This commit is contained in:
Christophe Maudoux 2020-06-06 23:50:34 +02:00
parent b04b2076de
commit 2ca1ffa056
4 changed files with 11 additions and 11 deletions

View File

@ -10,8 +10,8 @@ Authentication Users Password
Presentation
------------
The Active Directory module is based on the
:doc:`LDAP module<authldap>`, with these features:
The Active Directory module is based on
:doc:`LDAP module<authldap>`, with the following features:
- Specific default values for filters to match AD schema
- Compatible password modification
@ -30,7 +30,7 @@ implemented its own policy. LemonLDAP::NG implements partially the
policy:
- when pwdLastSet = 0 in the user entry, it means that password has
been reset, and a form is presented to the user for him to change his
been reset, and a form is displayed to the user to change his
password.
- when computed virtual attribute 'msDS-User-Account-Control-Computed'
as 6th flag set to 8, the password is considered expired (support

View File

@ -18,7 +18,7 @@ example Kerberos, Radius, OTP, etc.
.. attention::
To authenticate users using Kerberos, you can now use
To authenticate users by using Kerberos, you can now use
the new :doc:`Kerberos authentication module<authkerberos>` which allow
one to chain Kerberos in a :doc:`combination<authcombination>`\

View File

@ -10,7 +10,7 @@ Authentication Users Password
Presentation
------------
LL::NG is able to transfer (trough REST or SOAP) authentication
LL::NG is able to send (through REST or SOAP) authentication
credentials to another LL::NG portal, like a proxy.
The difference with :doc:`remote authentication<authremote>` is that the
@ -34,10 +34,10 @@ Then, go in ``Proxy parameters``:
same as previous for SOAP, same with "/session/my" for REST)
- **Cookie name** (optional): name of the cookie of internal portal, if
different from external portal
- **Authentication level**: level given to this authentication
- **Authentication level**: authentication level for Proxy module
- **Use SOAP instead of REST**: use a deprecated SOAP server instead of
a REST one (you must set it if internal portal version is < 2.0). In
this case, "Portal URL" parameter must contains SOAP endpoint
this case, "Portal URL" parameter must contain SOAP endpoint
(generally http://auth.example.com/index.pl/sessions for 1.9 and
earlier, http://auth.example.com/sessions for 2.0)
@ -45,14 +45,14 @@ Internal portal
~~~~~~~~~~~~~~~
The portal must be configured to accept REST or SOAP authentication
requests if you've choose to use SOAP. See:
requests if you chose to use SOAP. See:
:doc:`REST server plugin<restservices>` or
:doc:`SOAP session backend<soapsessionbackend>` *(deprecated)*.
SOAP compatibility with 1.9 server
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If you Proxy is a 2.0.x and your server is a 1.9.x, you should add this
If your Proxy is a 2.0.x and your server is a 1.9.x, you should add this
in your lemonldap-ng.ini:
.. code-block:: ini
@ -62,4 +62,4 @@ in your lemonldap-ng.ini:
.. attention::
This needs LLNG version 2.0.8 at least
This feature needs at least LLNG version 2.0.8

View File

@ -34,7 +34,7 @@ Then, go in ``Slave parameters``:
- **Master's IP address**: the IP addresses of servers which are
accredited to authenticate user. This is a security point, to prevent
someone to create a session by sending custom headers. You can set
one or several IP addresses, separated by spaces, or let this
one or several IP addresses, spaces separated, or let this
parameter empty to disable the checking.
- **Control header name**: header that contains a value to control. Let
this parameter empty to disable the checking.