dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Documentation update, including new Yubikey page (#296)

Browse Source
This commit is contained in:
Clément Oudot 2011-04-21 14:18:02 +00:00
parent 0e74083796
commit 4d578714ce
6 changed files with 153 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
build/lemonldap-ng/doc/index/alphabetical.html
View File

File diff suppressed because one or more lines are too long

101
build/lemonldap-ng/doc/pages/documentation/1.1/authyubikey.html Normal file
View File

@ -0,0 +1,101 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
lang="en" dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title></title>
<!-- metadata -->
<meta name="generator" content="Offline" />
<meta name="version" content="Offline 0.1" />
<!-- style sheet links -->
<link rel="stylesheet" media="all" type="text/css" href="../../../css/all.css" />
<link rel="stylesheet" media="screen" type="text/css" href="../../../css/screen.css" />
<link rel="stylesheet" media="print" type="text/css" href="../../../css/print.css" />
</head>
<body>
<div class="dokuwiki export">
<h1><a name="yubikey" id="yubikey">Yubikey</a></h1>
<div class="level1">
<table class="inline">
<tr class="row0 roweven">
<th class="col0">Authentication </th><th class="col1"> Users </th><th class="col2"> Password </th>
</tr>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1"> </td><td class="col2"> </td>
</tr>
</table>
</div>
<!-- SECTION "Yubikey" [1-75] -->
<h2><a name="presentation" id="presentation">Presentation</a></h2>
<div class="level2">
<p>
The <a href="http://www.yubico.com/yubikey" class="urlextern" title="http://www.yubico.com/yubikey" rel="nofollow">Yubikey</a> is a small material token shipped by <a href="http://www.yubico.com" class="urlextern" title="http://www.yubico.com" rel="nofollow">Yubico</a>. It sends an OTP, which is validated against Yubico server.
</p>
<p>
You need <a href="http://search.cpan.org/~massyn/Auth-Yubikey_WebClient/" class="urlextern" title="http://search.cpan.org/~massyn/Auth-Yubikey_WebClient/" rel="nofollow">Auth::Yubikey_WebClient</a> package.
</p>
<p>
You need to get an client ID and a secret key from Yubico. See <a href="https://upgrade.yubico.com/getapikey/" class="urlextern" title="https://upgrade.yubico.com/getapikey/" rel="nofollow">Yubico API</a> page.
</p>
</div>
<!-- SECTION "Presentation" [76-504] -->
<h2><a name="configuration" id="configuration">Configuration</a></h2>
<div class="level2">
<p>
In Manager, go in <code>General Parameters</code> &gt; <code>Authentication modules</code> and choose Yubikey for authentication module.
</p>
<p>
<p><div class="notetip">You can then choose any other module for users and password.
</div></p>
</p>
<p>
Then, go in <code>Yubikey parameters</code>:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Authentication level</strong>: authentication level for this module.</div>
</li>
<li class="level1"><div class="li"> <strong><acronym title="Application Programming Interface">API</acronym> client ID</strong>: <acronym title="Application Programming Interface">API</acronym> client ID from Yubico</div>
</li>
<li class="level1"><div class="li"> <strong><acronym title="Application Programming Interface">API</acronym> secret key</strong>: <acronym title="Application Programming Interface">API</acronym> secret key from Yubico</div>
</li>
<li class="level1"><div class="li"> <strong>OTP public ID part size</strong>: Part of Yubikey OTP that will be used as the media identifier (default: 12)</div>
</li>
</ul>
<p>
<p><div class="notetip">You have to register the media identifer in your user backend (<acronym title="Lightweight Directory Access Protocol">LDAP</acronym> or <acronym title="Structured Query Language">SQL</acronym>) to match the yubikey with a real user. For example it can be stored as a second value of the uid attribute in the <acronym title="Lightweight Directory Access Protocol">LDAP</acronym> directory:
</p>
<ul>
<li class="level1"><div class="li"> uid: coudot</div>
</li>
<li class="level1"><div class="li"> uid: 123456789012 </div>
</li>
</ul>
<p>
</div></p>
</p>
</div>
<!-- SECTION "Configuration" [505-] --></div><!-- closes <div class="dokuwiki export">-->

51
build/lemonldap-ng/doc/pages/documentation/1.1/prereq.html
View File

@ -105,22 +105,18 @@ different versions of Apache/mod_perl.
</li>
<li class="level1"><div class="li"> Digest::HMAC</div>
</li>
<li class="level1"><div class="li"> String::Random</div>
</li>
<li class="level1"><div class="li"> <acronym title="Multipurpose Internet Mail Extension">MIME</acronym>::Lite</div>
</li>
<li class="level1"><div class="li"> Email::Date::Format</div>
</li>
<li class="level1"><div class="li"> Crypt::OpenSSL::RSA</div>
</li>
<li class="level1"><div class="li"> Crypt::OpenSSL::X509</div>
</li>
<li class="level1"><div class="li"> Convert::PEM</div>
</li>
<li class="level1"><div class="li"> Clone</div>
</li>
</ul>
</div>
<!-- SECTION "Core" [1349-1795] -->
<!-- SECTION "Core" [1349-1747] -->
<h3><a name="saml2" id="saml2">SAML2</a></h3>
<div class="level3">
<ul>
@ -131,7 +127,7 @@ different versions of Apache/mod_perl.
</ul>
</div>
<!-- SECTION "SAML2" [1796-1865] -->
<!-- SECTION "SAML2" [1748-1817] -->
<h3><a name="cas_authentication_module" id="cas_authentication_module">CAS (authentication module)</a></h3>
<div class="level3">
<ul>
@ -140,7 +136,7 @@ different versions of Apache/mod_perl.
</ul>
</div>
<!-- SECTION "CAS (authentication module)" [1866-1963] -->
<!-- SECTION "CAS (authentication module)" [1818-1915] -->
<h3><a name="openid" id="openid">OpenID</a></h3>
<div class="level3">
<ul>
@ -151,7 +147,7 @@ different versions of Apache/mod_perl.
</ul>
</div>
<!-- SECTION "OpenID" [1964-2046] -->
<!-- SECTION "OpenID" [1916-1998] -->
<h3><a name="twitter" id="twitter">Twitter</a></h3>
<div class="level3">
<ul>
@ -160,7 +156,7 @@ different versions of Apache/mod_perl.
</ul>
</div>
<!-- SECTION "Twitter" [2047-2083] -->
<!-- SECTION "Twitter" [1999-2035] -->
<h3><a name="pod_unit_tests" id="pod_unit_tests">POD unit tests</a></h3>
<div class="level3">
<ul>
@ -169,7 +165,26 @@ different versions of Apache/mod_perl.
</ul>
</div>
<!-- SECTION "POD unit tests" [2084-2124] -->
<!-- SECTION "POD unit tests" [2036-2076] -->
<h3><a name="smtp_reset_password_by_mail" id="smtp_reset_password_by_mail">SMTP / Reset password by mail</a></h3>
<div class="level3">
<ul>
<li class="level1"><div class="li"> <acronym title="Multipurpose Internet Mail Extension">MIME</acronym>::Lite</div>
</li>
<li class="level1"><div class="li"> Email::Date::Format</div>
</li>
<li class="level1"><div class="li"> String::Random</div>
</li>
<li class="level1"><div class="li"> Net::<acronym title="Simple Mail Transfer Protocol">SMTP</acronym></div>
</li>
<li class="level1"><div class="li"> <acronym title="Multipurpose Internet Mail Extension">MIME</acronym>::Base64</div>
</li>
<li class="level1"><div class="li"> Authen::SASL</div>
</li>
</ul>
</div>
<!-- SECTION "SMTP / Reset password by mail" [2077-2224] -->
<h2><a name="other" id="other">Other</a></h2>
<div class="level2">
<ul>
@ -178,20 +193,20 @@ different versions of Apache/mod_perl.
</ul>
</div>
<!-- SECTION "Other" [2125-2241] -->
<!-- SECTION "Other" [2225-2341] -->
<h2><a name="install_dependencies_on_your_system" id="install_dependencies_on_your_system">Install dependencies on your system</a></h2>
<div class="level2">
</div>
<!-- SECTION "Install dependencies on your system" [2242-2291] -->
<!-- SECTION "Install dependencies on your system" [2342-2391] -->
<h3><a name="apt-get" id="apt-get">APT-GET</a></h3>
<div class="level3">
<pre class="code">
apt-get install apache2 libapache2-mod-perl2 libapache-session-perl libnet-ldap-perl libcache-cache-perl libdbi-perl perl-modules libwww-perl libcache-cache-perl libxml-simple-perl libsoap-lite-perl libhtml-template-perl libregexp-assemble-perl libjs-jquery libxml-libxml-perl libcrypt-rijndael-perl libio-string-perl libxml-libxslt-perl libconfig-inifiles-perl libjson-perl libstring-random-perl libemail-date-format-perl libmime-lite-perl libcrypt-openssl-rsa-perl libdigest-hmac-perl
apt-get install apache2 libapache2-mod-perl2 libapache-session-perl libnet-ldap-perl libcache-cache-perl libdbi-perl perl-modules libwww-perl libcache-cache-perl libxml-simple-perl libsoap-lite-perl libhtml-template-perl libregexp-assemble-perl libjs-jquery libxml-libxml-perl libcrypt-rijndael-perl libio-string-perl libxml-libxslt-perl libconfig-inifiles-perl libjson-perl libstring-random-perl libemail-date-format-perl libmime-lite-perl libcrypt-openssl-rsa-perl libdigest-hmac-perl libclone-perl libauthen-sasl-perl
</pre>
</div>
<!-- SECTION "APT-GET" [2292-2814] -->
<!-- SECTION "APT-GET" [2392-2948] -->
<h3><a name="yum" id="yum">YUM</a></h3>
<div class="level3">
@ -212,8 +227,8 @@ Choose a repository which hosted <acronym title="Practical Extraction and Report
</div></p>
</p>
<pre class="code">
yum install httpd mod_perl perl-Apache-Session perl-LDAP perl-XML-SAX perl-XML-NamespaceSupport perl-HTML-Template perl-Regexp-Assemble perl-Error perl-IPC-ShareLite perl-Cache-Cache perl-FreezeThaw perl-XML-Simple perl-version perl-CGI-Session perl-DBD-Pg perl-XML-LibXML-Common perl-BSD-Resource perl-XML-LibXML perl-Crypt-Rijndael perl-IO-String perl-XML-LibXSLT perl-SOAP-Lite perl-Config-IniFiles perl-JSON perl-Digest-HMAC perl-String-Random perl-MIME-Lite perl-Email-Date-Format perl-Crypt-OpenSSL-RSA perl-Crypt-OpenSSL-X509
yum install httpd mod_perl perl-Apache-Session perl-LDAP perl-XML-SAX perl-XML-NamespaceSupport perl-HTML-Template perl-Regexp-Assemble perl-Error perl-IPC-ShareLite perl-Cache-Cache perl-FreezeThaw perl-XML-Simple perl-version perl-CGI-Session perl-DBD-Pg perl-XML-LibXML-Common perl-BSD-Resource perl-XML-LibXML perl-Crypt-Rijndael perl-IO-String perl-XML-LibXSLT perl-SOAP-Lite perl-Config-IniFiles perl-JSON perl-Digest-HMAC perl-String-Random perl-MIME-Lite perl-Email-Date-Format perl-Crypt-OpenSSL-RSA perl-Crypt-OpenSSL-X509 perl-Clone perl-Authen-SASL
</pre>
</div>
<!-- SECTION "YUM" [2815-] --></div><!-- closes <div class="dokuwiki export">-->
<!-- SECTION "YUM" [2949-] --></div><!-- closes <div class="dokuwiki export">-->

19
build/lemonldap-ng/doc/pages/documentation/1.1/start.html
View File

@ -159,12 +159,15 @@
<td class="col0"> <a href="../../documentation/1.1/authmulti.html" class="wikilink1" title="documentation:1.1:authmulti">Stack multiple backends</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 leftalign"> </td>
</tr>
<tr class="row14 roweven">
<td class="col0"> <a href="../../documentation/1.1/authyubikey.html" class="wikilink1" title="documentation:1.1:authyubikey">Yubikey</a> </td><td class="col1 centeralign"></td><td class="col2 leftalign"> </td><td class="col3 leftalign"> </td>
</tr>
<tr class="row15 rowodd">
<td class="col0"> <a href="../../documentation/1.1/authchoice.html" class="wikilink1" title="documentation:1.1:authchoice">Backend choice by users</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td>
</tr>
</table>
</div>
<!-- SECTION "Authentication, users and password databases" [1122-2108] -->
<!-- SECTION "Authentication, users and password databases" [1122-2154] -->
<h3><a name="configuration_database" id="configuration_database">Configuration database</a></h3>
<div class="level3">
@ -204,7 +207,7 @@
</p>
</div>
<!-- SECTION "Configuration database" [2109-3215] -->
<!-- SECTION "Configuration database" [2155-3261] -->
<h3><a name="sessions_database" id="sessions_database">Sessions database</a></h3>
<div class="level3">
@ -247,7 +250,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</table>
</div>
<!-- SECTION "Sessions database" [3216-5053] -->
<!-- SECTION "Sessions database" [3262-5099] -->
<h3><a name="identity_provider" id="identity_provider">Identity provider</a></h3>
<div class="level3">
@ -284,7 +287,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- SECTION "Identity provider" [5054-5492] -->
<!-- SECTION "Identity provider" [5100-5538] -->
<h2><a name="applications_protection" id="applications_protection">Applications protection</a></h2>
<div class="level2">
@ -307,7 +310,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</ul>
</div>
<!-- SECTION "Applications protection" [5493-5838] -->
<!-- SECTION "Applications protection" [5539-5884] -->
<h2><a name="advanced_features" id="advanced_features">Advanced features</a></h2>
<div class="level2">
@ -340,7 +343,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</ul>
</div>
<!-- SECTION "Advanced features" [5839-6415] -->
<!-- SECTION "Advanced features" [5885-6461] -->
<h2><a name="mini_howtos" id="mini_howtos">Mini howtos</a></h2>
<div class="level2">
@ -369,7 +372,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</ul>
</div>
<!-- SECTION "Mini howtos" [6416-7046] -->
<!-- SECTION "Mini howtos" [6462-7092] -->
<h2><a name="exploitation" id="exploitation">Exploitation</a></h2>
<div class="level2">
@ -398,4 +401,4 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</ul>
</div>
<!-- SECTION "Exploitation" [7047-] --></div><!-- closes <div class="dokuwiki export">-->
<!-- SECTION "Exploitation" [7093-] --></div><!-- closes <div class="dokuwiki export">-->

12
build/lemonldap-ng/doc/pages/download.html
View File

@ -32,7 +32,7 @@
</div>
<!-- SECTION "Packages and archives" [25-59] -->
<h3><a name="stable_version_104" id="stable_version_104">Stable version (1.0.4)</a></h3>
<h3><a name="stable_version_105" id="stable_version_105">Stable version (1.0.5)</a></h3>
<div class="level3">
</div>
@ -40,7 +40,7 @@
<h4><a name="tarball" id="tarball">Tarball</a></h4>
<div class="level4">
<ul>
<li class="level1"><div class="li"> <a href="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16482" class="urlextern" title="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16482" rel="nofollow">Tarball</a></div>
<li class="level1"><div class="li"> <a href="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16607" class="urlextern" title="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16607" rel="nofollow">Tarball</a></div>
</li>
</ul>
@ -49,9 +49,9 @@
<h4><a name="rpm" id="rpm">RPM</a></h4>
<div class="level4">
<ul>
<li class="level1"><div class="li"> <a href="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16484" class="urlextern" title="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16484" rel="nofollow">RPM bundle</a></div>
<li class="level1"><div class="li"> <a href="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16609" class="urlextern" title="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16609" rel="nofollow">RPM bundle</a></div>
</li>
<li class="level1"><div class="li"> <a href="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16483" class="urlextern" title="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16483" rel="nofollow">Source RPM</a></div>
<li class="level1"><div class="li"> <a href="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16608" class="urlextern" title="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16608" rel="nofollow">Source RPM</a></div>
</li>
</ul>
@ -77,7 +77,7 @@ You can:
<h4><a name="debian" id="debian">Debian</a></h4>
<div class="level4">
<ul>
<li class="level1"><div class="li"> <a href="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16486" class="urlextern" title="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16486" rel="nofollow">DEB bundle</a></div>
<li class="level1"><div class="li"> <a href="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16610" class="urlextern" title="http://forge.ow2.org/project/download.php?group_id=274&amp;file_id=16610" rel="nofollow">DEB bundle</a></div>
</li>
</ul>
@ -101,7 +101,7 @@ You can:
</p>
</div>
<!-- SECTION "Stable version (1.0.4)" [60-1007] -->
<!-- SECTION "Stable version (1.0.5)" [60-1007] -->
<h3><a name="older_versions" id="older_versions">Older versions</a></h3>
<div class="level3">

2
build/lemonldap-ng/doc/pages/start.html
View File

@ -283,6 +283,6 @@ LemonLDAP::NG is the first <acronym title="Single Sign On">SSO</acronym> softwar
<a href="/_detail/icons/clock.png?id=start" class="media" title="icons:clock.png"><img src="../media/icons/clock.png" class="media" alt="" /></a>
</div>
</p>
<ul class="rss"><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2005" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2005" rel="nofollow">Rev 2005 -- Add SMTPAuthUser and SMTPAuthPass in Manager, with SMTP connection and ...</a> by clement_oudot (2011/04/15 11:44)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2004" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2004" rel="nofollow">Rev 2004 -- Add AuthUser and AuthPass parameter to SMTP send method (#LEMONLDAP-293)</a> by clement_oudot (2011/04/14 17:59)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2003" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2003" rel="nofollow">Rev 2003 -- Upgrade main modules release to 1.0.5</a> by clement_oudot (2011/04/14 17:36)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2002" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2002" rel="nofollow">Rev 2002 -- Allow subroutines to be defined in lemonldap-ng.ini (#LEMONLDAP-294)</a> by clement_oudot (2011/04/14 11:50)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2001" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2001" rel="nofollow">Rev 2001 -- Use Perl Clone to manage application list (#LEMONLDAP-292)</a> by clement_oudot (2011/04/14 10:52)</div></li></ul>
<ul class="rss"><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2015" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2015" rel="nofollow">Rev 2015 -- Add Yubikey authentication backend in Manager javascript (#LEMONLAP-296)</a> by clement_oudot (2011/04/21 15:11)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2014" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2014" rel="nofollow">Rev 2014 -- Add Yubikey parameters in Manager (#LEMONLAP-296)</a> by clement_oudot (2011/04/21 12:28)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2013" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2013" rel="nofollow">Rev 2013 -- Use the new Yubikey template (#LEMONLDAP-296)</a> by clement_oudot (2011/04/18 11:16)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2012" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2012" rel="nofollow">Rev 2012 -- Add new files for Yubikey authentication (#LEMONLDAP-296)</a> by clement_oudot (2011/04/18 11:14)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2011" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2011" rel="nofollow">Rev 2011 -- First version of Yubikey authentication module (#LEMONLDAP-296)</a> by clement_oudot (2011/04/17 23:52)</div></li></ul>
</div>
<!-- SECTION "SVN activity" [3361-] --></div><!-- closes <div class="dokuwiki export">-->