sympa</a></div></li>
<li class="level2"><div class="li"><a href="#sympa_virtual_host_in_manager">Hôte virtuel Sympa dans le manager</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="sympa">Sympa</h1>
<div class="level1">
<p>
<a href="sympa_logo.png_documentation_2.0_applications_sympa.html" class="media" title="applications:sympa_logo.png"><img src="sympa_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "Sympa" [1-58] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://www.sympa.org" class="urlextern" title="http://www.sympa.org" rel="nofollow">Sympa</a> est un gestionnaire de listes de diffusion.
</p>
<p>
Pour configurer le <abbr title="Authentification unique (Single Sign On)">SSO</abbr> avec Sympa, utiliser l'<strong>authentification magique</strong> : une <abbr title="Uniform Resource Locator">URL</abbr> spéciale <abbr title="Authentification unique (Single Sign On)">SSO</abbr> est protégée par <abbr title="LemonLDAP::NG">LL::NG</abbr>, Sympa affichera un bouton pour les utilisateurs souhaitant utiliser cette fonctionnalité.
</p>
<div class="notetip">Depuis la version 1.9 of LLNG, la fonctionnalité de connexion automatique a été supprimée car elle ne fonctionnait qu'avec la version 5 de Sympa, elle-même dépréciée
</div>
</div><!-- EDIT2 SECTION "Presentation" [59-460] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Configuration" [461-487] -->
<h3 class="sectionedit4" id="sympa_configuration">Configuration Sympa</h3>
<div class="level3">
<p>
Éditer le fichier “auth.conf” de Sympa, par exemple :
</p>
<pre class="code">vi /etc/sympa/auth.conf</pre>
<p>
et le remplir :
</p>
<pre class="file">generic_sso
service_name Centralized auth service
service_id lemonldapng
email_http_header HTTP_MAIL
netid_http_header HTTP_AUTH_USER
internal_email_by_netid 1
logout_url http://sympa.example.com/wws/logout</pre>
<div class="notetip">Il est également possible de désactiver l'authentification interne de Sympa pour ne garder que celle de LemonLDAP::NG en supprimant le paragraphe user_table
<p>
Noter que si on utilise FastCGI, il faut redémarrer Apache pour activer les changements.
</p>
</div>
<p>
On peut aussi utiliser &lt;portal&gt;?logout=1 comme URL de déconnexion pour supprimer la session LemonLDAP::NG lorsque la déconnexion est demandée.
</p>
</div><!-- EDIT4 SECTION "Sympa configuration" [488-1292] -->
<h3 class="sectionedit5" id="sympa_virtual_host">Hôte virtuel Sympa</h3>
<div class="level3">
<p>
Configurer l'hôte virtuel Sympa comme n'importe quel autre <a href="../configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">hôte virtuel protégé</a> mais ne protéger que l'authentification magique.
</p>
<div class="notetip">La fin de l'<abbr title="Uniform Resource Locator">URL</abbr> est construite à partir du <code>service_id</code> defini dans la configuration Apache de Sympa.
</div><ul>
<li class="level1"><div class="li"> Pour Apache:</div>
</li>
</ul>
<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
<span class="kw1">ServerName</span> sympa.example.com
&nbsp;
&lt;<span class="kw3">Location</span> /wws/sso_login/lemonldapng&gt;
PerlHeaderParserHandler Lemonldap::NG::Handler
&lt;/<span class="kw3">Location</span>&gt;
&nbsp;
...
&nbsp;
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>
<ul>
<li class="level1"><div class="li"> Pour Nginx:</div>
</li>
</ul>
<pre class="code file nginx">server {
listen 80;
server_name sympa.example.com;
root /path/to/application;
# Requête interne d'authentification
location = /lmauth {
internal;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
# Ignorer les données postées
fastcgi_pass_request_body off;
fastcgi_param CONTENT_LENGTH "";
# Conserver le nom d'hôte original
fastcgi_param HOST $http_host;
# Conserver la requête originale (le serveur LLNG va recevoir /llauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
&nbsp;
# Requêtes clients
location /wws/sso_login/lemonldapng {
auth_request /lmauth;
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
auth_request_set $lmlocation $upstream_http_location;
error_page 401 $lmlocation;
try_files $uri $uri/ =404;
&nbsp;
...
&nbsp;
include /etc/lemonldap-ng/nginx-lua-headers.conf;
}
location / {
try_files $uri $uri/ =404;
}
}</pre>
</div><!-- EDIT5 SECTION "Sympa virtual host" [1293-2795] -->
<h3 class="sectionedit6" id="sympa_virtual_host_in_manager">Hôte virtuel Sympa dans le manager</h3>
<div class="level3">
<p>
Aller dans le manager et <a href="../configvhost.html#lemonldapng_configuration" class="wikilink1" title="documentation:2.0:configvhost">créer un nouvel hôte virtuel</a> pour Sympa.
</p>
<p>
Configurer les <a href="../writingrulesand_headers.html#rules" class="wikilink1" title="documentation:2.0:writingrulesand_headers">règles d'accès</a> et definir les <a href="../writingrulesand_headers.html#headers" class="wikilink1" title="documentation:2.0:writingrulesand_headers">en-têtes</a> suivants :
</p>
<ul>
<li class="level1"><div class="li"> Auth-User</div>
</li>
<li class="level1"><div class="li"> Mail</div>
</li>
</ul>
</div><!-- EDIT6 SECTION "Sympa virtual host in Manager" [2796-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/sympa_logo.png_documentation_2.0_applications_sympa.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:sympa_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="sympa.html"/>
<link rel="contents" href="sympa.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:sympa_logo.png </h1>
<div class="content">
<a href="sympa_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="180" height="80" class="img_detail" alt="sympa_logo.png" title="sympa_logo.png" src="sympa_logo.8f3ab0739845ad0bda8348f032f87a11.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> sympa_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>sympa_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>7KB</dd><dt>Width:</dt><dd>180</dd><dt>Height:</dt><dd>80</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="sympa.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:sympa [B]">Back to documentation:2.0:applications:sympa</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

178
po-doc/fr/pages/documentation/current/applications/tomcat.html
View File

@ -1,178 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<meta charset="utf-8" />
<title>documentation:2.0:applications:tomcat</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,tomcat"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="tomcat.html"/>
<link rel="contents" href="tomcat.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:tomcat","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#installation">Installation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div></li>
<li class="level1"><div class="li"><a href="#compilation">Compilation</a></div></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="apache_tomcat">Apache Tomcat</h1>
<div class="level1">
<p>
<a href="tomcat_logo.png_documentation_2.0_applications_tomcat.html" class="media" title="applications:tomcat_logo.png"><img src="tomcat_logo.png" class="mediacenter" alt="" /></a>
</p>
<div class="noteimportant">La valve Tomcat est uniquement disponible pour les versions 5.5 et supérieures de Tomcat.
</div>
</div><!-- EDIT1 SECTION "Apache Tomcat" [1-154] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://tomcat.apache.org/" class="urlextern" title="http://tomcat.apache.org/" rel="nofollow">Apache Tomcat</a> est une implémentation libre des technologies Java Servlet et JavaServer Pages.
</p>
<p>
Comme conteneur de servlet J2EE, Tomcat fournit les fonctionnalités de sécurité standards, telles l'authentification : une application déployée dans Tomcat peut déléguer son authentification à Tomcat.
</p>
<p>
Par défaut, Tomcat fournit un fichier nommé <code>users.xml</code> pour gérer l'authentification :
</p>
<pre class="code file xml"><span class="sc3"><span class="re1"><?xml version="1.0" encoding="UTF-8"?></span></span>
<span class="sc3"><span class="re1">&lt;tomcat-users<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;role</span> <span class="re0">rolename</span>=<span class="st0">"tomcat"</span><span class="re2">/&gt;</span></span>
<span class="sc3"><span class="re1">&lt;role</span> <span class="re0">rolename</span>=<span class="st0">"role1"</span><span class="re2">/&gt;</span></span>
<span class="sc3"><span class="re1">&lt;user</span> <span class="re0">username</span>=<span class="st0">"tomcat"</span> <span class="re0">password</span>=<span class="st0">"tomcat"</span> <span class="re0">roles</span>=<span class="st0">"tomcat"</span><span class="re2">/&gt;</span></span>
<span class="sc3"><span class="re1">&lt;user</span> <span class="re0">username</span>=<span class="st0">"role1"</span> <span class="re0">password</span>=<span class="st0">"tomcat"</span> <span class="re0">roles</span>=<span class="st0">"role1"</span><span class="re2">/&gt;</span></span>
<span class="sc3"><span class="re1">&lt;user</span> <span class="re0">username</span>=<span class="st0">"both"</span> <span class="re0">password</span>=<span class="st0">"tomcat"</span> <span class="re0">roles</span>=<span class="st0">"tomcat,role1"</span><span class="re2">/&gt;</span></span>
<span class="sc3"><span class="re1">&lt;/tomcat-users<span class="re2">&gt;</span></span></span>
&nbsp;</pre>
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> fournit une valve, disponible sur <a href="../download.html#contributions" class="wikilink1" title="Téléchargement">page de téléchargement</a>. Cette valve examine les en-têtes HTTP pour désigner l'utilisateur authentifié au conteneur J2EE.
</p>
</div><!-- EDIT2 SECTION "Presentation" [155-1077] -->
<h2 class="sectionedit3" id="installation">Installation</h2>
<div class="level2">
<p>
Copier <code>ValveLemonLDAPNG.jar</code> dans <code>&lt;TOMCAT_HOME&gt;/server/lib</code>:
</p>
<pre class="code">cp ValveLemonLDAPNG.jar server/lib/</pre>
<div class="notetip">Si besoin, <a href="#compilation" title="documentation:2.0:applications:tomcat ↵" class="wikilink1">recompiler la valve depuis les sources</a>.
</div>
</div><!-- EDIT3 SECTION "Installation" [1078-1310] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
<p>
Ajouter dans le fichier <code>server.xml</code> une nouvelle valve comme ci-dessous (dans la section host):
</p>
<pre class="code file xml"><span class="sc3"><span class="re1">&lt;Valve</span> <span class="re0">className</span>=<span class="st0">"org.lemonLDAPNG.SSOValve"</span> <span class="re0">userKey</span>=<span class="st0">"AUTH-USER"</span> <span class="re0">roleKey</span>=<span class="st0">"AUTH-ROLE"</span> <span class="re0">roleSeparator</span>=<span class="st0">","</span> <span class="re0">allows</span>=<span class="st0">"127.0.0.1"</span><span class="re2">/&gt;</span></span></pre>
<p>
Configurer les attributs :
</p>
<ul>
<li class="level1"><div class="li"> <strong>userKey</strong> : nom de l'en-tête HTTP contenant le nom d'utilisateur.</div>
</li>
<li class="level1"><div class="li"> <strong>roleKey</strong> : nom de l'en-tête HTTP contenant les rôles. Si <abbr title="LemonLDAP::NG">LL::NG</abbr> envoie les rôles séparés par des caractères (virgule,...), configurer <strong>roleSeparator</strong>.</div>
</li>
<li class="level1"><div class="li"> <strong>roleSeparator</strong> (optionnel) : séparateur des valeurs de rôle.</div>
</li>
<li class="level1"><div class="li"> <strong>allows</strong> (optionnel) : Definit les adresses <abbr title="Internet Protocol">IP</abbr> autorisées (ustiliser le séparateur ”,” pour de multiples <abbr title="Internet Protocol">IP</abbr>). Indiquer seulement l'adresse <abbr title="Internet Protocol">IP</abbr> du handler <abbr title="LemonLDAP::NG">LL::NG</abbr> dans cet attribut pour ajouter plus de sécurité. Si cet attribut est manquant, toutes les adresses seront autorisées.</div>
</li>
<li class="level1"><div class="li"> <strong>passThrough</strong> (optionnel) : Autorise ou non l'accès anonyme. Lorsqu'il est à “false”, les en-têtes HTTP doivent être renseignés par &lt;a2&gt;LL::NG&lt;/a2&gt; pour valider l'authentification. Donc, si l'utilisateur n'est pas reconnu ou si l'en-tête HTTP n'est pas présent, une erreur 403 est retournée.</div>
</li>
</ul>
<div class="notetip">Pour le debogage, cette valve peut tracer quelques information utiliser. Voir <a href="http://tomcat.apache.org/tomcat-5.5-doc/logging.html" class="urlextern" title="http://tomcat.apache.org/tomcat-5.5-doc/logging.html" rel="nofollow">how configure logging in Tomcat</a> .
</div>
</div><!-- EDIT4 SECTION "Configuration" [1311-2481] -->
<h2 class="sectionedit5" id="compilation">Compilation</h2>
<div class="level2">
<p>
Les sources sont disponibles sur la <a href="../download.html#contributions" class="wikilink1" title="Téléchargement">page de téléchargement</a>.
</p>
<p>
Requis :
</p>
<ul>
<li class="level1"><div class="li"> ant</div>
</li>
<li class="level1"><div class="li"> jre &gt; 1.4</div>
</li>
<li class="level1"><div class="li"> tomcat &gt;= 5.5</div>
</li>
</ul>
<p>
Configurer votre tomcat home dans le fichier <code>build.properties</code>.
</p>
<div class="noteimportant">Attention avec les systèmes Windows, le séparateur de répertoire est le ”/”. Exemple :
<pre class="code">c:/my hardisk/tomcat/</pre>
</div>
<p>
Lancer ensuite la commande ant :
</p>
<pre class="code">ant</pre>
<p>
<code>ValveLemonLDAPNG.jar</code> est créé dans le répertoire <code>/dist</code>.
</p>
</div><!-- EDIT5 SECTION "Compilation" [2482-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/tomcat_logo.png_documentation_2.0_applications_tomcat.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:tomcat_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="tomcat.html"/>
<link rel="contents" href="tomcat.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:tomcat_logo.png </h1>
<div class="content">
<a href="tomcat_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="113" height="80" class="img_detail" alt="tomcat_logo.png" title="tomcat_logo.png" src="tomcat_logo.b1d9476f855a81421af525714e5bbefb.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> tomcat_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>tomcat_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>9KB</dd><dt>Width:</dt><dd>113</dd><dt>Height:</dt><dd>80</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="tomcat.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:tomcat [B]">Back to documentation:2.0:applications:tomcat</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/user_federation_id-resize-web.png_documentation_2.0_applications_salesforce.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:user_federation_id-resize-web.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="salesforce.html"/>
<link rel="contents" href="salesforce.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:user_federation_id-resize-web.png </h1>
<div class="content">
<a href="user_federation_id-resize-web.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="800" height="410" class="img_detail" alt="user_federation_id-resize-web.png" title="user_federation_id-resize-web.png" src="user_federation_id-resize-web.f4e31dc61a4d060652130eb2274367ec.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> user_federation_id-resize-web.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>user_federation_id-resize-web.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>67KB</dd><dt>Width:</dt><dd>800</dd><dt>Height:</dt><dd>410</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="salesforce.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:salesforce [B]">Back to documentation:2.0:applications:salesforce</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

173
po-doc/fr/pages/documentation/current/applications/wordpress.html
View File

@ -1,173 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:wordpress</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,wordpress"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="wordpress.html"/>
<link rel="contents" href="wordpress.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:wordpress","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#cas">CAS</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#plugin_installation">Plugin installation</a></div></li>
<li class="level2"><div class="li"><a href="#plugin_configuration">Plugin configuration</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#general_settings">General settings</a></div></li>
<li class="level3"><div class="li"><a href="#user_roles_settings">User Roles Settings</a></div></li>
</ul></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="wordpress">Wordpress</h1>
<div class="level1">
<p>
<img src="wordpress_logo.png" class="mediacenter" alt="" />
</p>
</div><!-- EDIT1 SECTION "Wordpress" [1-73] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="https://wordpress.org/" class="urlextern" title="https://wordpress.org/" rel="nofollow">Wordpress</a> is a famous tool to create websites.
</p>
<p>
A lot of authentication plugins are available. We propose here to use <abbr title="Central Authentication Service">CAS</abbr> protocol and <a href="https://wordpress.org/plugins/wp-cassify/" class="urlextern" title="https://wordpress.org/plugins/wp-cassify/" rel="nofollow">WP Cassify</a> plugin.
</p>
</div><!-- EDIT2 SECTION "Presentation" [74-327] -->
<h2 class="sectionedit3" id="cas">CAS</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "CAS" [328-344] -->
<h3 class="sectionedit4" id="plugin_installation">Plugin installation</h3>
<div class="level3">
<p>
Go in Wordpress admin and install <a href="https://wordpress.org/plugins/wp-cassify/" class="urlextern" title="https://wordpress.org/plugins/wp-cassify/" rel="nofollow">WP Cassify</a> plugin.
</p>
</div><!-- EDIT4 SECTION "Plugin installation" [345-475] -->
<h3 class="sectionedit5" id="plugin_configuration">Plugin configuration</h3>
<div class="level3">
<p>
The full documentation is available on <a href="https://wpcassify.wordpress.com/" class="urlextern" title="https://wpcassify.wordpress.com/" rel="nofollow">https://wpcassify.wordpress.com/</a>
</p>
</div>
<h4 id="general_settings">General settings</h4>
<div class="level4">
<p>
Configure <abbr title="Central Authentication Service">CAS</abbr> server and <abbr title="Central Authentication Service">CAS</abbr> version:
</p>
<ul>
<li class="level1"><div class="li"> <abbr title="Central Authentication Service">CAS</abbr> Server base url : <a href="https://auth.example.com/cas/" class="urlextern" title="https://auth.example.com/cas/" rel="nofollow">https://auth.example.com/cas/</a></div>
</li>
<li class="level1"><div class="li"> <abbr title="Central Authentication Service">CAS</abbr> Version protocol: 2</div>
</li>
</ul>
<p>
Other options are correct by default.
</p>
</div>
<h4 id="user_roles_settings">User Roles Settings</h4>
<div class="level4">
<p>
You can assign WP Roles depending on values sent by <abbr title="Central Authentication Service">CAS</abbr>.
</p>
<p>
The rules syntax is quite special, you can use it or you can just define macros on <abbr title="LemonLDAP::NG">LL::NG</abbr> side and send them trough <abbr title="Central Authentication Service">CAS</abbr> to keep simple rules on WP side.
</p>
<p>
For example create a macro <code>role_wordpress_admin</code> which contains <code>1</code> if the user is admin on WP, and send it in <abbr title="Central Authentication Service">CAS</abbr> attributes.
</p>
<p>
Then create this rule on WP side:
</p>
<pre class="code">administrator|(CAS{role_wordpress_admin} -EQ "1")</pre>
</div><!-- EDIT5 SECTION "Plugin configuration" [476-] -->
</div>
</body>
</html>

172
po-doc/fr/pages/documentation/current/applications/zimbra.html
View File

@ -1,172 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:applications:zimbra</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,zimbra"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="zimbra.html"/>
<link rel="contents" href="zimbra.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:zimbra","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#zimbra_preauth_key">Clef de pré-authentification Zimbra</a></div></li>
<li class="level2"><div class="li"><a href="#zimbra_application_in_menu">Application Zimbra dans le menu</a></div></li>
<li class="level2"><div class="li"><a href="#zimbra_virtual_host">Hôte virtuel Zimbra</a></div></li>
<li class="level2"><div class="li"><a href="#zimbra_handler_parameters">Paramètres du handler Zimbra</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="zimbra">Zimbra</h1>
<div class="level1">
<p>
<a href="zimbra_logo.png_documentation_2.0_applications_zimbra.html" class="media" title="applications:zimbra_logo.png"><img src="zimbra_logo.png" class="mediacenter" alt="" /></a>
</p>
</div><!-- EDIT1 SECTION "Zimbra" [1-60] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://www.zimbra.com/" class="urlextern" title="http://www.zimbra.com/" rel="nofollow">Zimbra</a> est un logiciel serveur collaboratif et de messagerie open-source - messagerie, calendrier de groupe, contacts, messagerie instantanée, stockage de fichiers et gestion de documents web. Le serveur de messagerie et calendrier Zimbra est disponible pour Linux, Mac OS X et les plateformes de virtualisation. Zimbra se synchronise avec les smartphones (iPhone, BlackBerry) et les clients lourds de bureau tels Outlook et Thunderbird. Zimbra propose aussi l'archivage et discovery for compliance. Zimbra peut être déployé sur site ou hébergé telle une messagerie.
</p>
<p>
Zimbra utilise un <a href="http://wiki.zimbra.com/index.php?title=Preauth" class="urlextern" title="http://wiki.zimbra.com/index.php?title=Preauth" rel="nofollow">protocole de pré-authentification</a> pour s'intégrer à un <abbr title="Authentification unique (Single Sign On)">SSO</abbr>. This protocol is implemented in an <abbr title="LemonLDAP::NG">LL::NG</abbr> specific Handler.
</p>
<div class="notetip">Zimbra peut aussi être connecté à <abbr title="LemonLDAP::NG">LL::NG</abbr> via le <a href="../idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">protocole SAML</a> (voir le <a href="http://blog.zimbra.com/blog/archives/2010/06/using-saml-assertions-to-access-zimbra.html" class="urlextern" title="http://blog.zimbra.com/blog/archives/2010/06/using-saml-assertions-to-access-zimbra.html" rel="nofollow">blog de Zimbra</a>).
</div><div class="noteimportant">Pour l'instant, Zimbra n'est pas supporté par le handler Nginx. Il faut utiliser Apache.
</div>
</div><!-- EDIT2 SECTION "Presentation" [61-1097] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
<p>
L'intégration avec <abbr title="LemonLDAP::NG">LL::NG</abbr> est la suivante :
</p>
<ul>
<li class="level1"><div class="li"> Une <abbr title="Uniform Resource Locator">URL</abbr> spéciale est declarée dans le menu des applications (telle <a href="http://zimbra.example.com/zimbrasso" class="urlextern" title="http://zimbra.example.com/zimbrasso" rel="nofollow">http://zimbra.example.com/zimbrasso</a>)</div>
</li>
<li class="level1"><div class="li"> Un handler Zimbra est appelé</div>
</li>
<li class="level1"><div class="li"> Le handler construit la requête de pré-authentification et redirige l'utilisateur sur l'<abbr title="Uniform Resource Locator">URL</abbr> de pré-authentification de Zimbra</div>
</li>
<li class="level1"><div class="li"> Ensuite Zimbra génère son cookie <abbr title="Authentification unique (Single Sign On)">SSO</abbr> dans le navigateur de l'utilisateur</div>
</li>
</ul>
</div><!-- EDIT3 SECTION "Configuration" [1098-1438] -->
<h3 class="sectionedit4" id="zimbra_preauth_key">Clef de pré-authentification Zimbra</h3>
<div class="level3">
<p>
Il est nécessaire de récupérer une clef de pré-authentification auprès du serveur Zimbra.
</p>
<p>
Voir <a href="http://wiki.zimbra.com/index.php?title=Preauth#Preparing_a_domain_for_preauth" class="urlextern" title="http://wiki.zimbra.com/index.php?title=Preauth#Preparing_a_domain_for_preauth" rel="nofollow">comment le faire</a> sur le wiki Zimbra.
</p>
</div><!-- EDIT4 SECTION "Zimbra preauth key" [1439-1637] -->
<h3 class="sectionedit5" id="zimbra_application_in_menu">Application Zimbra dans le menu</h3>
<div class="level3">
<p>
Choisir par exemple <a href="http://zimbra.example.com/zimbrasso" class="urlextern" title="http://zimbra.example.com/zimbrasso" rel="nofollow">http://zimbra.example.com/zimbrasso</a> comme <abbr title="Uniform Resource Locator">URL</abbr> <abbr title="Authentification unique (Single Sign On)">SSO</abbr> et <a href="../portalmenu.html#categories_and_applications" class="wikilink1" title="documentation:2.0:portalmenu">insérer la dans le menu application</a>.
</p>
</div><!-- EDIT5 SECTION "Zimbra application in menu" [1638-1819] -->
<h3 class="sectionedit6" id="zimbra_virtual_host">Hôte virtuel Zimbra</h3>
<div class="level3">
<p>
You just have to set “Type: ZimbraPreAuth” in virtualhost options and reload configuration in this handler.
</p>
</div><!-- EDIT6 SECTION "Zimbra virtual host" [1820-1959] -->
<h3 class="sectionedit7" id="zimbra_handler_parameters">Paramètres du handler Zimbra</h3>
<div class="level3">
<p>
Les paramètres Zimbra sont les suivants :
</p>
<ul>
<li class="level1"><div class="li"> <strong>Clef de pré-authentification key</strong> : celle récupérée de la commande zmprov</div>
</li>
<li class="level1"><div class="li"> <strong>clef de session compte</strong> : champ de session utilisé comme compte utilisateur Zimbra (par défaut : uid)</div>
</li>
<li class="level1"><div class="li"> <strong>Type de compte</strong> : pour Zimbra, ce peut être name, id ou foreignKey (par défaut : id)</div>
</li>
<li class="level1"><div class="li"> <strong><abbr title="Uniform Resource Locator">URL</abbr> de pré-authentification</strong> : <abbr title="Uniform Resource Locator">URL</abbr> de pré-authentification Zimbra, soit l'<abbr title="Uniform Resource Locator">URL</abbr> complète (ex : <a href="http://zimbra.lan/service/preauth" class="urlextern" title="http://zimbra.lan/service/preauth" rel="nofollow">http://zimbra.lan/service/preauth</a>), soit seulement le chemin absolu (ex : /service/preauth) (par défaut : /service/preauth)</div>
</li>
<li class="level1"><div class="li"> <strong>Expression de correspondance de l'<abbr title="Uniform Resource Locator">URL</abbr> <abbr title="Authentification unique (Single Sign On)">SSO</abbr></strong> : expression régulière de correspondance de l'<abbr title="Uniform Resource Locator">URL</abbr> <abbr title="Authentification unique (Single Sign On)">SSO</abbr> (par défaut : ^/zimbrasso$)</div>
</li>
</ul>
<div class="noteimportant">Suite au changement de l'<abbr title="Interface de programmation">API</abbr> du handler dans la version 1.9, il est nécessaire de définir ces attributs dans le fichier <code>lemonldap-ng.ini</code> et non dans le Manager, par exemple:
<pre class="code file ini"><span class="re0"><span class="br0">[</span>handler<span class="br0">]</span></span>
<span class="re1">zimbraPreAuthKey</span> <span class="sy0">=</span><span class="re2"> XXXX</span>
<span class="re1">zimbraAccountKey</span> <span class="sy0">=</span><span class="re2"> uid</span>
<span class="re1">zimbraBy</span> <span class="sy0">=</span><span class="re2">id</span>
<span class="re1">zimbraUrl</span> <span class="sy0">=</span><span class="re2"> /service/preauth</span>
<span class="re1">zimbraSsoUrl</span> <span class="sy0">=</span><span class="re2"> ^/zimbrasso$</span></pre>
</div>
</div><!-- EDIT7 SECTION "Zimbra Handler parameters" [1960-] -->
</div>
</body>
</html>

105
po-doc/fr/pages/documentation/current/applications/zimbra_logo.png_documentation_2.0_applications_zimbra.html
View File

@ -1,105 +0,0 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr" class="no-js">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="UTF-8" />
<title>applications:zimbra_logo.png [LemonLDAP::NG]</title>
<script>(function(H){H.className=H.className.replace(/\bno-js\b/,'js')})(document.documentElement)</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="viewport" content="width=device-width,initial-scale=1" />
<link rel="shortcut icon" href="../lib/tpl/bootstrap3/images/favicon.ico" />
<link rel="apple-touch-icon" href="../lib/tpl/bootstrap3/images/apple-touch-icon.png" />
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
/&gt;
<script type="text/javascript">/*<![CDATA[*/
var TPL_CONFIG = {"tableFullWidth":1};
/*!]]>*/</script><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="zimbra.html"/>
<link rel="contents" href="zimbra.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='';var JSINFO = null;
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
<script type="text/javascript" src="/javascript/bootstrap/js/bootstrap.min.js"></script><!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries --><!-- WARNING: Respond.js doesn't work if you view the page via file:// --><!--[if lt IE 9]>
<![endif]-->
</head>
<body class="container"><!--[if lte IE 7 ]><div id="IE7"><![endif]--><!--[if IE 8 ]><div id="IE8"><![endif]-->
<div id="dokuwiki__detail" class="dokuwiki mode_ tpl_bootstrap3 ">
<h1 class="page-header">
<i class="glyphicon glyphicon-picture"></i> applications:zimbra_logo.png </h1>
<div class="content">
<a href="zimbra_logo.0fea6a13c52b4d4725368f24b045ca84.png" title="View original file"><img width="167" height="80" class="img_detail" alt="zimbra_logo.png" title="zimbra_logo.png" src="zimbra_logo.d6b642faee87d22c2dea1e7db91badac.png"/></a>
<div class="img_detail">
<div class="panel panel-default">
<div class="panel-heading">
<h2 class="panel-title"><i class="glyphicon glyphicon-info-sign text-info"></i> zimbra_logo.png</h2>
</div>
<div class="panel-body">
<dl><dt>Date:</dt><dd>2016/07/19 12:15</dd><dt>Filename:</dt><dd>zimbra_logo.png</dd><dt>Format:</dt><dd>PNG</dd><dt>Size:</dt><dd>14KB</dd><dt>Width:</dt><dd>167</dd><dt>Height:</dt><dd>80</dd></dl> </div>
</div>
</div>
</div><!-- /.content -->
<p class="back">
<hr/>
<div class="btn-group">
<a href="zimbra.html" class="action img_backto" accesskey="b" rel="nofollow" title="Back to documentation:2.0:applications:zimbra [B]">Back to documentation:2.0:applications:zimbra</a> </div>
</p>
</div><!--[if ( lte IE 7 | IE 8 ) ]></div><![endif]-->
</body>
</html>

131
po-doc/fr/pages/documentation/current/authad.html
View File

@ -1,131 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authad</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authad"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authad.html"/>
<link rel="contents" href="authad.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authad","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div></li>
<li class="level1"><div class="li"><a href="#ad_password_policy">Politique de mots-de-passe AD</a></div></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="active_directory">Active Directory</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2 centeralign"></td>
</tr>
</table></div><!-- EDIT2 TABLE [33-102] -->
</div><!-- EDIT1 SECTION "Active Directory" [1-103] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
Le module Active Directory est basé sur le <a href="authldap.html" class="wikilink1" title="documentation:2.0:authldap">module LDAP</a>, avec ces caractéristiques :
</p>
<ul>
<li class="level1"><div class="li"> Valeurs spécifiques par défaut des filtres pour correspondre au schéma AD</div>
</li>
<li class="level1"><div class="li"> Compatibilité des modifications de mots-de-passe</div>
</li>
<li class="level1"><div class="li"> Réinitialisation du mot-de-passe à la connexion suivante</div>
</li>
</ul>
</div><!-- EDIT3 SECTION "Presentation" [104-359] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
<p>
La configuration est la même que mour le <a href="authldap.html" class="wikilink1" title="documentation:2.0:authldap">module LDAP</a>.
</p>
</div><!-- EDIT4 SECTION "Configuration" [360-451] -->
<h2 class="sectionedit5" id="ad_password_policy">Politique de mots-de-passe AD</h2>
<div class="level2">
<p>
La politique de mots-de-passe AD ne respecte pas les <abbr title="Request for Comments">RFC</abbr> LDAP, mais Microsoft a implementé sa propore politique. LemonLDAP::NG implémente partiellement cette politique :
</p>
<ul>
<li class="level1"><div class="li"> Lorsque le paramètre pwdLastSet est positionné à 0 dans l'entrée utilisateur, ça signifie que le mot de passe a été réinitialisé et qu'un formulaire est présenté à l'utilisateur pour qu'il change son mot de passe.</div>
</li>
<li class="level1"><div class="li"> lorsque l'attribut virtuel compilé 'msDS-User-Account-Control-Computed' a le drapeau 6th positionné à 8, le mot de passe est considéré comme expiré. (support depuis la version Windows Server 2003) Il est trop tard pour l'utilisateur pour faire quoi que ce soit. Il doit contacter son administrateur.</div>
</li>
<li class="level1"><div class="li"> un avertissement avant expiration du mot de passe est possible dans AD, mais seuleent dans une GPO (Configuration de l'ordinateur\Paramètres Windows\Politiques locales\Options de sécurité pour le logon interactif: Demander à l'utilisateur de changer son mot de passe avant expiration). Toutefois, ça n'a pas de matérialisation dans le référentiel LDAP. Une variable “délai d'avertissement pour mot de passe avant expiration de celui-ci” peut être indiquée dans LemonLDAP::NG pour le faire.</div>
</li>
</ul>
<div class="noteimportant">Note : depuis AD 2012, chaque utilisateur peut disposer d'une politique 'expiration de mot-de-passe différente. Alors, la « durée de vie maximum du mot-de-passe » peut avoir des valeurs différentes. Ce n'est actuellement pas supporté par LemonLDAP::NG car toute politique doit etre calculée avec sa priorité pour connaître l'âge maximum à appliquer.
</div>
<p>
Pour configurer l'avertissement vant expiration, il faut indiquer deux variables des paramètres Active Directory dans le Manager:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Délai d'avertissement d'expiration du mot-de-passe</strong> : nombre de secondes entre la date d'avertissement et l'expiration effective.</div>
</li>
<li class="level1"><div class="li"> <strong>Âge macimum du mot-de-passe</strong> : nombre de secondes entre le changement de mot-de-passe et son expiration. Ça doit correspondre avec la politique de l'AD</div>
</li>
</ul>
</div><!-- EDIT5 SECTION "AD password policy" [452-] -->
</div>
</body>
</html>

172
po-doc/fr/pages/documentation/current/authapache.html
View File

@ -1,172 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authapache</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authapache"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authapache.html"/>
<link rel="contents" href="authapache.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authapache","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#llng">LL::NG</a></div></li>
<li class="level2"><div class="li"><a href="#apache1">Apache</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#tips">Astuces</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#kerberos">Kerberos</a></div></li>
<li class="level2"><div class="li"><a href="#compatibility_with_identity_provider_modules">Compatibilité avec les modules fournisseurs d'identité</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="apache">Apache</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1"> </td><td class="col2"> </td>
</tr>
</table></div><!-- EDIT2 TABLE [22-79] -->
</div><!-- EDIT1 SECTION "Apache" [1-80] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> peut déléguer l'authentification à Apache, ainsi il est possible d'utiliser tous les <a href="http://httpd.apache.org/docs/current/howto/auth.html" class="urlextern" title="http://httpd.apache.org/docs/current/howto/auth.html" rel="nofollow">modules d'authentification Apache</a>, par exemple Kerberos, Radius, OTP, etc.
</p>
<div class="noteimportant">To authenticate users using Kerberos, you can now use the new <a href="authkerberos.html" class="wikilink1" title="documentation:2.0:authkerberos">Kerberos authentication module</a> which allow one to chain Kerberos in a <a href="authcombination.html" class="wikilink1" title="documentation:2.0:authcombination">combination</a>
</div><div class="notetip">Les modules d'authentification Apache renseignent la variable d'environnement <code>REMOTE_USER</code>, qui sera utilisée par <abbr title="LemonLDAP::NG">LL::NG</abbr> pour obtenir le nom d'utilisateur authentifié.
</div>
</div><!-- EDIT3 SECTION "Presentation" [81-668] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT4 SECTION "Configuration" [669-695] -->
<h3 class="sectionedit5" id="llng">LL::NG</h3>
<div class="level3">
<p>
Dans <code>Paramètres généraux</code> &gt; &lt;c1&gt;Modules d'authentification&lt;/c1&gt; choisir Apache pour l'authentification.
</p>
<p>
On peut choisir de basculer sur un autre backend d'authentification en cas d'échec de l'authentification Apache. Utiliser alors le <a href="authmulti.html" class="wikilink1" title="documentation:2.0:authmulti">module d'authentification multiple</a>, exemple:
</p>
<pre class="code">Apache;LDAP</pre>
<div class="notetip">Dans ce cas, la module d'authentification Apache ne doit pas exiger un utilisateur valide et ne dois pas être impératif, sinon le serveur Apache va retourner une erreur sans passer la main au portail <abbr title="LemonLDAP::NG">LL::NG</abbr>.
</div>
</div><!-- EDIT5 SECTION "LL::NG" [696-1234] -->
<h3 class="sectionedit6" id="apache1">Apache</h3>
<div class="level3">
<p>
La configuration Apache dépend du module choisi, se référer à sa documentation. Exemple :
</p>
<ul>
<li class="level1"><div class="li"> <a href="http://modauthkerb.sourceforge.net/" class="urlextern" title="http://modauthkerb.sourceforge.net/" rel="nofollow">Kerberos</a></div>
</li>
<li class="level1"><div class="li"> <a href="http://search.cpan.org/~speeves/Apache2-AuthenNTLM-0.02/AuthenNTLM.pm" class="urlextern" title="http://search.cpan.org/~speeves/Apache2-AuthenNTLM-0.02/AuthenNTLM.pm" rel="nofollow">NTLM</a></div>
</li>
<li class="level1"><div class="li"> <a href="http://freeradius.org/mod_auth_radius/" class="urlextern" title="http://freeradius.org/mod_auth_radius/" rel="nofollow">Radius</a></div>
</li>
<li class="level1"><div class="li"></div>
</li>
</ul>
</div><!-- EDIT6 SECTION "Apache" [1235-1569] -->
<h2 class="sectionedit7" id="tips">Astuces</h2>
<div class="level2">
</div><!-- EDIT7 SECTION "Tips" [1570-1587] -->
<h3 class="sectionedit8" id="kerberos">Kerberos</h3>
<div class="level3">
<p>
La configuration Kerberos est assez complexe. On peut trouver quelques éléments de configuration <a href="kerberos.html" class="wikilink1" title="documentation:2.0:kerberos">dans cette page</a>.
</p>
<div class="notetip">Prefer new <a href="authkerberos.html" class="wikilink1" title="documentation:2.0:authkerberos">Kerberos</a> module.
</div>
</div><!-- EDIT8 SECTION "Kerberos" [1588-1780] -->
<h3 class="sectionedit9" id="compatibility_with_identity_provider_modules">Compatibilité avec les modules fournisseurs d'identité</h3>
<div class="level3">
<p>
Lorsqu'on utilise des modules IDP (tels <abbr title="Central Authentication Service">CAS</abbr> ou <abbr title="Security Assertion Markup Language">SAML</abbr>), l'activation de 'authentification Apache peut altérer l'operation. En effet, le client doit souvent interroger directement l'IDP et l'authentification Apache va bloquer la requête.
</p>
<p>
Dans ce cas, il faut ajouter dans la configuratio du module Apache :
</p>
<pre class="code file apache"> <span class="kw1">Satisfy</span> any
<span class="kw1">Order</span> <span class="kw1">allow</span>,<span class="kw1">deny</span>
<span class="kw1">allow</span> from APPLICATIONS_IP</pre>
<p>
Ceci évite l'authentification des requêtes issues des adresses listées dans APPLICATIONS_<abbr title="Internet Protocol">IP</abbr>.
</p>
</div><!-- EDIT9 SECTION "Compatibility with Identity Provider modules" [1781-] -->
</div>
</body>
</html>

134
po-doc/fr/pages/documentation/current/authcas.html
View File

@ -1,134 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authcas</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authcas"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authcas.html"/>
<link rel="contents" href="authcas.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authcas","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="cas">CAS</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0">Authentification </th><th class="col1"> Utilisateurs </th><th class="col2"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1"> </td><td class="col2"> </td>
</tr>
</table></div><!-- EDIT2 TABLE [19-69] -->
</div><!-- EDIT1 SECTION "CAS" [1-70] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> peut déléguer l'authentification à un serveur <abbr title="Central Authentication Service">CAS</abbr>. Ceci nécessite un <a href="http://sourcesup.cru.fr/projects/perlcas/" class="urlextern" title="http://sourcesup.cru.fr/projects/perlcas/" rel="nofollow">module Perl CAS</a>.
</p>
<div class="notetip"><abbr title="LemonLDAP::NG">LL::NG</abbr> can also act as <a href="idpcas.html" class="wikilink1" title="documentation:2.0:idpcas">CAS server</a>, that allows one to interconnect two <abbr title="LemonLDAP::NG">LL::NG</abbr> systems.
</div>
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> peut également requérir des tickets de proxy pour les services qu'il protège. Les tickets de proxy seront collectés lors de la phase d'authentification et stockés dans la session utilisateur sous la forme :
</p>
<p>
<code>_casPT</code><strong>serviceID</strong> = <strong>Proxy ticket value</strong>
</p>
<p>
Ils peuvent être transférés aux applications via les <a href="writingrulesand_headers.html#headers" class="wikilink1" title="documentation:2.0:writingrulesand_headers">en-têtes HTTP</a>.
</p>
<div class="notetip">L'authentification <abbr title="Central Authentication Service">CAS</abbr> ajoute automatiquement une <a href="logoutforward.html" class="wikilink1" title="documentation:2.0:logoutforward">règle de renvoi après déconnexion</a> sur l'<abbr title="Uniform Resource Locator">URL</abbr> de déconnexion du serveur <abbr title="Central Authentication Service">CAS</abbr> afin de clore la session <abbr title="Central Authentication Service">CAS</abbr> lors de la déconnexion <abbr title="LemonLDAP::NG">LL::NG</abbr>.
</div>
</div><!-- EDIT3 SECTION "Presentation" [71-832] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
<p>
Dans le manager, aller dans <code>Paramètres généraux</code> &gt; <code>Modules d'authentification</code> et choisir <abbr title="Central Authentication Service">CAS</abbr> pour l'authentification.
</p>
<div class="notetip">Vous pouvez ensuite choisir vos modules d'utilisateurs et de mots-de-passe.
</div>
<p>
Aller ensuite dans <code>Paramètres <abbr title="Central Authentication Service">CAS</abbr></code> :
</p>
<ul>
<li class="level1"><div class="li"> <strong>Niveau d'authentification</strong> : niveau d'authentification accordé à ce module.</div>
</li>
</ul>
<p>
Then create the list of <abbr title="Central Authentication Service">CAS</abbr> servers in the manager. For each, set:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Server <abbr title="Uniform Resource Locator">URL</abbr></strong> <em>(required)</em>: <abbr title="Central Authentication Service">CAS</abbr> server <abbr title="Uniform Resource Locator">URL</abbr> (must use https://)</div>
</li>
<li class="level1"><div class="li"> <strong>Renew authentication</strong> <em>(default: disabled)</em>: force authentication renewal on <abbr title="Central Authentication Service">CAS</abbr> server</div>
</li>
<li class="level1"><div class="li"> <strong>Gateways authentication</strong> <em>(default: disabled)</em>: force transparent authentication on <abbr title="Central Authentication Service">CAS</abbr> server</div>
</li>
<li class="level1"><div class="li"> <strong>Display Name</strong>: Name to display. Required if you have more than 1 <abbr title="Central Authentication Service">CAS</abbr> server declared</div>
</li>
<li class="level1"><div class="li"> <strong>Icon</strong>: Path to <abbr title="Central Authentication Service">CAS</abbr> Server icon, used only if you have more than 1 <abbr title="Central Authentication Service">CAS</abbr> server declared</div>
</li>
<li class="level1"><div class="li"> <strong>Services Proxifiés</strong> : liste des services pour lesquels un ticket de proxy est requis :</div>
<ul>
<li class="level2"><div class="li"> <strong>Clef</strong> : Service ID</div>
</li>
<li class="level2"><div class="li"> <strong>Value</strong> Service <abbr title="Uniform Resource Locator">URL</abbr> (identifiant de service <abbr title="Central Authentication Service">CAS</abbr>)</div>
</li>
</ul>
</li>
</ul>
<div class="notetip">If no proxied services defined, <abbr title="Central Authentication Service">CAS</abbr> authentication will not activate the <abbr title="Central Authentication Service">CAS</abbr> proxy mode with this <abbr title="Central Authentication Service">CAS</abbr> server.
</div>
</div><!-- EDIT4 SECTION "Configuration" [833-] -->
</div>
</body>
</html>

154
po-doc/fr/pages/documentation/current/authchoice.html
View File

@ -1,154 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authchoice</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authchoice"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authchoice.html"/>
<link rel="contents" href="authchoice.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authchoice","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="backend_choice_by_users">Backend choisit par l'utilisateur</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2 centeralign"></td>
</tr>
</table></div><!-- EDIT2 TABLE [40-109] -->
</div><!-- EDIT1 SECTION "Backend choice by users" [1-110] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
Par défaut, seul le backend configuré est accessible aux utilisateurs.
</p>
<p>
Contrairement au <a href="authmulti.html" class="wikilink1" title="documentation:2.0:authmulti">dispositif de multiples backends</a>, le dispositif de choix de backend présente à l'utilisateur toutes les méthodes d'authentification disponibles pour qu'il puisse choisir.
</p>
<p>
Ce choix concerne 3 backends:
</p>
<ul>
<li class="level1"><div class="li"> Authentification</div>
</li>
<li class="level1"><div class="li"> Utilisateurs</div>
</li>
<li class="level1"><div class="li"> Mot-de-passe</div>
</li>
</ul>
<p>
The chosen backends will be registered in session:
</p>
<ul>
<li class="level1"><div class="li"> <code>$_auth</code></div>
</li>
<li class="level1"><div class="li"> <code>$_userDB</code></div>
</li>
<li class="level1"><div class="li"> <code>$_passwordDB</code></div>
</li>
</ul>
<p>
Le choix d'authentication est également enregistré dans la session :
</p>
<ul>
<li class="level1"><div class="li"> <code>$_authChoice</code></div>
</li>
</ul>
</div><!-- EDIT3 SECTION "Presentation" [111-648] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
<p>
Dans le manager, aller dans <code>Paramètres généraux</code> &gt; <code>Modules d'authentification</code> et choisir Choice pour l'authentification.
</p>
<div class="noteimportant">Lorsque <code>Choice</code> est selectionné pour l'authentification, les valeurs pour les modules utilisateur et mots-de-passe sont forcées à <code>Choice</code>.
</div>
<p>
Ensuite, aller dans les <code>paramètres Choice</code>:
</p>
<ul>
<li class="level1"><div class="li"> Paramètres d'<strong><abbr title="Uniform Resource Locator">URL</abbr></strong> : nom du paramètre utilisé pour stocker la valeur du choix (défaut: <code>lmAuth</code>)</div>
</li>
<li class="level1"><div class="li"> <strong>Modules autorisés</strong> : cliquer sur <code>Nouveau choix</code> pour ajouter un choix.</div>
</li>
</ul>
<p>
<img src="documentation/manager-choice.png" class="mediacenter" alt="" />
</p>
<p>
Definir ici :
</p>
<ul>
<li class="level1"><div class="li"> <strong>Nom</strong> : Texte à afficher sur l'onglet.</div>
</li>
<li class="level1"><div class="li"> <strong>Module d'authentication</strong></div>
</li>
<li class="level1"><div class="li"> <strong>Module utilisateurs</strong></div>
</li>
<li class="level1"><div class="li"> <strong>Module mots-de-passe</strong></div>
</li>
<li class="level1"><div class="li"> <strong><abbr title="Uniform Resource Locator">URL</abbr></strong> : optionnel, peut être utilisée pour rediriger l'utilisateur vers une autre <abbr title="Uniform Resource Locator">URL</abbr> (par exemple <a href="https://authssl.example.com" class="urlextern" title="https://authssl.example.com" rel="nofollow">https://authssl.example.com</a>). Obligatoire toutefois si on veut utiliser un module d'authentification Apache, qui sont lancés par Apache avant d'afficher la page du portail LemonLDAP::NG.</div>
</li>
<li class="level1"><div class="li"> <strong>Condition</strong>: optional, can be used to evaluate an expression to display the tab.</div>
</li>
</ul>
<div class="notetip">Il est possible d'ordonner les noms de clefs en utilisant un préfixe numérique. Le chiffre ne sera pas affiché sur la page portail. Les caractères « _ » sont alors remplacés par des espaces.
</div>
</div><!-- EDIT4 SECTION "Configuration" [649-] -->
</div>
</body>
</html>

396
po-doc/fr/pages/documentation/current/authcombination.html
View File

@ -1,396 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authcombination</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authcombination"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authcombination.html"/>
<link rel="contents" href="authcombination.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authcombination","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#modules_declaration">Modules declaration</a></div></li>
<li class="level2"><div class="li"><a href="#rule_chain">Rule chain</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#boolean_expression">Boolean expression</a></div></li>
<li class="level3"><div class="li"><a href="#tests">Tests</a></div></li>
<li class="level3"><div class="li"><a href="#let_s_be_crazy">Let's be crazy</a></div></li>
</ul>
</li>
<li class="level2"><div class="li"><a href="#combine_second_factor">Combine second factor</a></div></li>
<li class="level2"><div class="li"><a href="#display_multiple_forms">Display multiple forms</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#known_problems">Problèmes connus</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#federation_protocols">Federation protocols</a></div></li>
<li class="level2"><div class="li"><a href="#authapache_authentication">Auth::Apache authentication</a></div></li>
<li class="level2"><div class="li"><a href="#ssl_authentication">Authentification SSL</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="combination_of_authentication_schemes">Combination of authentication schemes</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2 leftalign"> </td>
</tr>
</table></div><!-- EDIT2 TABLE [54-118] -->
</div><!-- EDIT1 SECTION "Combination of authentication schemes" [1-119] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
This backend allows one to chain authentication method, for example to failback to LDAP authentication if Remote authentication failed…
</p>
</div><!-- EDIT3 SECTION "Presentation" [120-284] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
<p>
You have to use <code>Combination</code> as authentication module (users module must be set to “Same”). Then go in <code>Combination parameters</code> to :
</p>
<ul>
<li class="level1"><div class="li"> declare the modules that will be used</div>
</li>
<li class="level1"><div class="li"> set the rule chain</div>
</li>
</ul>
</div><!-- EDIT4 SECTION "Configuration" [285-515] -->
<h3 class="sectionedit5" id="modules_declaration">Modules declaration</h3>
<div class="level3">
<p>
Each module that will be used in combination rule must be declared. You must set:
</p>
<ul>
<li class="level1"><div class="li"> the name used in the rule (a uniq string)</div>
</li>
<li class="level1"><div class="li"> the type (LDAP, <abbr title="Database Interface">DBI</abbr>,…)</div>
</li>
<li class="level1"><div class="li"> the scope:</div>
<ul>
<li class="level2"><div class="li"> authentication and user DB</div>
</li>
<li class="level2"><div class="li"> authentication only</div>
</li>
<li class="level2"><div class="li"> user DB only</div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> overwritten parameters: you can redefine any LLNG string parameter. For example, if you use 2 different LDAP, the first can use normal configuration and for the second, overwritten parameter can redefine ldapServer,…</div>
</li>
</ul>
<p>
Par exemple :
</p>
<div class="table sectionedit6"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> Nom </th><th class="col1"> Type </th><th class="col2"> Scope </th><th class="col3"> Parameters </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0"> DB1 </td><td class="col1"> <abbr title="Database Interface">DBI</abbr> </td><td class="col2"> Auth only </td><td class="col3"> </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> DB2 </td><td class="col1"> <abbr title="Database Interface">DBI</abbr> </td><td class="col2"> User DB only </td><td class="col3"> dbiAuthChain ⇒ “mysql:…” </td>
</tr>
</table></div><!-- EDIT6 TABLE [1034-1157] -->
<p>
Usually, you can't declare two modules of the same type if they don't have the same parameters. For example, usually you can't declare a MySQL <abbr title="Database Interface">DBI</abbr> and a PostgreSQL <abbr title="Database Interface">DBI</abbr>, because there is no extra field for PostgreSQL parameters. Now with Combination, you can declare some overloaded parameters. For example, if <abbr title="Database Interface">DBI</abbr> is configured to use PostgreSQL but DB2 is a MySQL DB, you can override the “dbiChain” parameter.
</p>
</div><!-- EDIT5 SECTION "Modules declaration" [516-1571] -->
<h3 class="sectionedit7" id="rule_chain">Rule chain</h3>
<div class="level3">
<p>
Combination allows:
</p>
<ul>
<li class="level1"><div class="li"> to chain schemes (example: <code>[LDAP] and [<abbr title="Database Interface">DBI</abbr>]</code>)</div>
</li>
<li class="level1"><div class="li"> to test different schemes (example: <code>[LDAP] or [<abbr title="Database Interface">DBI</abbr>]</code>)</div>
</li>
<li class="level1"><div class="li"> to choose authentication scheme depending on some request values</div>
</li>
</ul>
<p>
Each scheme must be enclose in <code>[]</code>. A comma separates auth and user DB modules. If only one value is set, the same is used for both.
</p>
</div>
<h4 id="boolean_expression">Boolean expression</h4>
<div class="level4">
<p>
Remember that schemes in rules are the names declared above.
</p>
<div class="table sectionedit8"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> Exemple </th><th class="col1"> Explanation </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> <code>[myLDAP] or [myDBI]</code> </td><td class="col1"> If myLDAP fails, use myDBI </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> <code>[mySSL, myLDAP] or [myLDAP, myLDAP]</code> </td><td class="col1"> Try mySSL for auth and myLDAP for userDB. If fails, switch to myLDAP for both </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 leftalign"> <code>[myLDAP] or [myDBI1] or [myDBI2]</code> </td><td class="col1"> Try myLDAP, then if it fails, myDBI1, then if it fails myDBI2 </td>
</tr>
<tr class="row4 roweven">
<td class="col0 leftalign"> <code>[mySSL and myLDAP, myLDAP ]</code> </td><td class="col1"> Use mySSL and myLDAP to authentify, myLDAP to get user </td>
</tr>
</table></div><!-- EDIT8 TABLE [2025-2456] -->
<div class="noteimportant">Note that “or” can't be used inside a scheme.
If you think to “[mySSL or myLDAP, myLDAP]”, you must write <code>[mySSL, myLDAP] or [myLDAP, myLDAP]</code>
</div><div class="table sectionedit9"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> Exemple </th><th class="col1"> Explanation </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> <code>[myDBI1] and [myDBI2] or [myLDAP]</code> </td><td class="col1"> Try myDBI1 and myDBI2, if it fails, try myLDAP </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> <code>[myDBI1] and [myDBI2] or [myLDAP] and [myDBI2]</code> </td><td class="col1"> Try myDBI1 and myDBI2, if it fails, try myLDAP and myDBI2 </td>
</tr>
</table></div><!-- EDIT9 TABLE [2629-2873] -->
<div class="noteimportant">You can't use brackets in a boolean expression and “and” has precedence on “or”.
<p>
If you think to “( [myLDAP] or [myDBI1] ) and [myDBI2]”, you must write <code>[myLDAP] and [myDBI2] or [myDBI1] and [myDBI2]</code>
</p>
</div>
</div>
<h4 id="tests">Tests</h4>
<div class="level4">
<p>
Test can use only the <code>$env</code> variable. It contains the FastCGI environment variables.
</p>
<div class="table sectionedit10"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> Exemple </th><th class="col1"> Explanation </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0"> <code>if($env→{REMOTE_ADDR} =~ /^10\./) then [myLDAP] else [mySSL, myLDAP]</code> </td><td class="col1"> If user doesn't come from 10.0.0.0/8 network, use SSL as authentication module </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> <code>if($env→{REMOTE_ADDR} =~ /^10\./) then [myLDAP] else if($env→{REMOTE_ADDR} =~ /^192/) then [myDBI1] else [myDBI2]</code> </td><td class="col1"> Chain tests </td>
</tr>
</table></div><!-- EDIT10 TABLE [3209-3531] -->
<div class="noteimportant">Note that brackets can't be used except to enclose test.
<p>
If you wants to write <code>if(…) then if…</code>, you must write <code>if(not …) then … else if(…)…</code>
</p>
</div>
</div>
<h4 id="let_s_be_crazy">Let's be crazy</h4>
<div class="level4">
<p>
The following rule is valid:
</p>
<p>
<code>if($env→{REMOTE_ADDR} =~ /^192\./) then [mySSL, myLDAP] or [myLDAP] else [myLDAP and myDBI, myLDAP]</code>
</p>
</div><!-- EDIT7 SECTION "Rule chain" [1572-3878] -->
<h3 class="sectionedit11" id="combine_second_factor">Combine second factor</h3>
<div class="level3">
<p>
Imagine you want to authenticate users either by SSL or LDAP+U2F, you can't directly write this rule: this is done in 2 steps:
</p>
<ul>
<li class="level1"><div class="li"> use this combination rule: <code>[SSL,LDAP] or [LDAP]</code></div>
</li>
<li class="level1"><div class="li"> enable U2F with this rule: <code>$_auth eq “LDAP”</code> or <code>$_authenticationLevel &lt; 4</code> <em>(and adapt U2F authentication level)</em></div>
</li>
</ul>
<p>
Now if you want to authenticate users either by LDAP or LDAP+U2F <em>(to have 2 different authentication level)</em>, 2 possibilities:
</p>
<ul>
<li class="level1"><div class="li"> configure 2 portals and overwrite U2F activation in the second</div>
</li>
<li class="level1"><div class="li"> Modify login template to propose the choice <em>(add a “submit” button that points to the second portal)</em></div>
</li>
</ul>
</div><!-- EDIT11 SECTION "Combine second factor" [3879-4528] -->
<h3 class="sectionedit12" id="display_multiple_forms">Display multiple forms</h3>
<div class="level3">
<p>
Combination module returns the form corresponding to the first authentication scheme available for the current request. You can force it to display the forms chosen using <code>combinationForms</code> in lemonldap-ng.ini. Exemple :
</p>
<pre class="code :ini"><span class="re0"><span class="br0">[</span>portal<span class="br0">]</span></span>
<span class="re1">combinationForms</span> <span class="sy0">=</span><span class="re2"> standardform, openidform</span></pre>
</div><!-- EDIT12 SECTION "Display multiple forms" [4529-4857] -->
<h2 class="sectionedit13" id="known_problems">Problèmes connus</h2>
<div class="level2">
</div><!-- EDIT13 SECTION "Known problems" [4858-4885] -->
<h3 class="sectionedit14" id="federation_protocols">Federation protocols</h3>
<div class="level3">
<p>
<a href="authsaml.html" class="wikilink1" title="documentation:2.0:authsaml">SAML</a>, <a href="authopenidconnect.html" class="wikilink1" title="documentation:2.0:authopenidconnect">OpenID-Connect</a>, <a href="authcas.html" class="wikilink1" title="documentation:2.0:authcas">CAS</a> or <a href="authopenid.html" class="wikilink1" title="documentation:2.0:authopenid">old OpenID</a> can't be chained with a “and” for authentication part. So “[<abbr title="Security Assertion Markup Language">SAML</abbr>] and [LDAP]” isn't valid. This is because their authentication kinematic don't use the same steps.
</p>
<div class="table sectionedit15"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Bad expression </th><th class="col1 centeralign"> Solution </th><th class="col2 centeralign"> Explanation </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0"> <em><code>[<abbr title="Security Assertion Markup Language">SAML</abbr>] and [LDAP]</code></em> </td><td class="col1"> <code>[<abbr title="Security Assertion Markup Language">SAML</abbr>, <abbr title="Security Assertion Markup Language">SAML</abbr> and LDAP]</code> </td><td class="col2"> Authentication is done by <abbr title="Security Assertion Markup Language">SAML</abbr> only but user must match an LDAP entry </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> <em><code>[<abbr title="Security Assertion Markup Language">SAML</abbr>] and [LDAP] or [LDAP]</code></em> </td><td class="col1"> <code>[<abbr title="Security Assertion Markup Language">SAML</abbr>, <abbr title="Security Assertion Markup Language">SAML</abbr> and LDAP] or [LDAP]</code> </td><td class="col2"> Authentication is done by <abbr title="Security Assertion Markup Language">SAML</abbr> or LDAP but user must match an LDAP entry </td>
</tr>
</table></div><!-- EDIT15 TABLE [5185-5517] -->
</div><!-- EDIT14 SECTION "Federation protocols" [4886-5518] -->
<h3 class="sectionedit16" id="authapache_authentication">Auth::Apache authentication</h3>
<div class="level3">
<p>
En utilisant ce module, le portail <abbr title="LemonLDAP::NG">LL::NG</abbr> est appelé uniquement si Apache ne retourne pas “401 Authentication required”, aucune bascule n'est donc possible. So it can be used only with a “and” boolean expression.
</p>
<div class="notetip">The new <a href="authkerberos.html" class="wikilink1" title="documentation:2.0:authkerberos">Kerberos authentication module</a> solve this for Kerberos: you just have to use it instead of Apache and enable authentication by Ajax in Kerberos parameters.
</div>
<p>
Example: <code>[ Apache and LDAP, LDAP ]</code>
</p>
<p>
Pour outrepasser ceci, suivre la documentation du <a href="authapache.html" class="wikilink1" title="documentation:2.0:authapache">module AuthApache</a>
</p>
</div><!-- EDIT16 SECTION "Auth::Apache authentication" [5519-6130] -->
<h3 class="sectionedit17" id="ssl_authentication">Authentification SSL</h3>
<div class="level3">
<p>
Pour chaîner SSL, il est nécessaire de mettre “SSLRequire optional” dans le fichier de configuration Apache, sinon les utilisateurs ne seront authentifiés que par SSL.
</p>
</div><!-- EDIT17 SECTION "SSL authentication" [6131-] -->
</div>
</body>
</html>

94
po-doc/fr/pages/documentation/current/authcustom.html
View File

@ -1,94 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authcustom</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authcustom"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authcustom.html"/>
<link rel="contents" href="authcustom.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authcustom","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="custom_authentication_modules">Custom authentication modules</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2 centeralign"></td>
</tr>
</table></div><!-- EDIT2 TABLE [46-115] -->
</div><!-- EDIT1 SECTION "Custom authentication modules" [1-116] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
This artifact allows one to define its own modules (authentication, user database, password or register DB).
</p>
<div class="notetip">The developer documentation is available in Portal manpages.
</div>
</div><!-- EDIT3 SECTION "Presentation" [117-330] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
<p>
You just have to define class names of your custom modules in “Custom module names”. You can also add your custom parameters in “Additional parameters”. Be careful to use names not already used elsewhere in configuration. This parameters are available in your plugins using <code>$self→conf→{<em>customName</em>}</code>.
</p>
<p>
See portal manpages to see how to write these plugins.
</p>
</div><!-- EDIT4 SECTION "Configuration" [331-] -->
</div>
</body>
</html>

334
po-doc/fr/pages/documentation/current/authdbi.html
View File

@ -1,334 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authdbi</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authdbi"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authdbi.html"/>
<link rel="contents" href="authdbi.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authdbi","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#drivers">Drivers</a></div></li>
<li class="level2"><div class="li"><a href="#schema">Schéma</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#example_1two_tables">Exemple 1 : deux tables</a></div></li>
<li class="level3"><div class="li"><a href="#example_2single_table">Example 2: single table</a></div></li>
</ul>
</li>
<li class="level2"><div class="li"><a href="#sql">SQL</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#authentication_level">Niveau d'authentification</a></div></li>
<li class="level2"><div class="li"><a href="#exported_variables">Variables exportées</a></div></li>
<li class="level2"><div class="li"><a href="#connection">Connexion</a></div></li>
<li class="level2"><div class="li"><a href="#schema1">Schéma</a></div></li>
<li class="level2"><div class="li"><a href="#password">Mot-de-passe</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="databases">Bases de données</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2 centeralign"></td>
</tr>
</table></div><!-- EDIT2 TABLE [26-95] -->
</div><!-- EDIT1 SECTION "Databases" [1-96] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Presentation" [97-122] -->
<h3 class="sectionedit4" id="drivers">Drivers</h3>
<div class="level3">
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> peut utiliser de nombreuses bases de données comme backend d'authentification, d'utilisateurs et de mots de passe :
</p>
<ul>
<li class="level1"><div class="li"> MySQL</div>
</li>
<li class="level1"><div class="li"> PostGreSQL</div>
</li>
<li class="level1"><div class="li"> Oracle</div>
</li>
<li class="level1"><div class="li"></div>
</li>
</ul>
<p>
Ainsi, tout <a href="http://search.cpan.org/search?query=DBD%3A%3A&amp;mode=module" class="urlextern" title="http://search.cpan.org/search?query=DBD%3A%3A&amp;mode=module" rel="nofollow">driver Perl DBD</a> peut être utilisé.
</p>
</div><!-- EDIT4 SECTION "Drivers" [123-371] -->
<h3 class="sectionedit5" id="schema">Schéma</h3>
<div class="level3">
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> peut utiliser deux tables :
</p>
<ul>
<li class="level1"><div class="li"> La table d'authentification : où les logins and et mots-de-passe sont stockés</div>
</li>
<li class="level1"><div class="li"> La table utilisateurs : où les données utilisateurs sont stockées (mail, nom, etc.)</div>
</li>
</ul>
<div class="notetip">Les tables d'authentification et utilisateurs peuvent être confondues.
</div>
<p>
Le mot-de-passe peut être stocké en clair ou encodé avec une méthode SQL standard :
</p>
<ul>
<li class="level1"><div class="li"> SHA</div>
</li>
<li class="level1"><div class="li"> SHA1</div>
</li>
<li class="level1"><div class="li"> MD5</div>
</li>
</ul>
</div>
<h4 id="example_1two_tables">Exemple 1 : deux tables</h4>
<div class="level4">
</div>
<h5 id="authentication_table">Table d'authentification</h5>
<div class="level5">
<div class="table sectionedit6"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> id </th><th class="col1"> login </th><th class="col2"> password </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0"> 0 </td><td class="col1"> coudot </td><td class="col2"> 1f777a6581e478499f4284e54fe2d4a4e513dfff </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> 1 </td><td class="col1"> xguimard </td><td class="col2"> a15a18c8bb17e6f67886a9af1898c018b9f5a072 </td>
</tr>
<tr class="row3 rowodd">
<td class="col0"> 2 </td><td class="col1"> tchemineau </td><td class="col2"> 1f777a6581e478499f4284e54fe2d4a4e513dfff </td>
</tr>
</table></div><!-- EDIT6 TABLE [772-977] -->
</div>
<h5 id="user_table">Table utilisateurs</h5>
<div class="level5">
<div class="table sectionedit7"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> id </th><th class="col1"> user </th><th class="col2"> nom </th><th class="col3"> mail </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0"> 0 </td><td class="col1"> coudot </td><td class="col2"> Clément OUDOT </td><td class="col3"> coudot@example.com </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> 1 </td><td class="col1"> tchemineau </td><td class="col2"> Thomas CHEMINEAU </td><td class="col3"> tchemineau@example.com </td>
</tr>
<tr class="row3 rowodd">
<td class="col0"> 2 </td><td class="col1"> xguimard </td><td class="col2"> Xavier GUIMARD </td><td class="col3"> xguimard@example.com </td>
</tr>
</table></div><!-- EDIT7 TABLE [997-1197] -->
</div>
<h4 id="example_2single_table">Example 2: single table</h4>
<div class="level4">
<div class="table sectionedit8"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> id </th><th class="col1"> user </th><th class="col2"> password </th><th class="col3"> nom </th><th class="col4"> mail </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0"> 0 </td><td class="col1"> coudot </td><td class="col2"> 1f777a6581e478499f4284e54fe2d4a4e513dfff </td><td class="col3"> Clément OUDOT </td><td class="col4"> coudot@example.com </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> 1 </td><td class="col1"> tchemineau </td><td class="col2"> 1f777a6581e478499f4284e54fe2d4a4e513dfff </td><td class="col3"> Thomas CHEMINEAU </td><td class="col4"> tchemineau@example.com </td>
</tr>
<tr class="row3 rowodd">
<td class="col0"> 2 </td><td class="col1"> xguimard </td><td class="col2"> a15a18c8bb17e6f67886a9af1898c018b9f5a072 </td><td class="col3"> Xavier GUIMARD </td><td class="col4"> xguimard@example.com </td>
</tr>
</table></div><!-- EDIT8 TABLE [1232-1572] -->
</div><!-- EDIT5 SECTION "Schema" [372-1573] -->
<h3 class="sectionedit9" id="sql">SQL</h3>
<div class="level3">
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> exécutera quelques requêtes SQL :
</p>
<ul>
<li class="level1"><div class="li"> Authentification : selectionne la ligne de la table d'authentification contenant l'utilisateur et le mot-de-passe</div>
</li>
<li class="level1"><div class="li"> Recherche de l'utilisateur : selectionne la ligne de la table utilisateurs correspondant à l'utilisateur</div>
</li>
<li class="level1"><div class="li"> Changement de mot-de-passe : met à jour le champ mot-de-passe de la table d'authentification correspondant à l'utilisateur</div>
</li>
</ul>
</div><!-- EDIT9 SECTION "SQL" [1574-1847] -->
<h2 class="sectionedit10" id="configuration">Configuration</h2>
<div class="level2">
<p>
Dans le manager, aller dans <code>Paramètres généraux</code> &gt; <code>Modules d'authentification</code> et choisir "base de données" (<abbr title="Database Interface">DBI</abbr>) pour les modules authentification, utilisateurs et/ou mots-de-passe.
</p>
</div><!-- EDIT10 SECTION "Configuration" [1848-2022] -->
<h3 class="sectionedit11" id="authentication_level">Niveau d'authentification</h3>
<div class="level3">
<p>
Le niveau d'authentification accordé aux utilisateurs authentifiés par ce module.
</p>
<div class="noteimportant">Comme <abbr title="Database Interface">DBI</abbr> est un module de type login/mot-de-passe, le niveau d'authentification peut être :<ul>
<li class="level1"><div class="li"> augmenté (+1) si le portail est protégé par SSL (HTTPS)</div>
</li>
<li class="level1"><div class="li"> diminué (-1) si l'autocompletion est autorisée sur le portail (voir <a href="portalcustom.html" class="wikilink1" title="documentation:2.0:portalcustom">Personnalisation du portail</a>)</div>
</li>
</ul>
</div>
</div><!-- EDIT11 SECTION "Authentication level" [2023-2387] -->
<h3 class="sectionedit12" id="exported_variables">Variables exportées</h3>
<div class="level3">
<p>
Liste de colonnes à interroger pour trouver la session utilisateur. Voir aussi la <a href="exportedvars.html" class="wikilink1" title="documentation:2.0:exportedvars">configuration des variables exportées</a>.
</p>
</div><!-- EDIT12 SECTION "Exported variables" [2388-2525] -->
<h3 class="sectionedit13" id="connection">Connexion</h3>
<div class="level3">
<div class="notetip">Les paramètres de connexion peuvent être configurés différemment pour les processus d'authentification et de recherche d'utilisateur. This allows one to use different databases for these process. Par défaut, si les paramètres de processus de connexion utilisateur sont vides , ceux d'authentification seront utilisés.
</div><ul>
<li class="level1"><div class="li"> <strong>Chaîne</strong> : chaîne <abbr title="Database Interface">DBI</abbr>, contenant le nom de driver et le nom de la base de données (par exemple : dbi:mysql:database=lemonldapng;host=localhost).</div>
</li>
<li class="level1"><div class="li"> <strong>Utilisateur</strong> : compte de connexion</div>
</li>
<li class="level1"><div class="li"> <strong>Mot-de-passe</strong> : mot-de-passe du compte de connexion</div>
</li>
</ul>
</div><!-- EDIT13 SECTION "Connection" [2526-3044] -->
<h3 class="sectionedit14" id="schema1">Schéma</h3>
<div class="level3">
<ul>
<li class="level1"><div class="li"> <strong>Table d'authentification</strong> : nom de la table d'authentification</div>
</li>
<li class="level1"><div class="li"> <strong>Table utilisateurs</strong> : nom de la table utilisateurs</div>
</li>
<li class="level1"><div class="li"> <strong>Nom du champ de compte</strong> : nom de la colonne de la table d'authentification contenant le login</div>
</li>
<li class="level1"><div class="li"> <strong>Nom du champ mot-de-passe</strong> : nom de la colonne de la table d'authentification contenant le mot-de-passe</div>
</li>
<li class="level1"><div class="li"> <strong>Nom du chmap mail</strong> : nom de la colonne de la table d'authentification contenant le mail (pour la réinitialisation du mot-de-passe)</div>
</li>
<li class="level1"><div class="li"> <strong>Nom du champ login dans la table utilisateur</strong> : nom de la colonne de la table utilisateur contenant le login</div>
</li>
</ul>
</div><!-- EDIT14 SECTION "Schema" [3045-3488] -->
<h3 class="sectionedit15" id="password">Mot-de-passe</h3>
<div class="level3">
<ul>
<li class="level1"><div class="li"> <strong>Schéma de hachage</strong> : méthode SQL pour hacher les mots-de-passe. Peut être vide pour le stockage des mots-de-passe en clair.</div>
</li>
<li class="level1"><div class="li"> <strong>Dynamic hash activation</strong>: Activate dynamic hashing. With dynamic hashing, the hash scheme is recovered from the user password in the database during authentication.</div>
</li>
<li class="level1"><div class="li"> <strong>Supported non-salted schemes</strong>: List of whitespace separated hash schemes. Every hash scheme MUST match a non-salted hash function in the database. LemonLDAP::NG relies on this hashing function for computing user password hashes. These hashes MUST NOT be salted (no random data used in conjunction with the password).</div>
</li>
<li class="level1"><div class="li"> <strong>Supported salted schemes</strong>: List of whitespace separated salted hash schemes, of the form “<strong>s</strong>scheme”, where scheme MUST match a non-salted hash function in the database. LemonLDAP::NG relies on this hashing function for computing user password hashes. Salted and non-salted scheme lists are not necessarily equivalent. (for example: non-salted=“sha256” and salted=“ssha ssha512” is valid)</div>
</li>
<li class="level1"><div class="li"> <strong>Dynamic hash scheme for new passwords</strong>: LemonLDAP::NG is able to store new passwords in the database (while modifying or reinitializing the password). You can choose a salted or non salted dynamic hashed password. The value must be an element of “Supported non-salted schemes” or “Supported salted schemes”.</div>
</li>
</ul>
<div class="noteimportant">The SQL function MUST have hexadecimal values as input AND output
</div><div class="notetip">Here is an example for creating a postgreSQL SHA256 function.
1. Install postgresql-contrib.
2. Activate extension: <pre class="code">CREATE EXTENSION pgcrypto;</pre>
<p>
3. Create the hash function:
</p>
<pre class="code">CREATE OR REPLACE FUNCTION sha256(varchar) returns text AS $$
SELECT encode(digest(decode($1, 'hex'), 'sha256'), 'hex')
$$ LANGUAGE SQL STRICT IMMUTABLE;</pre>
</div>
</div><!-- EDIT15 SECTION "Password" [3489-] -->
</div>
</body>
</html>

114
po-doc/fr/pages/documentation/current/authdemo.html
View File

@ -1,114 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authdemo</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authdemo"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authdemo.html"/>
<link rel="contents" href="authdemo.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authdemo","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="demonstration">Démonstration</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2 centeralign"></td>
</tr>
</table></div><!-- EDIT2 TABLE [30-99] -->
</div><!-- EDIT1 SECTION "Demonstration" [1-100] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
This mode allow one to test LemonLDAP::NG without any third-party software.
</p>
<div class="notewarning">Ces mode ne doit pas être utilisé pour autre chose que des tests et démonstrations !
</div>
<p>
Le backend de démonstration dispose de compte codés en dur :
</p>
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> login </th><th class="col1 centeralign"> Mot-de-passe </th><th class="col2 centeralign"> Mail </th><th class="col3 centeralign"> Rôle </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> rtyler </td><td class="col1 centeralign"> rtyler </td><td class="col2 centeralign"> rtyler@badwolf.org </td><td class="col3 centeralign"> user </td>
</tr>
<tr class="row2 roweven">
<td class="col0 centeralign"> msmith </td><td class="col1 centeralign"> msmith </td><td class="col2 centeralign"> msmith@badwolf.org </td><td class="col3 centeralign"> user </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> dwho </td><td class="col1 centeralign"> dwho </td><td class="col2 centeralign"> dwho@badwolf.org </td><td class="col3 centeralign"> administrator </td>
</tr>
</table></div><!-- EDIT4 TABLE [353-566] -->
<div class="noteclassic">Comme on peut le voir, ces comptes sont les fameux caractères du show TV <a href="http://en.wikipedia.org/wiki/Doctor_Who" class="urlextern" title="http://en.wikipedia.org/wiki/Doctor_Who" rel="nofollow">Doctor Who</a>.
</div>
<p>
AuthDemo et UserDBDemo permettent de se connecter et d'avoir les attributs standards (uid, cn et mail). PasswordDBDemo permet de changer de mot-de-passe avec quelques tests de base, mais comme les données sont codées en dur, le mot-de-passe ne sera jamais réellement changé.
</p>
</div><!-- EDIT3 SECTION "Presentation" [101-978] -->
<h2 class="sectionedit5" id="configuration">Configuration</h2>
<div class="level2">
<p>
Selectionner Démonstration pour les backends authentification, utilisateurs et mots-de-passe.
</p>
<p>
On peut également modifier la liste des variables exportées. Seuls les attributs uid, cn et mail sont disponibles. Voir aussi la <a href="exportedvars.html" class="wikilink1" title="documentation:2.0:exportedvars">configuration des variables exportées</a>.
</p>
</div><!-- EDIT5 SECTION "Configuration" [979-] -->
</div>
</body>
</html>

125
po-doc/fr/pages/documentation/current/authfacebook.html
View File

@ -1,125 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authfacebook</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authfacebook"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authfacebook.html"/>
<link rel="contents" href="authfacebook.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authfacebook","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="facebook">Facebook</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2"> </td>
</tr>
</table></div><!-- EDIT2 TABLE [25-88] -->
</div><!-- EDIT1 SECTION "Facebook" [1-89] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="http://facebook.com" class="urlextern" title="http://facebook.com" rel="nofollow">Facebook</a> est un célèbre réseau social. Facebook utilise le protocole <a href="http://en.wikipedia.org/wiki/OAuth2" class="urlextern" title="http://en.wikipedia.org/wiki/OAuth2" rel="nofollow">OAuth2</a> pour autoriser les applications à réutiliser son propre prcessus d'authentification (ce qui signifie que si on est connecté à Facebook, d'autres applications peuvent agréer Facebook et accepter l'utilisateur).
</p>
<p>
La paquet <a href="https://metacpan.org/release/Net-Facebook-Oauth2" class="urlextern" title="https://metacpan.org/release/Net-Facebook-Oauth2" rel="nofollow">Net::Facebook::Oauth2</a> est nécessaire.
</p>
<p>
Il faut enregistrer la nouvelle application dans Facebook pour obtenir un identifiant d'application et un secret. Voir <a href="https://developers.facebook.com/apps" class="urlextern" title="https://developers.facebook.com/apps" rel="nofollow">https://developers.facebook.com/apps</a> pour en savoir plus.
</p>
</div><!-- EDIT3 SECTION "Presentation" [90-667] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
<p>
Dans le manager, allez dans <code>Paramètres generaux</code> &gt; <code>Modules d'authentification</code> et choisissez Facebook comme module d'authentication. On peut également utiliser Facebook comme base de données utilisateurs.
</p>
<p>
Ensuite, aller dans les <code>paramètres Facebook</code>:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Niveau d'authentification</strong> : niveau d'authentification accordé à ce module.</div>
</li>
<li class="level1"><div class="li"> <strong>ID de l'application Facebook</strong> : l'identifiant d'application obtenu</div>
</li>
<li class="level1"><div class="li"> <strong>Secret de l'application Facebook</strong> : le secret correspondant</div>
</li>
</ul>
<p>
If you use Facebook as user database, declare values in exported variables:
</p>
<ul>
<li class="level1"><div class="li"> utiliser n'importe quel nom de clef. Pour imposer qu'une valeur soit renseignée, ajouter un ”!” devant le nom de clef</div>
</li>
<li class="level1"><div class="li"> dans le champ valeur, mettre le nom du champ. You can show them using <a href="https://developers.facebook.com/tools/explorer" class="urlextern" title="https://developers.facebook.com/tools/explorer" rel="nofollow">Facebook Graph API explorer</a> and have a list of supported fields in the <a href="https://developers.facebook.com/docs/graph-api/reference/user/" class="urlextern" title="https://developers.facebook.com/docs/graph-api/reference/user/" rel="nofollow">Graph API User reference</a>. Par exemple :</div>
<ul>
<li class="level2"><div class="li"> cn ⇒ name</div>
</li>
<li class="level2"><div class="li"> mail ⇒ email</div>
</li>
<li class="level2"><div class="li"> sn ⇒ last_name</div>
</li>
</ul>
</li>
</ul>
<div class="noteimportant">Do not query <code>id</code> field in exported variables, as it is already registered by the authentication module in <code>$_user</code>.
</div><div class="notetip">On peut réutiliser le même ticket d'accès Facebook dans les applications. It is stored in session datas under the name <code>$_facebookToken</code>
</div>
</div><!-- EDIT4 SECTION "Configuration" [668-] -->
</div>
</body>
</html>

163
po-doc/fr/pages/documentation/current/authkerberos.html
View File

@ -1,163 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authkerberos</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,authkerberos"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authkerberos.html"/>
<link rel="contents" href="authkerberos.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authkerberos","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#llng_configuration">LLNG Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#kerberos_configuration">Kerberos configuration</a></div></li>
<li class="level2"><div class="li"><a href="#web_server_kerberos_module">Web Server Kerberos module</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="kerberos">Kerberos</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1"> </td><td class="col2"> </td>
</tr>
</table></div><!-- EDIT2 TABLE [24-81] -->
</div><!-- EDIT1 SECTION "Kerberos" [1-82] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="https://en.wikipedia.org/wiki/Kerberos_(protocol)" class="urlextern" title="https://en.wikipedia.org/wiki/Kerberos_(protocol)" rel="nofollow">Kerberos</a> is a network authentication protocol used to authenticate users based on their desktop session.
</p>
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> uses GSSAPI module to validate Kerberos ticket against a local keytab.
</p>
</div><!-- EDIT3 SECTION "Presentation" [83-347] -->
<h2 class="sectionedit4" id="llng_configuration">LLNG Configuration</h2>
<div class="level2">
<p>
In Manager, go in <code>General Parameters</code> &gt; <code>Authentication modules</code> and choose Kerberos for authentication. Then go to “Kerberos parameters” and configure the following parameters:
</p>
<ul>
<li class="level1"><div class="li"> <strong>keytab file</strong> (required): the Kerberos keytab file</div>
</li>
<li class="level1"><div class="li"> <strong>Use Ajax request</strong>: set to “enabled” if you want to use an Ajax request instead of a direct Kerberos attempt. <strong>This is required if you want to chain Kerberos in a <a href="authcombination.html" class="wikilink1" title="documentation:2.0:authcombination">combination</a></strong></div>
</li>
<li class="level1"><div class="li"> <strong>Kerberos authentication level</strong>: default to 3</div>
</li>
<li class="level1"><div class="li"> <strong>Use Web Server Kerberos module</strong>: set to “enabled” to use the Web Server module (for example Apache mod_auth_kerb) instead of Perl Kerberos code to validate Kerberos ticket</div>
</li>
<li class="level1"><div class="li"> <strong>Remove domain in username</strong>: set to “enabled” to strip username value and remove the '@domain'.</div>
</li>
</ul>
<div class="noteimportant"><ul>
<li class="level1"><div class="li"> Due to a perl GSSAPI issue, you may need to copy the keytab in /etc/krb5.keytab which is the default location hardcoded in the library</div>
</li>
<li class="level1"><div class="li"> As Kerberos ticket is passed inside Authorization header, you may need to set CGIPassAuth on in Apache <em>(with old Apache, use <code>RewriteCond %{HTTP:Authorization}</code> followed by <code>RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]</code>)</em></div>
</li>
</ul>
</div>
</div><!-- EDIT4 SECTION "LLNG Configuration" [348-1572] -->
<h3 class="sectionedit5" id="kerberos_configuration">Kerberos configuration</h3>
<div class="level3">
<p>
La configuration Kerberos est assez complexe. On peut trouver quelques éléments de configuration <a href="kerberos.html" class="wikilink1" title="documentation:2.0:kerberos">dans cette page</a>.
</p>
</div><!-- EDIT5 SECTION "Kerberos configuration" [1573-1716] -->
<h3 class="sectionedit6" id="web_server_kerberos_module">Web Server Kerberos module</h3>
<div class="level3">
<p>
If you want to let Web Server Kerberos module validates the Kerberos ticket, set the according option to “enabled” and configure the portal virtual host to launch the module if “kerberos” GET parameter is in the request.
</p>
<p>
Example with Apache and mod_auth_kerb:
</p>
<pre class="code file apache"> &lt;If <span class="st0">"%{QUERY_STRING} =~ /kerberos=/"</span>&gt;
&lt;<span class="kw3">IfModule</span> auth_kerb_module&gt;
<span class="kw1">AuthType</span> Kerberos
KrbMethodNegotiate <span class="kw2">On</span>
KrbMethodK5Passwd <span class="kw2">Off</span>
KrbAuthRealms EXAMPLE.COM
Krb5KeyTab /etc/lemonldap-ng/auth.keytab
KrbVerifyKDC <span class="kw2">On</span>
KrbServiceName Any
<span class="kw1">require</span> valid-<span class="kw1">user</span>
&lt;/<span class="kw3">IfModule</span>&gt;
&lt;/If&gt;</pre>
</div><!-- EDIT6 SECTION "Web Server Kerberos module" [1717-] -->
</div>
</body>
</html>

264
po-doc/fr/pages/documentation/current/authldap.html
View File

@ -1,264 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authldap</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authldap"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authldap.html"/>
<link rel="contents" href="authldap.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authldap","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#authentication_level">Niveau d'authentification</a></div></li>
<li class="level2"><div class="li"><a href="#exported_variables">Variables exportées</a></div></li>
<li class="level2"><div class="li"><a href="#connection">Connexion</a></div></li>
<li class="level2"><div class="li"><a href="#filters">Filters</a></div></li>
<li class="level2"><div class="li"><a href="#groups">Groupes</a></div></li>
<li class="level2"><div class="li"><a href="#password">Mot-de-passe</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="ldap">LDAP</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2 centeralign"></td>
</tr>
</table></div><!-- EDIT2 TABLE [21-90] -->
</div><!-- EDIT1 SECTION "LDAP" [1-91] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> peut utiliser un annuaire LDAP pour :
</p>
<ul>
<li class="level1"><div class="li"> authentifier les utilisateurs</div>
</li>
<li class="level1"><div class="li"> obtenir les attributs utilisateurs</div>
</li>
<li class="level1"><div class="li"> obtenir les groupes dont l'utilisateur est membre</div>
</li>
<li class="level1"><div class="li"> changer les mots-de-passe (avec la gestion de la politique de mot-de-passe côté serveur)</div>
</li>
</ul>
<p>
Ceci fonctionne avec tout serveur LDAP v2 ou v3, dont <a href="authad.html" class="wikilink1" title="documentation:2.0:authad">Active Directory</a>.
</p>
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> est compatible avec <a href="https://opends.dev.java.net/public/standards/draft-behera-ldap-password-policy.txt" class="urlextern" title="https://opends.dev.java.net/public/standards/draft-behera-ldap-password-policy.txt" rel="nofollow">la politique de mots-de-passe LDAP</a> :
</p>
<ul>
<li class="level1"><div class="li"> Le server LDAP server peut vérifier la solidité du mot de passe et le portail <abbr title="LemonLDAP::NG">LL::NG</abbr> affichera les erreurs correctes (mot-de-passe trop court, dans l'historique, etc…)</div>
</li>
<li class="level1"><div class="li"> Le serveur LDAP peut bloquer les attaques par force brute et <abbr title="LemonLDAP::NG">LL::NG</abbr> affichera que le compte est bloqué</div>
</li>
<li class="level1"><div class="li"> Le serveur LDAP peut imposer le changement de mot-de-passe à la première connexion et le portail <abbr title="LemonLDAP::NG">LL::NG</abbr> affichera le formulaire de changement de mot-de-passe avant d'ouvrir la session <abbr title="Authentification unique (Single Sign On)">SSO</abbr></div>
</li>
</ul>
</div><!-- EDIT3 SECTION "Presentation" [92-903] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
<p>
Dans le manager, aller dans <code>Paramètres généraux</code> &gt; <code>Modules d'authentification</code> et choisir LDAP) pour les modules authentification, utilisateurs et/ou mots-de-passe.
</p>
<div class="notetip">Pour <a href="authad.html" class="wikilink1" title="documentation:2.0:authad">Active Directory</a>, choisir <code>Active Directory</code> au lieu de <code>LDAP</code>.
</div>
</div><!-- EDIT4 SECTION "Configuration" [904-1169] -->
<h3 class="sectionedit5" id="authentication_level">Niveau d'authentification</h3>
<div class="level3">
<p>
Le niveau d'authentification accordé aux utilisateurs authentifiés par ce module.
</p>
<div class="noteimportant">Comme LDAP est un module de type login/mot-de-passe, le niveau d'authentification peut être :<ul>
<li class="level1"><div class="li"> augmenté (+1) si le portail est protégé par SSL (HTTPS)</div>
</li>
<li class="level1"><div class="li"> diminué (-1) si l'autocompletion est autorisée sur le portail (voir <a href="portalcustom.html" class="wikilink1" title="documentation:2.0:portalcustom">Personnalisation du portail</a>)</div>
</li>
</ul>
</div>
</div><!-- EDIT5 SECTION "Authentication level" [1170-1535] -->
<h3 class="sectionedit6" id="exported_variables">Variables exportées</h3>
<div class="level3">
<p>
Liste d'attributs à interroger pour trouver la session utilisateur. Voir aussi la <a href="exportedvars.html" class="wikilink1" title="documentation:2.0:exportedvars">configuration des variables exportées</a>.
</p>
</div><!-- EDIT6 SECTION "Exported variables" [1536-1676] -->
<h3 class="sectionedit7" id="connection">Connexion</h3>
<div class="level3">
<ul>
<li class="level1"><div class="li"> <strong>Nom de serveur</strong> : nom du serveur LDAP ou <abbr title="Uniform Resource Identifier">URI</abbr> (par défaut : localhost). Autres possibilités :</div>
<ul>
<li class="level2"><div class="li"> Plusieurs serveurs peuvent être renseignés séparés par des virgules ou espaces. Ils seront testés dans l'ordre indiqué.</div>
</li>
<li class="level2"><div class="li"> Pour utiliser TLS, utiliser <code>ldap+tls://server</code> et pour utiliser LDAPS, indiquer <code>ldaps://server</code> au lieu du nom de serveur.</div>
</li>
<li class="level2"><div class="li"> En utilisant TLS, il est possible d'utiliser toutes les options de la fonction start_tls() <a href="http://search.cpan.org/~gbarr/perl-ldap/lib/Net/LDAP.pod" class="urlextern" title="http://search.cpan.org/~gbarr/perl-ldap/lib/Net/LDAP.pod" rel="nofollow">Net::LDAP</a> telle <code>ldap+tls://server/verify=none&amp;capath=/etc/ssl</code>. You can also use cafile and capath parameters.</div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> <strong>Port du serveur</strong> : port TCP du serveur LDAP. Peut être surchargé par une &lt;a3&gt;URI&lt;/a3&gt; LDAP dans le nom du serveur.</div>
</li>
<li class="level1"><div class="li"> <strong>Base de recherche des utilisateurs</strong> : base de recherche de l'annuaire LDAP.</div>
</li>
<li class="level1"><div class="li"> <strong>Compte</strong> : <abbr title="Distinguished Name">DN</abbr> à utiliser pour se connecter au serveur LDAP. Par défaut, une connexion anonyme est utilisée.</div>
</li>
<li class="level1"><div class="li"> <strong>Mot-de-passe</strong> : mot-de-passe à utiliser pour se connecter au serveur LDAP. Par défaut, une connexion anonyme est utilisée.</div>
</li>
<li class="level1"><div class="li"> <strong>Timeout</strong> : délai maximum de connexion.</div>
</li>
<li class="level1"><div class="li"> <strong>Version</strong> : version du protocole LDAP.</div>
</li>
<li class="level1"><div class="li"> <strong>Attributs binaires</strong> : expression régulière correspondant aux attributs binaires (voir la documentation <a href="http://search.cpan.org/~gbarr/perl-ldap/lib/Net/LDAP.pod" class="urlextern" title="http://search.cpan.org/~gbarr/perl-ldap/lib/Net/LDAP.pod" rel="nofollow">Net::LDAP</a>).</div>
</li>
</ul>
</div><!-- EDIT7 SECTION "Connection" [1677-2868] -->
<h3 class="sectionedit8" id="filters">Filters</h3>
<div class="level3">
<div class="notetip">Dans les filtres LDAP, $user est remplacé par le nom du compte et $mail par l'adresse email.
</div><ul>
<li class="level1"><div class="li"> <strong>Default filter</strong>: default LDAP filter for searches, should not be modified.</div>
</li>
<li class="level1"><div class="li"> <strong>Filtre d'authentication</strong> : filtre pour trouver l'utilisateur à partir de son login (défaut : <code>(&amp;(uid=$user)(objectClass=inetOrgPerson))</code>)</div>
</li>
<li class="level1"><div class="li"> <strong>Filtre mail</strong> : filtre pour trouver l'utilisateur à partir de son mail (défaut: <code>(&amp;(mail=$mail)(objectClass=inetOrgPerson))</code>)</div>
</li>
<li class="level1"><div class="li"> <strong>Déréférence d'alias</strong> : comment gérer les alias LDAP. (défaut: <code>find</code>)</div>
</li>
</ul>
<div class="notetip">Pour Active Directory, le filtre d'authentification par défaut est :
<pre class="code">(&amp;(sAMAccountName=$user)(objectClass=person))</pre>
<p>
Et le filtre d'adresse mail est :
</p>
<pre class="code">(&amp;(mail=$mail)(objectClass=person))</pre>
</div>
</div><!-- EDIT8 SECTION "Filters" [2869-3590] -->
<h3 class="sectionedit9" id="groups">Groupes</h3>
<div class="level3">
<ul>
<li class="level1"><div class="li"> <strong>Base de recherche</strong> : <abbr title="Distinguished Name">DN</abbr> de la branche des groupes. La recherche des groupes est désactivé si cette valeur est vide.</div>
</li>
<li class="level1"><div class="li"> <strong>Classe d'object</strong>: objectClass du groupe (défaut: groupOfNames).</div>
</li>
<li class="level1"><div class="li"> <strong>Attribut cible</strong> : nom de l'attribut du groupe stockant le lien vers l'utilisateur (défaut: member).</div>
</li>
<li class="level1"><div class="li"> <strong>Attribut source utilisateur</strong> : nom de l'attribut utilisateur utilisé dans le lien (défaut: dn).</div>
</li>
<li class="level1"><div class="li"> <strong>Attributs recherchés</strong> : nom(s) de l'attribut stocké dans le nom du groupe, séparés par des espaces (défaut: cn).</div>
</li>
<li class="level1"><div class="li"> <strong>Récursivité</strong> : active la fonctionnalité récursive (défaut: 0). Si activé et si le groupe de l'utilisateur est membre d'un autre groupe (groupes de groupes), tous les groupes parents seront considérés comme groupes de l'utilisateur.</div>
</li>
<li class="level1"><div class="li"> <strong>Attribut source du groupe</strong> : nom de l'attribut dans l'entrée groupe utilisé dans le lien pour la recherche récursive de groupe (défaut : dn).</div>
</li>
</ul>
</div><!-- EDIT9 SECTION "Groups" [3591-4425] -->
<h3 class="sectionedit10" id="password">Mot-de-passe</h3>
<div class="level3">
<ul>
<li class="level1"><div class="li"> <strong>Contrôle de politique de mot-de-passe</strong> : active l'utilisation de la politique de mots-de-passe LDAP. Nécessite une version de Net::LDAP égale ou supérieure à 0.38. (voir le procédé de politique de mots-de-passe ci-dessous)</div>
</li>
<li class="level1"><div class="li"> <strong>Opération étendue de modification de mot-de-passe</strong> : active l'utilisation de l'opération étendue de <code>modification de mot-de-passe</code> LDAP au lieu de l'opération standard.</div>
</li>
<li class="level1"><div class="li"> <strong>Change comme utilisateur</strong> : active la modification du mot-de-passe avec les éléments d'authentification de l'utilisateur connecté. Nécessite de requérir l'ancien mot-de-passe (voir <a href="portalcustom.html" class="wikilink1" title="documentation:2.0:portalcustom">personnalisation du portail</a>).</div>
</li>
<li class="level1"><div class="li"> <strong>LDAP password encoding</strong>: can allow one to manage old LDAP servers using specific encoding for passwords (default: utf-8).</div>
</li>
<li class="level1"><div class="li"> <strong>Utiliser l'attribut reset</strong> : activé pour utiliser l'attribut reset du mot-de-passe. Cet attribut est activé par LemonLDAP::NG lorsque <a href="resetpassword.html" class="wikilink1" title="documentation:2.0:resetpassword">le mot-de-passe a été réinitialisé par mail</a> et que l'utilisateur a choisi de générer le mot-de-passe (défaut : activé).</div>
</li>
<li class="level1"><div class="li"> <strong>Attribut reset</strong> : nom de l'attribut reset du mot-de-passe (défaut : pwdReset).</div>
</li>
<li class="level1"><div class="li"> <strong>Valeur de reset</strong> : valeur à mettre dans l'attribut reset pour activer la réinitialisation du mot-de-passe (défaut : TRUE).</div>
</li>
<li class="level1"><div class="li"> <strong>Allow a user to reset his expired password</strong>: if activated, the user will be prompted to change password if his password is expired (default: 0)</div>
</li>
</ul>
<p>
<div class="row"><div class="col-md-6">
<strong>Procédé d'avertissement avant expiration du mot-de-passe</strong>
<a href="documentation/lemonldap-ng-password-expiration-warning.png_documentation_2.0_authldap.html" class="media" title="documentation:lemonldap-ng-password-expiration-warning.png"><img src="documentation/lemonldap-ng-password-expiration-warning.png" class="media" alt="" /></a>
</div>
<div class="col-md-6">
<strong>Procédé d'expiration du mot-de-passe</strong>
<a href="documentation/lemonldap-ng-password-expired.png_documentation_2.0_authldap.html" class="media" title="documentation:lemonldap-ng-password-expired.png"><img src="documentation/lemonldap-ng-password-expired.png" class="media" alt="" /></a>
</div></div>
</p>
</div><!-- EDIT10 SECTION "Password" [4426-] -->
</div>
</body>
</html>

113
po-doc/fr/pages/documentation/current/authlinkedin.html
View File

@ -1,113 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authlinkedin</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authlinkedin"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authlinkedin.html"/>
<link rel="contents" href="authlinkedin.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authlinkedin","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="linkedin">LinkedIn</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 leftalign"> </td><td class="col2 leftalign"> </td>
</tr>
</table></div><!-- EDIT2 TABLE [25-84] -->
</div><!-- EDIT1 SECTION "LinkedIn" [1-85] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="https://www.linkedin.com/" class="urlextern" title="https://www.linkedin.com/" rel="nofollow">LinkedIn</a> is a professional social network. It uses <a href="http://en.wikipedia.org/wiki/OAuth2" class="urlextern" title="http://en.wikipedia.org/wiki/OAuth2" rel="nofollow">OAuth2</a> protocol to allow applications to reuse its own authentication process (see <a href="https://developer.linkedin.com/docs/oauth2" class="urlextern" title="https://developer.linkedin.com/docs/oauth2" rel="nofollow">https://developer.linkedin.com/docs/oauth2</a>).
</p>
<p>
You need to register a new application on LinkedIn to get an application ID and a secret. See <a href="https://www.linkedin.com/developer/apps/" class="urlextern" title="https://www.linkedin.com/developer/apps/" rel="nofollow">https://www.linkedin.com/developer/apps/</a> on how to do that.
</p>
</div><!-- EDIT3 SECTION "Presentation" [86-526] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
<p>
In Manager, go in <code>General Parameters</code> &gt; <code>Authentication modules</code> and choose LinkedIn for authentication module.
</p>
<p>
Then, go in <code>LinkedIn parameters</code>:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Niveau d'authentification</strong> : niveau d'authentification accordé à ce module.</div>
</li>
<li class="level1"><div class="li"> <strong>Client ID</strong>: the application ID you get</div>
</li>
<li class="level1"><div class="li"> <strong>Client secret</strong>: the corresponding secret</div>
</li>
<li class="level1"><div class="li"> <strong>Searched fields</strong>: Fields requested on People endpoint</div>
</li>
<li class="level1"><div class="li"> <strong>Field containing user identifier</strong>: Field that will be used as main user identifier in <abbr title="LemonLDAP::NG">LL::NG</abbr></div>
</li>
<li class="level1"><div class="li"> <strong>Scope</strong>: OAuth 2.0 scopes</div>
</li>
</ul>
<div class="notetip">Collected fields are stored in session in <code>linkedIn_</code> keys
</div>
</div><!-- EDIT4 SECTION "Configuration" [527-] -->
</div>
</body>
</html>

56
po-doc/fr/pages/documentation/current/authmulti.html
View File

@ -1,56 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authmulti</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authmulti"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authmulti.html"/>
<link rel="contents" href="authmulti.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authmulti","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="multiple_backends_stack">Empiler de multiples backends</h1>
<div class="level1">
<div class="noteimportant">This module has been removed and replaced by the more powerful <a href="authcombination.html" class="wikilink1" title="documentation:2.0:authcombination">Combination of auth schemes</a>.
</div>
</div>
</div>
</body>
</html>

102
po-doc/fr/pages/documentation/current/authnull.html
View File

@ -1,102 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authnull</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authnull"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authnull.html"/>
<link rel="contents" href="authnull.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authnull","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="null">Null</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2 centeralign"></td>
</tr>
</table></div><!-- EDIT2 TABLE [21-90] -->
</div><!-- EDIT1 SECTION "Null" [1-91] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
Le backend Null de <abbr title="LemonLDAP::NG">LL::NG</abbr> est un backend transparent :
</p>
<ul>
<li class="level1"><div class="li"> Authentification : créé une session sans demander quoi que ce soit (mais enregistre l'adresse <abbr title="Internet Protocol">IP</abbr> cliente et la date de création)</div>
</li>
<li class="level1"><div class="li"> Utilisateurs : ne collecte aucune donnée (mais il est possible d'enregistrer des variables d'environement dans la session)</div>
</li>
<li class="level1"><div class="li"> Mots-de-passe : ne change aucun mot-de-passe</div>
</li>
</ul>
<p>
Le backend Null peut être utilisé pour sauter des étapes du processus d'authentication.
</p>
</div><!-- EDIT3 SECTION "Presentation" [92-499] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
<p>
Dans le manager, aller dans <code>Paramètres généraux</code> &gt; <code>Modules d'authentification</code> et choisir &lt;a2&gt;Null&lt;/a2&gt;) pour les modules authentification, utilisateurs et/ou mots-de-passe.
</p>
<p>
Aller ensuite dans les <code>paramètres Null</code>:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Niveau d'authentification</strong> : niveau d'authentification accordé à ce module.</div>
</li>
</ul>
</div><!-- EDIT4 SECTION "Configuration" [500-] -->
</div>
</body>
</html>

152
po-doc/fr/pages/documentation/current/authopenid.html
View File

@ -1,152 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authopenid</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authopenid"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authopenid.html"/>
<link rel="contents" href="authopenid.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authopenid","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="openid">OpenID</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2"> </td>
</tr>
</table></div><!-- EDIT2 TABLE [22-85] -->
<div class="notewarning">Le protocole OpenID est obsolète. Il faut maintenant utiliser <a href="authopenidconnect.html" class="wikilink1" title="documentation:2.0:authopenidconnect">OpenID-Connect</a>.
</div>
</div><!-- EDIT1 SECTION "OpenID" [1-196] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> peut deleguer l'authentification à un serveur OpenID. Ceci requiert le <a href="http://search.cpan.org/~mart/Net-OpenID-Consumer/" class="urlextern" title="http://search.cpan.org/~mart/Net-OpenID-Consumer/" rel="nofollow">module client OpenID pour Perl</a>, version au moins supérieure ou égale à 1.0.
</p>
<div class="notetip"><abbr title="LemonLDAP::NG">LL::NG</abbr> can also act as <a href="idpopenid.html" class="wikilink1" title="documentation:2.0:idpopenid">OpenID server</a>, that allows one to interconnect two <abbr title="LemonLDAP::NG">LL::NG</abbr> systems.
</div>
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> affiche alors un formulaire dans lequel les utilisateurs peuvent entrer leur identifiant OpenID.
</p>
<div class="notetip">L'authentification OpenID peut être proposée en choix alternatif en utilisant la méthode d'authentification <a href="authchoice.html" class="wikilink1" title="documentation:2.0:authchoice">choice</a>.
</div>
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> peut utiliser une liste blanche ou noire pour filtrer les domaines OpenID autorisés.
</p>
<p>
If OpenID is used as users database, attributes will be requested to the server with SREG extension.
</p>
</div><!-- EDIT3 SECTION "Presentation" [197-947] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
<p>
Dans le manager, aller dans <code>Paramètres généraux</code> &gt; <code>Modules d'authentification</code> et choisir &lt;a2&gt;OpenID&lt;/a2&gt; pour les modules authentification, utilisateurs et/ou mots-de-passe.
</p>
<p>
Ensuite, aller dans les <code>paramètres OpenID</code> :
</p>
<ul>
<li class="level1"><div class="li"> <strong>Niveau d'authentification</strong> : niveau d'authentification accordé à ce module.</div>
</li>
<li class="level1"><div class="li"> <strong>Secret token</strong> : utilisé pour vérifier l'integrité des réponses OpenID.</div>
</li>
<li class="level1"><div class="li"> <strong>Domaines autorisés</strong> :</div>
<ul>
<li class="level2"><div class="li"> <strong>Type de liste</strong> : choisir liste blanche pour définir la liste exhaustive des domaines autorisés ou liste noire pour lister les domaines interdits</div>
</li>
<li class="level2"><div class="li"> <strong>Liste</strong> : liste des domaines (séparés par des virgules)</div>
</li>
</ul>
</li>
</ul>
<p>
Pour configurer les attributs à récupérer, éditer les <strong>Variables exportées</strong> et definir les attributs :
</p>
<ul>
<li class="level1"><div class="li"> <strong>Clef</strong> : clef de session interne, peut être prefixé par <code>!</code> pour exiger ces attributs</div>
</li>
<li class="level1"><div class="li"> <strong>Valeur</strong> : noms d'attributs SREG :</div>
<ul>
<li class="level2"><div class="li"> fullname</div>
</li>
<li class="level2"><div class="li"> nickname</div>
</li>
<li class="level2"><div class="li"> language</div>
</li>
<li class="level2"><div class="li"> postcode</div>
</li>
<li class="level2"><div class="li"> timezone</div>
</li>
<li class="level2"><div class="li"> country</div>
</li>
<li class="level2"><div class="li"> gender</div>
</li>
<li class="level2"><div class="li"> email</div>
</li>
<li class="level2"><div class="li"> dob</div>
</li>
</ul>
</li>
</ul>
<p>
Voir aussi la <a href="exportedvars.html" class="wikilink1" title="documentation:2.0:exportedvars">configuration des variables exportées</a>.
</p>
</div><!-- EDIT4 SECTION "Configuration" [948-] -->
</div>
</body>
</html>

435
po-doc/fr/pages/documentation/current/authopenidconnect.html
View File

@ -1,435 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authopenidconnect</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authopenidconnect"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authopenidconnect.html"/>
<link rel="contents" href="authopenidconnect.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authopenidconnect","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#openid_connect_service">Service OpenID-Connect</a></div></li>
<li class="level2"><div class="li"><a href="#authentication_and_userdb">Authentification et base d'utilisateurs</a></div></li>
<li class="level2"><div class="li"><a href="#register_llng_to_an_openid_connect_provider">Enregistrer LL::NG dans un fournisseur d'identité OpenID-Connect</a></div></li>
<li class="level2"><div class="li"><a href="#declare_the_openid_connect_provider_in_llng">Déclarer le fournisseur OpenID Connect dans LL::NG</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#metadata">Métadonnée</a></div></li>
<li class="level3"><div class="li"><a href="#jwks_data">Donnée JWKS</a></div></li>
<li class="level3"><div class="li"><a href="#exported_attributes">Attributs exportés</a></div></li>
<li class="level3"><div class="li"><a href="#options">Options</a></div></li>
</ul></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="openid_connect">OpenID Connect</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2"> </td>
</tr>
</table></div><!-- EDIT2 TABLE [31-94] -->
</div><!-- EDIT1 SECTION "OpenID Connect" [1-95] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<div class="noteclassic">OpenID Connect est un protocole basé sur les piles REST, OAuth 2.0 et JOSE. Il est décrit ici : <a href="http://openid.net/connect/" class="urlextern" title="http://openid.net/connect/" rel="nofollow">http://openid.net/connect/</a>.
</div>
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> peut agir comme un client OpenID-Connect (« Relying Party » RP), ce qui permet de fédérer &lt;a1&gt;LL::NG&lt;/a1&gt; avec : L'identité utilisateur sera récupérée via in jeton d'identification, et les attributs utilisateurs via le point d'accès UserInfo.
</p>
<p>
Comme RP, <abbr title="LemonLDAP::NG">LL::NG</abbr> supporte de nombreuses fonctionnalités OpenID-Connect :
</p>
<ul>
<li class="level1"><div class="li"> Débit de code d'autorisation</div>
</li>
<li class="level1"><div class="li"> Téléchargement automatique de JWKS</div>
</li>
<li class="level1"><div class="li"> Vérification de signature JWT</div>
</li>
<li class="level1"><div class="li"> Vérification de hashage des jetons d'accès</div>
</li>
<li class="level1"><div class="li"> Validation de jeton d'identité</div>
</li>
<li class="level1"><div class="li"> Récupérer UserInfo au format JSON ou JWT</div>
</li>
<li class="level1"><div class="li"> Déconnexion via point d'accès EndSession</div>
</li>
</ul>
<p>
On peut utiliser ce module d'authentification pour lier un serveur <abbr title="LemonLDAP::NG">LL::NG</abbr> à n'importe quel fournisseur OpenID-Connect. Quelques exemples, avec leur documentation :
</p>
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Google </th><th class="col1 centeralign"> France Connect </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="authopenidconnect_google.html" class="media" title="documentation:2.0:authopenidconnect_google"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a> </td><td class="col1 centeralign"> <a href="authopenidconnect_franceconnect.html" class="media" title="documentation:2.0:authopenidconnect_franceconnect"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a> </td>
</tr>
</table></div><!-- EDIT4 TABLE [905-1106] -->
<div class="noteimportant">OpenID-Connect specification isn't finished for logout propagation. So logout initiated by relaying-party will be forward to OpenID-Connect provider but logout initiated by the provider (or another RP) will not be propagated. LLNG will implement this when <abbr title="spécification">spec</abbr> will be published.
</div>
</div><!-- EDIT3 SECTION "Presentation" [96-1410] -->
<h2 class="sectionedit5" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT5 SECTION "Configuration" [1411-1437] -->
<h3 class="sectionedit6" id="openid_connect_service">Service OpenID-Connect</h3>
<div class="level3">
<p>
Voir le chapître de configuration du <a href="openidconnectservice.html" class="wikilink1" title="documentation:2.0:openidconnectservice">service OpenID-Connect</a>.
</p>
</div><!-- EDIT6 SECTION "OpenID Connect Service" [1438-1546] -->
<h3 class="sectionedit7" id="authentication_and_userdb">Authentification et base d'utilisateurs</h3>
<div class="level3">
<p>
Dans <code>Paramètres généraux</code> &gt; <code>Modules d'authentification</code>, choisir :
</p>
<ul>
<li class="level1"><div class="li"> <strong>Module d'authentication</strong> : OpenID-Connect</div>
</li>
<li class="level1"><div class="li"> <strong>Module utilisateurs</strong> : OpenID-Connect</div>
</li>
</ul>
<div class="notetip">Comme les mots-de-passe ne sernt pas gérés par <abbr title="LemonLDAP::NG">LL::NG</abbr>, il est possile de désactiver le <a href="portalmenu.html#menu_modules" class="wikilink1" title="documentation:2.0:portalmenu">module mots-de-passe du menu</a>.
</div>
<p>
Ensuite dans <code>Paramètres généraux</code> &gt; <code>Paramètres d'authentification</code> &gt; <code>Paramètres OpenID-Connect </code>, on peut indiquer :
</p>
<ul>
<li class="level1"><div class="li"> <strong>Niveau d'authentification</strong> : niveau d'authentification associé à ce module</div>
</li>
<li class="level1"><div class="li"> <strong>Paramètres GET de rappel</strong> : nom du paramètre GET utilisé pour intercepter le rappel (défaut: openidconnectcallback)</div>
</li>
<li class="level1"><div class="li"> <strong>State session timeout</strong>: duration of a state session (used to keep state information between authentication request and authentication response) in seconds (default: 600)</div>
</li>
</ul>
</div><!-- EDIT7 SECTION "Authentication and UserDB" [1547-2338] -->
<h3 class="sectionedit8" id="register_llng_to_an_openid_connect_provider">Enregistrer LL::NG dans un fournisseur d'identité OpenID-Connect</h3>
<div class="level3">
<p>
Pour enregistrer <abbr title="LemonLDAP::NG">LL::NG</abbr>, il faut renseigner quelques informations telles le nom d'application ou le logo. Une des informations exigées est l'<abbr title="Uniform Resource Locator">URL</abbr> de redirection (une ou plusieurs).
</p>
<p>
Pour connaître cette information, prendre simplement l'<abbr title="Uniform Resource Locator">URL</abbr> et le paramètre GET de rappel, par exemple :
</p>
<ul>
<li class="level1"><div class="li"> <a href="http://auth.example.com/?openidcallback=1" class="urlextern" title="http://auth.example.com/?openidcallback=1" rel="nofollow">http://auth.example.com/?openidcallback=1</a></div>
</li>
<li class="level1"><div class="li"> <a href="http://auth.example.com/index.pl?openidcallback=1" class="urlextern" title="http://auth.example.com/index.pl?openidcallback=1" rel="nofollow">http://auth.example.com/index.pl?openidcallback=1</a></div>
</li>
<li class="level1"><div class="li"> <a href="http://auth.example.com/?lmAuth=oidc&amp;openidcallback=1" class="urlextern" title="http://auth.example.com/?lmAuth=oidc&amp;openidcallback=1" rel="nofollow">http://auth.example.com/?lmAuth=oidc&amp;openidcallback=1</a></div>
</li>
</ul>
<div class="noteimportant">Si le <a href="authchoice.html" class="wikilink1" title="documentation:2.0:authchoice">backend choix</a> est utilisé, il faut ajouter le paramètre choix dans l'<abbr title="Uniform Resource Locator">URL</abbr> de redirection
</div>
<p>
Après enregistrement, l'OP doit donner un identifiant et un secret clients, qui seront utilisé pour configurer l'OP dans <abbr title="LemonLDAP::NG">LL::NG</abbr>.
</p>
</div><!-- EDIT8 SECTION "Register LL::NG to an OpenID Connect Provider" [2339-3053] -->
<h3 class="sectionedit9" id="declare_the_openid_connect_provider_in_llng">Déclarer le fournisseur OpenID Connect dans LL::NG</h3>
<div class="level3">
<p>
Dans le manager, choisir <code>Fournisseurs OpenID-Connect</code> et cliquer sur <code>Ajouter un fournisseur OpenID-Connect</code>. Donner un nom technique (sans espaces ni caratères speciaux), tel “sample-op” ;
</p>
<p>
On peut ensuite accéder à la configuration de cet OP.
</p>
</div>
<h4 id="metadata">Métadonnée</h4>
<div class="level4">
<p>
L'OP peut publier sa métadonnée dans un fichier JSON (voir par exemple la <a href="https://accounts.google.com/.well-known/openid-configuration" class="urlextern" title="https://accounts.google.com/.well-known/openid-configuration" rel="nofollow">métadonnée Google</a>). Copier le contenu de ce fichie dans l'emplacement dédié.
</p>
<p>
À défaut de métadonnée, il faut les écrire. Les champs obligatoires sont :
</p>
<ul>
<li class="level1"><div class="li"> issuer</div>
</li>
<li class="level1"><div class="li"> authorization_endpoint</div>
</li>
<li class="level1"><div class="li"> token_endpoint</div>
</li>
<li class="level1"><div class="li"> userinfo_endpoint</div>
</li>
</ul>
<p>
On peut aussi définir :
</p>
<ul>
<li class="level1"><div class="li"> jwks_uri</div>
</li>
<li class="level1"><div class="li"> endsession_endpoint</div>
</li>
</ul>
<p>
Modèle exemple :
</p>
<pre class="code file javascript"><span class="br0">{</span>
<span class="st0">"issuer"</span><span class="sy0">:</span> <span class="st0">"https://auth.example.com/"</span><span class="sy0">,</span>
<span class="st0">"authorization_endpoint"</span><span class="sy0">:</span> <span class="st0">"https://auth.example.com/oauth2/authorize"</span><span class="sy0">,</span>
<span class="st0">"token_endpoint"</span><span class="sy0">:</span> <span class="st0">"https://auth.example.com/oauth2/token"</span><span class="sy0">,</span>
<span class="st0">"userinfo_endpoint"</span><span class="sy0">:</span> <span class="st0">"https://auth.example.com/oauth2/userinfo"</span><span class="sy0">,</span>
<span class="st0">"end_session_endpoint"</span><span class="sy0">:</span><span class="st0">"https://auth.example.com/oauth2/logout"</span>
<span class="br0">}</span></pre>
</div>
<h4 id="jwks_data">Donnée JWKS</h4>
<div class="level4">
<p>
JWKS est un fichier JSON contenant des clefs publiques. <abbr title="LemonLDAP::NG">LL::NG</abbr> peut les récupérer autoatiquement si jwks_uri est défini dans la métadonnée. Sinon copier le contenu du fichier JSON dans l'emplacement dédié.
</p>
<div class="notetip">Si le fournisseur OpenID-Connect n'utilise qu'une clef symétrique de chiffrement, la donnée JWKS n'est pas nécessaire.
</div>
</div>
<h4 id="exported_attributes">Attributs exportés</h4>
<div class="level4">
<p>
Définir ici la correspondance entre le contenu de la sessions <abbr title="LemonLDAP::NG">LL::NG</abbr> et les champs fournis dans la réponse UserInfo. Les champs sont définis dans le <a href="http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims" class="urlextern" title="http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims" rel="nofollow">standard OpenID-Connect</a>, et dépendent de la portée requise par <abbr title="LemonLDAP::NG">LL::NG</abbr> (voir les options dans le prochain chapitre).
</p>
</div><!-- EDIT10 PLUGIN_INCLUDE_START_NOREDIRECT "documentation:2.0:openidconnectclaims" [0-] -->
<div class="plugin_include_content plugin_include__documentation:2.0:openidconnectclaims" id="plugin_include__documentation__2.0__openidconnectclaims">
<div class="level1">
<div class="table sectionedit12"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> Nom affiché </th><th class="col1"> Type </th><th class="col2"> Exemple de correspondance d'attributs LDAP </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0"> sub </td><td class="col1"> chaîne </td><td class="col2"> uid </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> nom </td><td class="col1"> chaîne </td><td class="col2"> cn </td>
</tr>
<tr class="row3 rowodd">
<td class="col0"> given_name </td><td class="col1"> chaîne </td><td class="col2"> givenName </td>
</tr>
<tr class="row4 roweven">
<td class="col0"> family_name </td><td class="col1"> chaîne </td><td class="col2"> sn </td>
</tr>
<tr class="row5 rowodd">
<td class="col0"> middle_name </td><td class="col1"> chaîne </td><td class="col2"> </td>
</tr>
<tr class="row6 roweven">
<td class="col0"> nickname </td><td class="col1"> chaîne </td><td class="col2"> </td>
</tr>
<tr class="row7 rowodd">
<td class="col0"> preferred_username </td><td class="col1"> chaîne </td><td class="col2"> displayName </td>
</tr>
<tr class="row8 roweven">
<td class="col0"> profile </td><td class="col1"> chaîne </td><td class="col2"> labeledURI </td>
</tr>
<tr class="row9 rowodd">
<td class="col0"> picture </td><td class="col1"> chaîne </td><td class="col2"> </td>
</tr>
<tr class="row10 roweven">
<td class="col0"> website </td><td class="col1"> chaîne </td><td class="col2"> </td>
</tr>
<tr class="row11 rowodd">
<td class="col0"> email </td><td class="col1"> chaîne </td><td class="col2"> mail </td>
</tr>
<tr class="row12 roweven">
<td class="col0"> email_verified </td><td class="col1"> boolean </td><td class="col2"> </td>
</tr>
<tr class="row13 rowodd">
<td class="col0"> gender </td><td class="col1"> chaîne </td><td class="col2"> </td>
</tr>
<tr class="row14 roweven">
<td class="col0"> birthdate </td><td class="col1"> chaîne </td><td class="col2"> </td>
</tr>
<tr class="row15 rowodd">
<td class="col0"> zoneinfo </td><td class="col1"> chaîne </td><td class="col2"> </td>
</tr>
<tr class="row16 roweven">
<td class="col0"> locale </td><td class="col1"> chaîne </td><td class="col2"> preferredLanguage </td>
</tr>
<tr class="row17 rowodd">
<td class="col0"> phone_number </td><td class="col1"> chaîne </td><td class="col2"> telephoneNumber </td>
</tr>
<tr class="row18 roweven">
<td class="col0"> phone_number_verified </td><td class="col1"> boolean </td><td class="col2"> </td>
</tr>
<tr class="row19 rowodd">
<td class="col0"> updated_at </td><td class="col1"> chaîne </td><td class="col2"> </td>
</tr>
<tr class="row20 roweven">
<td class="col0"> formatted </td><td class="col1"> chaîne </td><td class="col2"> registeredAddress </td>
</tr>
<tr class="row21 rowodd">
<td class="col0"> street_address </td><td class="col1"> chaîne </td><td class="col2"> street </td>
</tr>
<tr class="row22 roweven">
<td class="col0"> locality </td><td class="col1"> chaîne </td><td class="col2"> l </td>
</tr>
<tr class="row23 rowodd">
<td class="col0"> region </td><td class="col1"> chaîne </td><td class="col2"> st </td>
</tr>
<tr class="row24 roweven">
<td class="col0"> postal_code </td><td class="col1"> chaîne </td><td class="col2"> postalCode </td>
</tr>
<tr class="row25 rowodd">
<td class="col0"> country </td><td class="col1"> chaîne </td><td class="col2"> co </td>
</tr>
</table></div><!-- EDIT12 TABLE [38-861] -->
</div><!-- EDIT11 PLUGIN_INCLUDE_END "documentation:2.0:openidconnectclaims" [0-] -->
</div>
<div class="level4">
<p>
Ainsi on peut définir par exemple:
</p>
<ul>
<li class="level1"><div class="li"> cn ⇒ name</div>
</li>
<li class="level1"><div class="li"> sn ⇒ family_name</div>
</li>
<li class="level1"><div class="li"> mail ⇒ email</div>
</li>
<li class="level1"><div class="li"> uid ⇒ sub</div>
</li>
</ul>
</div>
<h4 id="options">Options</h4>
<div class="level4">
<ul>
<li class="level1"><div class="li"> <strong>Configuration</strong> :</div>
<ul>
<li class="level2"><div class="li"> <strong>Configuration endpoint</strong>: <abbr title="Uniform Resource Locator">URL</abbr> de point d'accès de configuration de l'OP</div>
</li>
<li class="level2"><div class="li"> <strong>Durée de vie de la donnée JWKS</strong> : au delà de ce délai, <abbr title="LemonLDAP::NG">LL::NG</abbr> effectuera une requête pour rafraîchir la donnée JWKS. Mettre à 0 pour désactiver.</div>
</li>
<li class="level2"><div class="li"> <strong>Identifiant client</strong> : identifiant client donné par l'OP</div>
</li>
<li class="level2"><div class="li"> <strong>Secret client</strong> : secret client donné par l'OP</div>
</li>
<li class="level2"><div class="li"> <strong>Store ID token</strong>: Allows one to store the ID token (JWT) inside user session. Don't enable it unless you need to replay this token on an application, or if you need the id_token_hint parameter when using logout.</div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> <strong>Protocole</strong> :</div>
<ul>
<li class="level2"><div class="li"> <strong>Portée</strong> : valeur du paramètre de portée (exemple : profil openid). La portée <code>openid</code> est exigée.</div>
</li>
<li class="level2"><div class="li"> <strong>Affichage</strong> : valeur du paramètre d'affichage (exemple : page)</div>
</li>
<li class="level2"><div class="li"> <strong>Prompt</strong> : valeur du paramètre prompt (exemple : consent)</div>
</li>
<li class="level2"><div class="li"> <strong>Âge max</strong> : valeur du paramètre max_age (exemple : 3600)</div>
</li>
<li class="level2"><div class="li"> <strong>UI locales</strong> : valeur du paramètre ui_locales (exemple : en-<abbr title="Gigaoctet">GB</abbr> en fr-FR fr)</div>
</li>
<li class="level2"><div class="li"> <strong>Valeurs ACR</strong> : valeur des paramètres acr_values (exemple : loa-1)</div>
</li>
<li class="level2"><div class="li"> <strong>Méthode d'authentification du point d'accès du jeton</strong> : choisir entre <code>client_secret_post</code> et <code>client_secret_basic</code></div>
</li>
<li class="level2"><div class="li"> <strong>Vérifier la signature JWT</strong> : mettre à 0 pour désactiver la signature JWT</div>
</li>
<li class="level2"><div class="li"> <strong>Durée de vie max des jetons</strong> : si défini, <abbr title="LemonLDAP::NG">LL::NG</abbr> examinera la date du jeton d'identification et refusera les jetons trop anciens</div>
</li>
<li class="level2"><div class="li"> <strong>Utiliser Nonce</strong> : si activé, un nonce sera envoyé, et vérifié depuis le jeton d'identité</div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> <strong>Affichage</strong> :</div>
<ul>
<li class="level2"><div class="li"> <strong>Nom affiché</strong> : nom de l'application</div>
</li>
<li class="level2"><div class="li"> <strong>Logo</strong> : logo de l'application</div>
</li>
</ul>
</li>
</ul>
</div><!-- EDIT9 SECTION "Declare the OpenID Connect Provider in LL::NG" [3054-] -->
</div>
</body>
</html>

142
po-doc/fr/pages/documentation/current/authopenidconnect_franceconnect.html
View File

@ -1,142 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authopenidconnect_franceconnect</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authopenidconnect_franceconnect"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authopenidconnect_franceconnect.html"/>
<link rel="contents" href="authopenidconnect_franceconnect.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authopenidconnect_franceconnect","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#register_on_france_connect">S'enregistrer dans France Connect</a></div></li>
<li class="level1"><div class="li"><a href="#declare_france_connect_in_your_llng_server">Déclarer France Connect dans le serveur LL::NG</a></div></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="france_connect">France Connect</h1>
<div class="level1">
<p>
<img src="icons/kmultiple.png" class="mediacenter" alt="" />
</p>
</div><!-- EDIT1 SECTION "France Connect" [1-82] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
<a href="https://doc.integ01.dev-franceconnect.fr/" class="urlextern" title="https://doc.integ01.dev-franceconnect.fr/" rel="nofollow">France Connect</a> est une plateforme d'authentification créée par le gouvernement français.
</p>
<div class="noteimportant">Elle n'est pour le moment disponible qu'à titre de test. Cette documentation présente la configuration de <abbr title="LemonLDAP::NG">LL::NG</abbr> avec l'environnement de développement.
</div>
</div><!-- EDIT2 SECTION "Presentation" [83-383] -->
<h2 class="sectionedit3" id="register_on_france_connect">S'enregistrer dans France Connect</h2>
<div class="level2">
<p>
Une fois le <a href="openidconnectservice.html" class="wikilink1" title="documentation:2.0:openidconnectservice">service OpenID-Connect</a> configuré, on peut s'enregistrer dans France Connect.
</p>
<p>
Utiliser le formulaire suivant : <a href="https://doc.integ01.dev-franceconnect.fr/inscription" class="urlextern" title="https://doc.integ01.dev-franceconnect.fr/inscription" rel="nofollow">https://doc.integ01.dev-franceconnect.fr/inscription</a>.
</p>
<p>
Il faut fournir les URLs de rappel, par exemple <a href="https://auth.domain.com/?openidcallback=1" class="urlextern" title="https://auth.domain.com/?openidcallback=1" rel="nofollow">https://auth.domain.com/?openidcallback=1</a>.
</p>
<p>
On obtient ainsi les <code>client_id</code> et <code>client_secret</code>.
</p>
</div><!-- EDIT3 SECTION "Register on France Connect" [384-770] -->
<h2 class="sectionedit4" id="declare_france_connect_in_your_llng_server">Déclarer France Connect dans le serveur LL::NG</h2>
<div class="level2">
<p>
Aller dans le Manager et créer un fournisseur OpenID-Connect. On peut l'appeler <code>france-connect</code> par exemple.
</p>
<p>
Cliquer sur <code>Métadonnées</code> et définir manuellement les métadonnées du service, en utilisant les <a href="https://doc.integ01.dev-franceconnect.fr/fournisseur-service" class="urlextern" title="https://doc.integ01.dev-franceconnect.fr/fournisseur-service" rel="nofollow">points terminaux France Connect</a>. Par exemple :
</p>
<pre class="code file javascript"><span class="br0">{</span>
<span class="st0">"issuer"</span><span class="sy0">:</span> <span class="st0">"https://fcp.integ01.dev-franceconnect.fr"</span><span class="sy0">,</span>
<span class="st0">"authorization_endpoint"</span><span class="sy0">:</span> <span class="st0">"https://fcp.integ01.dev-franceconnect.fr/api/v1/authorize"</span><span class="sy0">,</span>
<span class="st0">"token_endpoint"</span><span class="sy0">:</span> <span class="st0">"https://fcp.integ01.dev-franceconnect.fr/api/v1/token"</span><span class="sy0">,</span>
<span class="st0">"userinfo_endpoint"</span><span class="sy0">:</span> <span class="st0">"https://fcp.integ01.dev-franceconnect.fr/api/v1/userinfo"</span><span class="sy0">,</span>
<span class="st0">"end_session_endpoint"</span><span class="sy0">:</span><span class="st0">"https://fcp.integ01.dev-franceconnect.fr/api/v1/logout"</span>
<span class="br0">}</span></pre>
<p>
Inutile de renseigner les données JWKS, elles ne sont pas fournies par France Connect. La sécurité repose sur la clef symétrique <code>client_secret</code>.
</p>
<p>
Aller dans les <code>Attributs exportés</code> pour choisir quels attributs de l'« identité pivot » on souhaite collecter. Voir <a href="https://doc.integ01.dev-franceconnect.fr/identite-pivot" class="urlextern" title="https://doc.integ01.dev-franceconnect.fr/identite-pivot" rel="nofollow">https://doc.integ01.dev-franceconnect.fr/identite-pivot</a>
</p>
<p>
Aller ensuite dans <code>Options</code>:
</p>
<ul>
<li class="level1"><div class="li"> Dans <code>Configuration</code>, enregistrer les <code>client_id</code> et <code>client_secret</code> donnés par France Connect</div>
</li>
<li class="level1"><div class="li"> Dans <code>Protocole</code>, adapter le <code>scope</code> à l'attribut exporté voulu. Voir <a href="https://doc.integ01.dev-franceconnect.fr/fs-scopes" class="urlextern" title="https://doc.integ01.dev-franceconnect.fr/fs-scopes" rel="nofollow">https://doc.integ01.dev-franceconnect.fr/fs-scopes</a></div>
</li>
<li class="level1"><div class="li"> Dans <code>Affichage</code>, on peut indiquer le nom et le logo</div>
</li>
</ul>
</div><!-- EDIT4 SECTION "Declare France Connect in your LL::NG server" [771-] -->
</div>
</body>
</html>

149
po-doc/fr/pages/documentation/current/authopenidconnect_google.html
View File

@ -1,149 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authopenidconnect_google</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authopenidconnect_google"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authopenidconnect_google.html"/>
<link rel="contents" href="authopenidconnect_google.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authopenidconnect_google","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#register_on_google">S'enregistrer chez Google</a></div></li>
<li class="level1"><div class="li"><a href="#declare_google_in_your_llng_server">Déclarer Google dans le serveur LL::NG</a></div></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="google">Google</h1>
<div class="level1">
<p>
<img src="icons/kmultiple.png" class="mediacenter" alt="" />
</p>
</div><!-- EDIT1 SECTION "Google" [1-67] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
Devons-nous présenter <a href="http://www.google.com" class="urlextern" title="http://www.google.com" rel="nofollow">Google</a> ? La bonne nouvelle est que Google est un fournisseur OpenID-Connect standard, on peut ainsi aisément déléguer l'authentification de <abbr title="LemonLDAP::NG">LL::NG</abbr> à Google : <a href="https://developers.google.com/identity/protocols/OpenIDConnect" class="urlextern" title="https://developers.google.com/identity/protocols/OpenIDConnect" rel="nofollow">https://developers.google.com/identity/protocols/OpenIDConnect</a>
</p>
<div class="noteimportant">Google ne supporte pas la déconnexion via OpenID-Connect. Si on ferme la session <abbr title="LemonLDAP::NG">LL::NG</abbr>, celle de Google reste ouverte.
</div>
</div><!-- EDIT2 SECTION "Presentation" [68-507] -->
<h2 class="sectionedit3" id="register_on_google">S'enregistrer chez Google</h2>
<div class="level2">
<p>
Il faut un compte développer Google pour accéder à <a href="https://console.developers.google.com/" class="urlextern" title="https://console.developers.google.com/" rel="nofollow">https://console.developers.google.com/</a>
</p>
<p>
Aller ensuite dans « <abbr title="Interface de programmation">API</abbr> Manager » et récupérer les nouveaux éléments (<code>client_id</code> and <code>client_secret</code>).
</p>
<p>
Il faut fournir les URLs de rappel, par exemple <a href="https://auth.domain.com/?openidcallback=1" class="urlextern" title="https://auth.domain.com/?openidcallback=1" rel="nofollow">https://auth.domain.com/?openidcallback=1</a>.
</p>
</div><!-- EDIT3 SECTION "Register on Google" [508-818] -->
<h2 class="sectionedit4" id="declare_google_in_your_llng_server">Déclarer Google dans le serveur LL::NG</h2>
<div class="level2">
<p>
Aller dans le Manager et créer un fournisseur OpenID-Connect. On peut l'appeler <code>google</code> par exemple.
</p>
<p>
Cliquer sur <code>Métadonnées</code>, et utiliser l'<abbr title="Uniform Resource Locator">URL</abbr> de configuration OpenID-Connect pour les charger : <a href="https://accounts.google.com/.well-known/openid-configuration" class="urlextern" title="https://accounts.google.com/.well-known/openid-configuration" rel="nofollow">https://accounts.google.com/.well-known/openid-configuration</a>.
</p>
<p>
On peut aussi charger les données JWKS depuis l'<abbr title="Uniform Resource Locator">URL</abbr> <a href="https://www.googleapis.com/oauth2/v3/certs" class="urlextern" title="https://www.googleapis.com/oauth2/v3/certs" rel="nofollow">https://www.googleapis.com/oauth2/v3/certs</a>. Mais comme Google change régulièrement ses clefs, il faut configurer un intervalle de rafraîchissement des données JKWS.
</p>
<p>
Aller dans les <code>attributs exportés</code> pour choisir les attributs à collecter. Google supporte ces champs :
</p>
<ul>
<li class="level1"><div class="li"> email</div>
</li>
<li class="level1"><div class="li"> email_verified</div>
</li>
<li class="level1"><div class="li"> family_name</div>
</li>
<li class="level1"><div class="li"> given_name</div>
</li>
<li class="level1"><div class="li"> locale</div>
</li>
<li class="level1"><div class="li"> nom</div>
</li>
<li class="level1"><div class="li"> picture</div>
</li>
<li class="level1"><div class="li"> sub</div>
</li>
</ul>
<p>
Aller ensuite dans <code>Options</code>:
</p>
<ul>
<li class="level1"><div class="li"> Dans <code>Configuration</code>, enregistrer les <code>client_id</code> et <code>client_secret</code> donnés par Google. Préciser alors l'<abbr title="Uniform Resource Identifier">URI</abbr> de configuration avec <a href="https://accounts.google.com/.well-known/openid-configuration" class="urlextern" title="https://accounts.google.com/.well-known/openid-configuration" rel="nofollow">https://accounts.google.com/.well-known/openid-configuration</a>, et le rafraîchissement JWKS, par exemple pour chaque jour : 86400.</div>
</li>
<li class="level1"><div class="li"> Dans <code>Protocole</code>, adapter le <code>scope</code> à l'attribut exporté voulu. On peut par exemple utiliser <code>openid profile email</code>.</div>
</li>
<li class="level1"><div class="li"> Dans <code>Affichage</code>, on peut indiquer le nom et le logo</div>
</li>
</ul>
</div><!-- EDIT4 SECTION "Declare Google in your LL::NG server" [819-] -->
</div>
</body>
</html>

138
po-doc/fr/pages/documentation/current/authpam.html
View File

@ -1,138 +0,0 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:authpam</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authpam"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authpam.html"/>
<link rel="contents" href="authpam.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authpam","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#install_authenpam">Install Authen::PAM</a></div></li>
<li class="level2"><div class="li"><a href="#configuration_of_lemonldapng">Configuration de LemonLDAP::NG</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="pam">PAM</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1"> </td><td class="col2"> </td>
</tr>
</table></div><!-- EDIT2 TABLE [20-77] -->
</div><!-- EDIT1 SECTION "PAM" [1-78] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> can use <a href="https://en.wikipedia.org/wiki/Pluggable_authentication_module" class="urlextern" title="https://en.wikipedia.org/wiki/Pluggable_authentication_module" rel="nofollow">Pluggable authentication module</a> as a simple authentication backend.
</p>
</div><!-- EDIT3 SECTION "Presentation" [79-254] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT4 SECTION "Configuration" [255-281] -->
<h3 class="sectionedit5" id="install_authenpam">Install Authen::PAM</h3>
<div class="level3">
<p>
Il faut installer le module Perl correspondant.
</p>
<p>
Pour CentOS/RHEL :
</p>
<pre class="code shell">yum install perl-Authen-PAM</pre>
<p>
Pour Debian/Ubuntu, installer la librairie via la commande apt-get
</p>
<pre class="code shell">apt-get install libauthen-pam-perl</pre>
</div><!-- EDIT5 SECTION "Install Authen::PAM" [282-550] -->
<h3 class="sectionedit6" id="configuration_of_lemonldapng">Configuration de LemonLDAP::NG</h3>
<div class="level3">
<p>
In Manager, go in <code>General Parameters</code> &gt; <code>Authentication modules</code> and choose PAM for authentication.
</p>
<div class="notetip">Vous pouvez ensuite choisir vos modules d'utilisateurs et de mots-de-passe.
</div>
<p>
Then, go in <code>PAM parameters</code>:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Authentication level</strong>: authentication level for PAM module</div>
</li>
<li class="level1"><div class="li"> <strong>PAM service</strong>: the PAM service to use <em>(default: login)</em></div>
</li>
</ul>
</div><!-- EDIT6 SECTION "Configuration of LemonLDAP::NG" [551-] -->
</div>
</body>
</html>

Some files were not shown because too many files have changed in this diff Show More