dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update documentation

Browse Source
This commit is contained in:
Clément Oudot 2013-01-16 16:07:46 +00:00
parent bb167f0d59
commit 8a8146e4ca
3 changed files with 88 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
doc/pages/documentation/1.3/browseablesessionbackend.html
View File

@ -30,13 +30,57 @@
Browseable session backend (<a href="http://search.cpan.org/perldoc?Apache::Session::Browseable" class="urlextern" title="http://search.cpan.org/perldoc?Apache::Session::Browseable" rel="nofollow">Apache::Session::Browseable</a>) works exactly like Apache::Session::* corresponding module but add indexes that increase <a href="../../documentation/features.html#session_explorer" class="wikilink1" title="documentation:features">session explorer</a> and <a href="../../documentation/features.html#session_restrictions" class="wikilink1" title="documentation:features">session restrictions</a> performances.
</p>
<p>
If you use features like <acronym title="Security Assertion Markup Language">SAML</acronym> (authentication and issuer), <acronym title="Central Authentication Service">CAS</acronym> (issuer) and password reset self-service, you also need to index some fields.
</p>
<p>
The following table list fields to index depending on the feature you want to use:
</p>
<table class="inline">
<tr class="row0 roweven">
<th class="col0 centeralign"> Feature </th><th class="col1 centeralign"> Fields to index </th>
</tr>
<tr class="row1 rowodd">
<td class="col0 centeralign"> Session explorer </td><td class="col1 centeralign"> ipAddr <em>WHATTOTRACE</em> </td>
</tr>
<tr class="row2 roweven">
<td class="col0 rightalign"> Session restrictions </td><td class="col1 centeralign"> ipAddr <em>WHATTOTRACE</em> </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 rightalign"> <acronym title="Security Assertion Markup Language">SAML</acronym> authentication and issuer </td><td class="col1 centeralign"> _saml_id ProxyID _nameID _assert_id _art_id </td>
</tr>
<tr class="row4 roweven">
<td class="col0 centeralign"> <acronym title="Central Authentication Service">CAS</acronym> issuer </td><td class="col1 centeralign"> _cas_id </td>
</tr>
<tr class="row5 rowodd">
<td class="col0 centeralign"> Password reset </td><td class="col1 centeralign"> user </td>
</tr>
</table>
<p>
<p><div class="noteimportant"><em>WHATTOTRACE</em> must be replaced by the attribute or macro configured in the What To Trace parameter (REMOTE_USER)
</div></p>
</p>
<p>
<p><div class="notetip">It is advised to use separate session backends for standard sessions, <acronym title="Security Assertion Markup Language">SAML</acronym> sessions and <acronym title="Central Authentication Service">CAS</acronym> sessions, in order to manage index separately.
</div></p>
</p>
<p>
<p><div class="noteclassic">Documentation below explains how set index on ipAddr and _whatToTrace; Adapt it to configure the index you need.
</div></p>
</p>
</div>
<!-- SECTION "Browseable session backend" [1-400] -->
<!-- SECTION "Browseable session backend" [1-1329] -->
<h2><a name="setup" id="setup">Setup</a></h2>
<div class="level2">
</div>
<!-- SECTION "Setup" [401-419] -->
<!-- SECTION "Setup" [1330-1348] -->
<h3><a name="prepare_database" id="prepare_database">Prepare database</a></h3>
<div class="level3">
@ -50,7 +94,7 @@ Using Redis, you just have to prepare Redis database. See <a href="../../documen
</p>
<p>
Database must be prepared exactly like in <a href="../../documentation/1.3/sqlsessionbackend.html#prepare_the_database" class="wikilink1" title="documentation:1.3:sqlsessionbackend">SQL session backend</a> except that a field must be added for each data to index. Example with MySQL and index set to _whatToTrace+ipAddr (recommended)
Database must be prepared exactly like in <a href="../../documentation/1.3/sqlsessionbackend.html#prepare_the_database" class="wikilink1" title="documentation:1.3:sqlsessionbackend">SQL session backend</a> except that a field must be added for each data to index.
</p>
<pre class="code file sql"><span class="kw1">CREATE</span> <span class="kw1">TABLE</span> sessions <span class="br0">&#40;</span>
id char<span class="br0">&#40;</span>32<span class="br0">&#41;</span> <span class="kw1">NOT</span> <span class="kw1">NULL</span> <span class="kw1">PRIMARY</span> <span class="kw1">KEY</span><span class="sy0">,</span>
@ -62,7 +106,7 @@ Database must be prepared exactly like in <a href="../../documentation/1.3/sqlse
<span class="br0">&#41;</span>;</pre>
</div>
<!-- SECTION "Prepare database" [420-1037] -->
<!-- SECTION "Prepare database" [1349-1896] -->
<h3><a name="manager" id="manager">Manager</a></h3>
<div class="level3">
@ -127,7 +171,7 @@ For databases like PostgreSQL, don&#039;t forget to add “Commit” with a valu
</p>
</div>
<!-- SECTION "Manager" [1038-2215] -->
<!-- SECTION "Manager" [1897-3074] -->
<h2><a name="security" id="security">Security</a></h2>
<div class="level2">
@ -141,4 +185,4 @@ You can also use different user/password for your servers by overriding paramete
</p>
</div>
<!-- SECTION "Security" [2216-] --></div><!-- closes <div class="dokuwiki export">-->
<!-- SECTION "Security" [3075-] --></div><!-- closes <div class="dokuwiki export">-->

44
doc/pages/documentation/1.3/portalcustom.html
View File

@ -51,7 +51,17 @@ LemonLDAP::NG is shipped with 3 skins:
<p>
You can change the skin in Manager: <code>General Parameters</code> &gt; <code>Portal</code> &gt; <code>Customization</code> &gt; <code>Skin</code>.
But you can make your own, see Skin customization below.
</p>
</div>
<!-- SECTION "Skin" [143-289] -->
<h3><a name="default_skin" id="default_skin">Default skin</a></h3>
<div class="level3">
<p>
You can change the default skin in Manager: <code>General Parameters</code> &gt; <code>Portal</code> &gt; <code>Customization</code> &gt; <code>Default skin</code>.
</p>
<p>
@ -59,7 +69,27 @@ You can change the skin in Manager: <code>General Parameters</code> &gt; <code>P
</p>
</div>
<!-- SECTION "Skin" [143-382] -->
<!-- SECTION "Default skin" [290-480] -->
<h3><a name="skin_rules" id="skin_rules">Skin rules</a></h3>
<div class="level3">
<p>
You might want to display different skin depending on the <acronym title="Uniform Resource Locator">URL</acronym> that was called before being redirected to the portal, or the <acronym title="Internet Protocol">IP</acronym> address of the user.
</p>
<p>
To achieve this, you can create a rule in the Manager: select <code>General Parameters</code> &gt; <code>Portal</code> &gt; <code>Customization</code> &gt; <code>Skin display rules</code> on click on “New key”. Then fill the two fields;
</p>
<ul>
<li class="level1"><div class="li"> <strong>Rule</strong>: a <acronym title="Practical Extraction and Report Language">Perl</acronym> expression (you can use %ENV hash to get environment variables, or $_url to get <acronym title="Uniform Resource Locator">URL</acronym> called before redirection, or $ipAddr to use user <acronym title="Internet Protocol">IP</acronym> address). If the rule evaluation is true, the corresponding skin is applied.</div>
</li>
<li class="level1"><div class="li"> <strong>Skin</strong>: the name of the skin to use.</div>
</li>
</ul>
</div>
<!-- SECTION "Skin rules" [481-1123] -->
<h3><a name="skin_files" id="skin_files">Skin files</a></h3>
<div class="level3">
@ -84,7 +114,7 @@ A skin will often refer to the <code>common</code> skin, which is not a real ski
</p>
</div>
<!-- SECTION "Skin files" [383-717] -->
<!-- SECTION "Skin files" [1124-1458] -->
<h3><a name="skin_customization" id="skin_customization">Skin customization</a></h3>
<div class="level3">
@ -145,7 +175,7 @@ To configure your new skin in Manager, select the custom skin, and enter your sk
</p>
</div>
<!-- SECTION "Skin customization" [718-1812] -->
<!-- SECTION "Skin customization" [1459-2553] -->
<h3><a name="error_messages" id="error_messages">Error messages</a></h3>
<div class="level3">
@ -159,7 +189,7 @@ Error messages are defined in source code. If they really do not please you, ove
<span class="re1">error_0</span> <span class="sy0">=</span><span class="re2"> Big brother is watching you, authenticated user</span></pre>
</div>
<!-- SECTION "Error messages" [1813-2150] -->
<!-- SECTION "Error messages" [2554-2891] -->
<h3><a name="template_parameters" id="template_parameters">Template parameters</a></h3>
<div class="level3">
@ -179,7 +209,7 @@ Then you will be able to use it in your template like this:
<pre class="code file html4strict">Hello <span class="sc2">&lt;TMPL_VAR <span class="kw3">NAME</span><span class="sy0">=</span><span class="st0">&quot;myparam&quot;</span>&gt;</span>!</pre>
</div>
<!-- SECTION "Template parameters" [2151-2521] -->
<!-- SECTION "Template parameters" [2892-3262] -->
<h2><a name="other_parameters" id="other_parameters">Other parameters</a></h2>
<div class="level2">
<ul>
@ -215,4 +245,4 @@ Then you will be able to use it in your template like this:
</p>
</div>
<!-- SECTION "Other parameters" [2522-] --></div><!-- closes <div class="dokuwiki export">-->
<!-- SECTION "Other parameters" [3263-] --></div><!-- closes <div class="dokuwiki export">-->

2
doc/pages/start.html
View File

@ -285,6 +285,6 @@ LemonLDAP::NG is the first <acronym title="Single Sign On">SSO</acronym> softwar
<a href="/_detail/icons/clock.png?id=start" class="media" title="icons:clock.png"><img src="../media/icons/clock.png" class="media" alt="" /></a>
</div>
</p>
<ul class="rss"><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2714" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2714" rel="nofollow">Rev 2714 -- Apply svn commit r2713 to 1.2 branch (#LEMONLDAP-573)</a> by fxdeltombe (2013/01/04 18:55)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2713" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2713" rel="nofollow">Rev 2713 -- Do not send void HTTP headers to apps (#LEMONLDAP-573)</a> by fxdeltombe (2013/01/04 18:54)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2712" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2712" rel="nofollow">Rev 2712 -- Apply svn commit r2711 to 1.2 branch (#LEMONLDAP-572)</a> by fxdeltombe (2013/01/03 20:57)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2711" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2711" rel="nofollow">Rev 2711 -- X-Forwarded-For Header in SOAP request sent by LL::NG::Handler::AuthBasic (#LEMONLDAP-572)</a> by fxdeltombe (2013/01/03 20:56)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2710" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2710" rel="nofollow">Rev 2710 -- Apply svn commit r2709 to 1.2 branch (#LEMONLDAP-559)</a> by fxdeltombe (2013/01/03 19:54)</div></li></ul>
<ul class="rss"><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2739" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2739" rel="nofollow">Rev 2739 -- Skin rules in trunk (#LEMONLDAP-578)</a> by clement_oudot (2013/01/16 16:43)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2738" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2738" rel="nofollow">Rev 2738 -- First implementation of skin rules for 1.2 branch (#LEMONLDAP-578)</a> by clement_oudot (2013/01/15 18:11)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2737" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2737" rel="nofollow">Rev 2737 -- Forward lmhidden fields in CAS authentication (#LEMONLDAP-563)</a> by clement_oudot (2013/01/15 15:19)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2736" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2736" rel="nofollow">Rev 2736 -- Update RELEASE documentation to include Debian packaging</a> by clement_oudot (2013/01/15 12:02)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2735" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2735" rel="nofollow">Rev 2735 -- Add link to test-apache2.conf in Debian packaging (#LEMONLDAP-568)</a> by clement_oudot (2013/01/15 10:27)</div></li></ul>
</div>
<!-- SECTION "SVN activity" [3372-] --></div><!-- closes <div class="dokuwiki export">-->