From 8a8146e4ca337e11429a6642e22a1c37dd27abe3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20Oudot?= Date: Wed, 16 Jan 2013 16:07:46 +0000 Subject: [PATCH] Update documentation --- .../1.3/browseablesessionbackend.html | 56 +++++++++++++++++-- doc/pages/documentation/1.3/portalcustom.html | 44 ++++++++++++--- doc/pages/start.html | 2 +- 3 files changed, 88 insertions(+), 14 deletions(-) diff --git a/doc/pages/documentation/1.3/browseablesessionbackend.html b/doc/pages/documentation/1.3/browseablesessionbackend.html index e66de40e4..13f913a6c 100644 --- a/doc/pages/documentation/1.3/browseablesessionbackend.html +++ b/doc/pages/documentation/1.3/browseablesessionbackend.html @@ -30,13 +30,57 @@ Browseable session backend (Apache::Session::Browseable) works exactly like Apache::Session::* corresponding module but add indexes that increase session explorer and session restrictions performances.

+

+If you use features like SAML (authentication and issuer), CAS (issuer) and password reset self-service, you also need to index some fields. +

+ +

+The following table list fields to index depending on the feature you want to use: +

+ + + + + + + + + + + + + + + + + + + +
Feature Fields to index
Session explorer ipAddr WHATTOTRACE
Session restrictions ipAddr WHATTOTRACE
SAML authentication and issuer _saml_id ProxyID _nameID _assert_id _art_id
CAS issuer _cas_id
Password reset user
+ +

+ +

WHATTOTRACE must be replaced by the attribute or macro configured in the What To Trace parameter (REMOTE_USER) +

+

+ +

+

It is advised to use separate session backends for standard sessions, SAML sessions and CAS sessions, in order to manage index separately. +

+

+ +

+

Documentation below explains how set index on ipAddr and _whatToTrace; Adapt it to configure the index you need. +

+

+ - +

Setup

- +

Prepare database

@@ -50,7 +94,7 @@ Using Redis, you just have to prepare Redis database. See SQL session backend except that a field must be added for each data to index. Example with MySQL and index set to _whatToTrace+ipAddr (recommended) +Database must be prepared exactly like in SQL session backend except that a field must be added for each data to index. 

CREATE TABLE sessions (
     id char(32) NOT NULL PRIMARY KEY,
@@ -62,7 +106,7 @@ Database must be prepared exactly like in );
- +

Manager

@@ -127,7 +171,7 @@ For databases like PostgreSQL, don't forget to add “Commit” with a valu

- +

Security

@@ -141,4 +185,4 @@ You can also use different user/password for your servers by overriding paramete

- \ No newline at end of file + \ No newline at end of file diff --git a/doc/pages/documentation/1.3/portalcustom.html b/doc/pages/documentation/1.3/portalcustom.html index d93a32c3e..99873440f 100644 --- a/doc/pages/documentation/1.3/portalcustom.html +++ b/doc/pages/documentation/1.3/portalcustom.html @@ -51,7 +51,17 @@ LemonLDAP::NG is shipped with 3 skins:

-You can change the skin in Manager: General Parameters > Portal > Customization > Skin. +But you can make your own, see Skin customization below. +

+ + + +

Default skin

+
+ +

+ +You can change the default skin in Manager: General Parameters > Portal > Customization > Default skin.

@@ -59,7 +69,27 @@ You can change the skin in Manager: General Parameters > P

- + +

Skin rules

+
+ +

+ +You might want to display different skin depending on the URL that was called before being redirected to the portal, or the IP address of the user. +

+ +

+To achieve this, you can create a rule in the Manager: select General Parameters > Portal > Customization > Skin display rules on click on “New key”. Then fill the two fields; +

+
    +
  • Rule: a Perl expression (you can use %ENV hash to get environment variables, or $_url to get URL called before redirection, or $ipAddr to use user IP address). If the rule evaluation is true, the corresponding skin is applied.
    +
    • +
  • Skin: the name of the skin to use.
    +
    • +
+ +
+

Skin files

@@ -84,7 +114,7 @@ A skin will often refer to the common skin, which is not a real ski

- +

Skin customization

@@ -145,7 +175,7 @@ To configure your new skin in Manager, select the custom skin, and enter your sk

- +

Error messages

@@ -159,7 +189,7 @@ Error messages are defined in source code. If they really do not please you, ove error_0 = Big brother is watching you, authenticated user
- +

Template parameters

@@ -179,7 +209,7 @@ Then you will be able to use it in your template like this: 
Hello <TMPL_VAR NAME="myparam">!
- +

Other parameters

    @@ -215,4 +245,4 @@ Then you will be able to use it in your template like this:

- \ No newline at end of file + \ No newline at end of file diff --git a/doc/pages/start.html b/doc/pages/start.html index 6282ab475..755fcd326 100644 --- a/doc/pages/start.html +++ b/doc/pages/start.html @@ -285,6 +285,6 @@ LemonLDAP::NG is the first SSO softwar

- + \ No newline at end of file