dani
/
lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Doc typos

This commit is contained in:
Christophe Maudoux 2022-02-09 00:10:59 +01:00
parent d83d79eec1
commit 8d84f14036
4 changed files with 30 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
doc/sources/admin/documentation.rst
View File

@ -31,7 +31,7 @@ Installation and configuration
- `Version 2.0 </documentation/2.0/>`__ (stable)
- `Version 1.9 </documentation/1.9/>`__ (oldstable)
- Archived versions (unmaintained by LLNG Team )
- Archived versions (unmaintained by LL::NG Team )
- `Version 1.4 </documentation/1.4/>`__
- `Version 1.3 </documentation/1.3/>`__
@ -42,19 +42,18 @@ Installation and configuration
Packaged versions
~~~~~~~~~~~~~~~~~
These versions are maintained under distribution umbrella following
their policy.
These versions are maintained under distribution umbrella following their policy.
Debian
^^^^^^
.. tip::
Following Debian Policy, LLNG packages are never upgraded in published distributions. However, security patches are backported by maintenance teams *(except some inor ones)*.
Following Debian Policy, LL::NG packages are never upgraded in published distributions. However, security patches are backported by maintenance teams *(except some minor ones)*.
See `Security tracker <https://security-tracker.debian.org/tracker/source-package/lemonldap-ng>`__
=========== ========================== ======================================== ===================================================== ============================================================ =============================== =============================================================
Debian dist LLNG version Secured Maintenance LTS Limit `Extended LTS <https://wiki.debian.org/LTS/Extended>`__ Limit
Debian dist LL::NG version Secured Maintenance LTS Limit `Extended LTS <https://wiki.debian.org/LTS/Extended>`__ Limit
=========== ========================== ======================================== ===================================================== ============================================================ =============================== =============================================================
*6* *Squeeze* *0.9.4.1* |maybe| No known vulnerability *None* *February 2016* *April 2019*
*7* *Wheezy* `1.1.2 </documentation/1.1/>`__ |maybe| No known vulnerability *None* *May 2018* *June 2020*
@ -64,10 +63,10 @@ Debian dist LLNG version
\ *Stretch-backports-sloppy* `2.0.11 </documentation/2.0/>`__ |maybe| *None* *August 2021*
**10** Buster `2.0.2 </documentation/2.0/>`__ |clean| CVE-2019-19791 tagged as minor `Debian Security Team <https://security-team.debian.org/>`__ June 2024 Probably 2026
\ *Buster-backports* `2.0.11 </documentation/2.0/>`__ |clean| *None* *August 2021*
\ Buster-backports-sloppy `2.0.11 </documentation/2.0/>`__ |clean| LLNG Team, "best effort" [3]_ Until Debian 12 release [4]_
\ Buster-backports-sloppy `2.0.11 </documentation/2.0/>`__ |clean| LL::NG Team, "best effort" [3]_ Until Debian 12 release [4]_
**11** Bullseye `2.0.11 </documentation/2.0/>`__ |clean| `Debian Security Team <https://security-team.debian.org/>`__ July 2026 Probably 2028
\ Bullseye-backports `2.0.11 </documentation/2.0/>`__ |clean| LLNG Team, "best effort" [3]_ Until Debian 12 release [4]_
**Next** Testing/Unstable Latest [5]_ |clean| LLNG Team
\ Bullseye-backports `2.0.11 </documentation/2.0/>`__ |clean| LL::NG Team, "best effort" [3]_ Until Debian 12 release [4]_
**Next** Testing/Unstable Latest [5]_ |clean| LL::NG Team
=========== ========================== ======================================== ===================================================== ============================================================ =============================== =============================================================
See `Debian Security
@ -83,7 +82,7 @@ Ubuntu
Ubuntu version are included in "universe" branch [8]_, so not really security maintained. Prefer to use our repositories or Debian ones
=========== ============= ================================ ==================================================================== ===========
Ubuntu dist LLNG version Secured Maintenance
Ubuntu dist LL::NG version Secured Maintenance
=========== ============= ================================ ==================================================================== ===========
12.04 Precise `1.1.2 </documentation/1.1/>`__ |maybe| No known vulnerability None
14.04 Trusty `1.2.5 </documentation/1.2/>`__ |maybe| No known vulnerability None
@ -108,7 +107,7 @@ Development
- `Source
code <https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/tree/master>`__
- `Nightly trunk builds <http://lemonldap-ng.ow2.io/lemonldap-ng/>`__
*(for Debian or Ubuntu,*\ **really unstable**\ *)*
*(for Debian or Ubuntu, *\ **really unstable**\ *)*
- Git access:
::
@ -139,7 +138,7 @@ Other
Possible `Extended LTS <https://wiki.debian.org/LTS/Extended>`__
.. [3]
updated by `LLNG Team </team>`__ until dependencies are compatible.
updated by `LL::NG Team </team>`__ until dependencies are compatible.
Don't use backports unless you plan to update your system because
backports are not covered by Debian Security Policy
@ -151,7 +150,7 @@ Other
.. [8]
Ubuntu universe/multiverse branches are community maintained *(so not
maintained by Canonical)*, but in fact nobody considers LLNG security
maintained by Canonical)*, but in fact nobody considers LL::NG security
issues. See `this
issue <https://bugs.launchpad.net/ubuntu/+source/lemonldap-ng/+bug/1829016>`__
for example

22
doc/sources/admin/features.rst
View File

@ -28,11 +28,13 @@ Unifying authentications (Identity Federation)
LL::NG can easily exchange with other authentication systems by using
SAML, OpenID or CAS protocoles. It may be the backbone of a
heterogeneous architecture. LL:NG can be set as Identity provider,
heterogeneous architecture.
LL:NG can be set as Identity provider,
Service Provider or Protocol Proxy
(:doc:`LL::NG as federation protocol proxy<federationproxy>`).
Its SOAP API can also be used to dialogue directly with your custom
Its REST / SOAP API can also be used to dialogue directly with your custom
applications.
Sessions
@ -48,8 +50,7 @@ opened sessions:
- by users
- by IP *(IPv4 and IPv6)*
- by double IP (sessions opened by the same user from multiple
computers)
- by double IP (sessions opened by the same user from multiple computers)
- by date
It can be used to delete a session
@ -59,9 +60,8 @@ It can be used to delete a session
Session restrictions
~~~~~~~~~~~~~~~~~~~~
By default, a user can open several
:doc:`sessions<sessions>`. LL::NG can restrict
the following:
By default, a user can open several :doc:`sessions<sessions>`.
LL::NG can restrict the following:
- Allow only one session per user
- Allow only one IP address per user
@ -72,17 +72,17 @@ Those capabilities can be used simultaneously or separately.
Double cookie
~~~~~~~~~~~~~
LL::NG can be configured to provides
:doc:`2 cookies<ssocookie>`:
LL::NG can be configured to provides :doc:`2 cookies<ssocookie>`:
- one secured (SSL only) for sensitive applications
- one unsecured for other applications
So that if the http cookie is stolen, sensitive applications remain secured.
Notifications
-------------
LL::NG can be used to notify users with a message when authenticating. This can be used to
inform of a change in access rights, the publication of a new IT charter, etc. (See
:doc:`notifications<notifications>` for more details)
inform of a change in access rights, the publication of a new IT charter, etc...
(See :doc:`notifications<notifications>` for more details)

9
doc/sources/admin/federationproxy.rst
View File

@ -1,8 +1,7 @@
LL::NG as federation protocol proxy
===================================
LL::NG can use federation protocols (SAML, CAS, OpenID) independently
to:
LL::NG can use federation protocols (SAML, CAS, OpenID) independently to:
- authenticate users
- provide identities to other systems
@ -11,7 +10,7 @@ So you can configure it to authenticate users using a federation
protocol and simultaneously to provide identities using other(s)
federation protocols.
Schemes tested:
Tested schemes:
- SAML / OpenID-Connect:
@ -30,8 +29,8 @@ Schemes tested:
:doc:`CAS<idpcas>`/:doc:`SAML<authsaml>` proxy **<=>** SAML
Identity Provider
Note that OpenID-Connect consortium hasn't already defined single-logout
initiated by OpenID-Connect Provider. LLNG will implement it when this
Note that OpenID-Connect consortium has not already defined single-logout
initiated by OpenID-Connect Provider. LL::NG will implement it when this
standard will be published.

11
doc/sources/admin/presentation.rst
View File

@ -36,7 +36,7 @@ Databases
.. attention::
We call "database" a backend where we can read or write a data.
This can be a file, an LDAP directory, etc.
This can be a file, an LDAP directory, etc...
We split databases in two categories:
@ -123,8 +123,7 @@ on protected applications, with different behavior:
- **SSO and Application logout**: the request is forwarded to
application and SSO session is closed
After logout process, the user is redirected on portal, or on a
configured URL.
After logout process, the user is redirected on portal, or on a configured URL.
Session expiration
~~~~~~~~~~~~~~~~~~
@ -136,10 +135,8 @@ This duration can be set in the manager's Configuration tab (General Parameters
- Handlers have a session cache, with a default lifetime of 10 minutes.
So for Handlers located on different physical servers than the Portal, a user
with an expired session can still be authorized until the cache
expires.
- Sessions are deleted by a scheduled task. Don't forget to install
cron files !
with an expired session can still be authorized until the cache expires.
- Sessions are deleted by a scheduled task. Don't forget to install cron files!