Doc update

This commit is contained in:
Clément Oudot 2010-11-30 10:17:30 +00:00
parent 8452030241
commit 9041afecf0
5 changed files with 181 additions and 58 deletions

View File

@ -66,5 +66,21 @@ This can be used to protect applications relying on <code>REMOTE_USER</code> env
&nbsp;
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>
<p>
<p><div class="notetip">
Sometimes, <acronym title="Hypertext Preprocessor">PHP</acronym> applications also check the <acronym title="Hypertext Preprocessor">PHP</acronym>_AUTH_USER and <acronym title="Hypertext Preprocessor">PHP</acronym>_AUHT_PW environment variables. You can set them the same way:
</p>
<pre class="code file apache"><span class="kw1">SetEnvIfNoCase</span> Auth-<span class="kw1">User</span> <span class="st0">&quot;(.*)&quot;</span> PHP_AUTH_USER=$1
<span class="kw1">SetEnvIfNoCase</span> Auth-Password <span class="st0">&quot;(.*)&quot;</span> PHP_AUTH_PW=$<span class="nu0">1</span></pre>
<p>
Of course, you need to <a href="../../documentation/1.0/passwordstore.html" class="wikilink1" title="documentation:1.0:passwordstore">store password in session</a> to fill <acronym title="Hypertext Preprocessor">PHP</acronym>_AUTH_PW.
</div></p>
</p>
</div>
</div><!-- closes <div class="dokuwiki export">-->

View File

@ -96,19 +96,20 @@ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
</pre>
<p>
<p><div class="notewarning">
You must also install a repository for non-core dependencies. Example with EPEL:
</p>
<pre class="file">
rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
</pre>
<pre class="code shell">rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm</pre>
<p>
See <a href="../../documentation/1.0/prereq.html#yum" class="wikilink1" title="documentation:1.0:prereq">Prerequisites and dependencies</a> chapter for more.
See <a href="../../documentation/1.0/prereq.html#yum" class="wikilink1" title="documentation:1.0:prereq">prerequisites and dependencies</a> chapter for more.
</div></p>
</p>
</div>
<!-- SECTION "YUM repository" [975-1527] -->
<!-- SECTION "YUM repository" [975-1556] -->
<h3><a name="manual_download" id="manual_download">Manual download</a></h3>
<div class="level3">
@ -118,7 +119,7 @@ RPMs are available on the <a href="../../download.html" class="wikilink1" title=
</p>
</div>
<!-- SECTION "Manual download" [1528-1610] -->
<!-- SECTION "Manual download" [1557-1639] -->
<h2><a name="package_gpg_signature" id="package_gpg_signature">Package GPG signature</a></h2>
<div class="level2">
@ -135,18 +136,22 @@ rpm --import rpm-gpg-key-ow2
</pre>
</div>
<!-- SECTION "Package GPG signature" [1611-1776] -->
<h2><a name="install_packages_with_yum" id="install_packages_with_yum">Install packages with yum</a></h2>
<!-- SECTION "Package GPG signature" [1640-1805] -->
<h2><a name="install_packages" id="install_packages">Install packages</a></h2>
<div class="level2">
</div>
<!-- SECTION "Install packages" [1806-1835] -->
<h3><a name="with_yum" id="with_yum">With YUM</a></h3>
<div class="level3">
<p>
If the packages are stored in a yum repository:
</p>
<pre class="code shell"># yum install lemonldap-ng
...
Transaction Summary
<pre class="code shell">yum install lemonldap-ng</pre>
<pre class="code shell">Transaction Summary
===================================================
Install 82 Package(s)
Upgrade 0 Package(s)
@ -159,22 +164,17 @@ You can also use yum on local RPMs file:
</p>
<pre class="code">
# yum localinstall lemonldap-ng-* perl-Lemonldap-NG-*
yum localinstall lemonldap-ng-* perl-Lemonldap-NG-*
</pre>
<p>
<p><div class="noteimportant">In any cases, you will need to add a repository hosting <acronym title="Practical Extraction and Report Language">Perl</acronym> modules dependencies, like EPEL, see <a href="../../documentation/1.0/prereq.html" class="wikilink1" title="documentation:1.0:prereq">dependencies</a>.
</div></p>
</p>
</div>
<!-- SECTION "Install packages with yum" [1777-2347] -->
<h2><a name="install_packages_with_rpm" id="install_packages_with_rpm">Install packages with rpm</a></h2>
<div class="level2">
<!-- SECTION "With YUM" [1836-2253] -->
<h3><a name="with_rpm" id="with_rpm">With RPM</a></h3>
<div class="level3">
<p>
Before installing the packages, install <a href="../../documentation/1.0/prereq.html" class="wikilink1" title="documentation:1.0:prereq">dependencies</a>.
Before installing the packages, install all <a href="../../documentation/1.0/prereq.html" class="wikilink1" title="documentation:1.0:prereq">dependencies</a>.
</p>
<p>
@ -185,22 +185,92 @@ You have then to install all the downloaded packages:
rpm -Uvh lemonldap-ng-* perl-Lemonldap-NG-*
</pre>
</div>
<!-- SECTION "Install packages with rpm" [2348-2566] -->
<h2><a name="install_just_one_component" id="install_just_one_component">Install just one component</a></h2>
<div class="level2">
<p>
<p><div class="notetip">
You can choose to install only one component by choosing the package <code>lemonldap-ng-portal</code>, <code>lemonldap-ng-handler</code> or <code>lemonldap-ng-manager</code>.
</p>
<p>
Install the package <code>lemonldap-ng-conf</code> only on the server which stores configuration.
</div></p>
</p>
</div>
<!-- SECTION "Install just one component" [2567-2845] -->
<!-- SECTION "With RPM" [2254-2716] -->
<h2><a name="first_configuration_steps" id="first_configuration_steps">First configuration steps</a></h2>
<div class="level2">
</div>
<!-- SECTION "First configuration steps" [2717-2755] -->
<h3><a name="change_default_dns_domain" id="change_default_dns_domain">Change default DNS domain</a></h3>
<div class="level3">
<p>
By default, <acronym title="Domain Name System">DNS</acronym> domain is <code>example.com</code>. You can change it quick with a sed command. For example, we change it to <code>ow2.org</code>:
</p>
<pre class="code shell">sed -i 's/example\.com/ow2.org/g' /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1 /var/lib/lemonldap-ng/test/index.pl</pre>
</div>
<!-- SECTION "Change default DNS domain" [2756-3070] -->
<h3><a name="apache_virtual_host" id="apache_virtual_host">Apache virtual host</a></h3>
<div class="level3">
<p>
If <acronym title="LemonLDAP::NG">LL::NG</acronym> is the only software installed in Apache, the virtual host feature may not have already been activated.
</p>
<p>
To do it, uncomment the <code>NameVirtualHost</code> line in <code>/etc/httpd/conf.d/z-lemonldap-ng-handler.conf</code>:
</p>
<pre class="code file apache"><span class="kw1">NameVirtualHost</span> *:<span class="nu0">80</span></pre>
<p>
Check Apache configuration and restart:
</p>
<pre class="code shell">apachectl configtest
apachectl restart</pre>
</div>
<!-- SECTION "Apache virtual host" [3071-3465] -->
<h3><a name="upgrade" id="upgrade">Upgrade</a></h3>
<div class="level3">
<p>
If you upgraded <acronym title="LemonLDAP::NG">LL::NG</acronym>, check all <a href="../../documentation/1.0/upgrade.html" class="wikilink1" title="documentation:1.0:upgrade">upgrade notes</a>.
</p>
<p>
For apache configuration, you may have to remove the old symbolic link, if not done by the RPM:
</p>
<pre class="code shell">rm -f /etc/httpd/conf.d/z-lemonldap-ng.conf</pre>
<p>
Your old Apache configuration should have been saved, you need to port your specificities in new Apache configuration files:
</p>
<pre class="code shell">vi /etc/lemonldap-ng/apache2.conf.rpmsave</pre>
<p>
The upgrade process will also have migrate old configuration files into <code>/etc/lemonldap-ng/lemonldap-ng.ini</code>. This includes the application list which is now set in the <code>applicationList</code> parameter from <code>[portal]</code> section, for example:
</p>
<pre class="code file ini"><span class="re0"><span class="br0">&#91;</span>portal<span class="br0">&#93;</span></span>
<span class="re1">applicationList</span><span class="sy0">=</span><span class="re2"><span class="br0">&#123;</span> 'Menu' <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> type <span class="sy0">=</span>&gt; 'category', 'Example' <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> type <span class="sy0">=</span>&gt; 'category', 'test1' <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> type <span class="sy0">=</span>&gt; 'application', options <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> name <span class="sy0">=</span>&gt; 'Application Test <span class="nu0">1</span>', uri <span class="sy0">=</span>&gt; 'http://test1.example.com/', description <span class="sy0">=</span>&gt; 'A simple application displaying authenticated user', logo <span class="sy0">=</span>&gt; 'wheels.png', display <span class="sy0">=</span>&gt; 'auto', <span class="br0">&#125;</span>, <span class="br0">&#125;</span>,'test2' <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> type <span class="sy0">=</span>&gt; 'application', options <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> name <span class="sy0">=</span>&gt; 'Application Test <span class="nu0">2</span>', uri <span class="sy0">=</span>&gt; 'http://test2.example.com/', description <span class="sy0">=</span>&gt; 'The same simple application displaying authenticated user', logo <span class="sy0">=</span>&gt; 'wheels.png', display <span class="sy0">=</span>&gt; 'auto', <span class="br0">&#125;</span>, <span class="br0">&#125;</span>, <span class="br0">&#125;</span>,'Administration' <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> type <span class="sy0">=</span>&gt; 'category', 'manager' <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> type <span class="sy0">=</span>&gt; 'application', options <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> name <span class="sy0">=</span>&gt; 'WebSSO Manager', uri <span class="sy0">=</span>&gt; 'http://manager.example.com/', description <span class="sy0">=</span>&gt; 'Configure LemonLDAP::NG WebSSO', logo <span class="sy0">=</span>&gt; 'tools.png', display <span class="sy0">=</span>&gt; 'on', <span class="br0">&#125;</span>, <span class="br0">&#125;</span>,'sessions' <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> type <span class="sy0">=</span>&gt; 'application', options <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> name <span class="sy0">=</span>&gt; 'Sessions explorer', uri <span class="sy0">=</span>&gt; 'http://manager.example.com/sessions.pl', description <span class="sy0">=</span>&gt; 'Explore WebSSO sessions', logo <span class="sy0">=</span>&gt; 'tools.png', display <span class="sy0">=</span>&gt; 'on', <span class="br0">&#125;</span>, <span class="br0">&#125;</span>, <span class="br0">&#125;</span>,'Documentation' <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> type <span class="sy0">=</span>&gt; 'category', 'localdoc' <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> type <span class="sy0">=</span>&gt; 'application', options <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> name <span class="sy0">=</span>&gt; 'Local documentation', uri <span class="sy0">=</span>&gt; 'http://manager.example.com/doc/', description <span class="sy0">=</span>&gt; 'Documentation supplied with LemonLDAP::NG', logo <span class="sy0">=</span>&gt; 'docs.png', display <span class="sy0">=</span>&gt; 'on', <span class="br0">&#125;</span>, <span class="br0">&#125;</span>,'officialwebsite' <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> type <span class="sy0">=</span>&gt; 'application', options <span class="sy0">=</span>&gt; <span class="br0">&#123;</span> name <span class="sy0">=</span>&gt; 'Offical Website', uri <span class="sy0">=</span>&gt; 'http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation', description <span class="sy0">=</span>&gt; 'Official LemonLDAP::NG Website', logo <span class="sy0">=</span>&gt; 'web.png', display <span class="sy0">=</span>&gt; 'on', <span class="br0">&#125;</span>, <span class="br0">&#125;</span>, <span class="br0">&#125;</span>, <span class="br0">&#125;</span>, <span class="br0">&#125;</span></span></pre>
<p>
<p><div class="noteimportant">You should now use the Manager to configure all <a href="../../documentation/1.0/portalmenu.html#categories_and_applications" class="wikilink1" title="documentation:1.0:portalmenu">applications and categories</a>, and then comment or remove the <code>applicationList</code> parameter from <code>/etc/lemonldap-ng/lemonldap-ng.ini</code>.
</div></p>
</p>
</div>
<!-- SECTION "Upgrade" [3466-5975] -->
<h2><a name="file_location" id="file_location">File location</a></h2>
<div class="level2">
<ul>
@ -217,20 +287,7 @@ Install the package <code>lemonldap-ng-conf</code> only on the server which stor
</ul>
</div>
<!-- SECTION "File location" [2846-3201] -->
<h2><a name="change_default_dns_domain" id="change_default_dns_domain">Change default DNS domain</a></h2>
<div class="level2">
<p>
By default, <acronym title="Domain Name System">DNS</acronym> domain is <code>example.com</code>. You can change it quick with a sed command. For example, we change it to <code>ow2.org</code>:
</p>
<pre class="code">
sed -i &#039;s/example\.com/ow2.org/g&#039; /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1 /var/lib/lemonldap-ng/test/index.pl
</pre>
</div>
<!-- SECTION "Change default DNS domain" [3202-3512] -->
<!-- SECTION "File location" [5976-6332] -->
<h2><a name="build_your_packages" id="build_your_packages">Build your packages</a></h2>
<div class="level2">
@ -264,4 +321,4 @@ rpmbuild -ta SOURCES/lemonldap-ng-VERSION.tar.gz
</pre>
</div>
<!-- SECTION "Build your packages" [3513-] --></div><!-- closes <div class="dokuwiki export">-->
<!-- SECTION "Build your packages" [6333-] --></div><!-- closes <div class="dokuwiki export">-->

View File

@ -65,4 +65,24 @@ Go in Manager, <code>General Parameters</code> » <code>Sessions </code> » <cod
</p>
</div>
<!-- SECTION "Configuration" [643-] --></div><!-- closes <div class="dokuwiki export">-->
<!-- SECTION "Configuration" [643-787] -->
<h2><a name="usage" id="usage">Usage</a></h2>
<div class="level2">
<p>
User password is now available in <code>$_password</code> variable. For example, to send it in an header:
</p>
<pre class="code">
Auth-Password =&gt; $_password
</pre>
<p>
<p><div class="notetip">For security reasons, the password is not shown in sessions explorer.
</div></p>
</p>
</div>
<!-- SECTION "Usage" [788-] --></div><!-- closes <div class="dokuwiki export">-->

View File

@ -123,13 +123,13 @@ Remove the <code>-p</code> options if you want to delete old files.
<p>
<p><div class="noteimportant">
The migration of application list in ini file will work, but it will then be hard to update. You should use the Manager and reconfigure all <a href="../../documentation/1.0/portalmenu.html#categories_and_applications" class="wikilink1" title="documentation:1.0:portalmenu">categories and applications</a> trough it, and then comment <code>applicationList</code> in ini file.
</div></p>
<p><div class="notewarning">
Be sure that <code>lemonldap-ng.ini</code> is readable by your Apache server and not for other:
</p>
<ul>
<li class="level1"><div class="li"> The migration of application list in ini file will work, but it will then be hard to update. You should use the Manager and reconfigure all categories and applications trough it, and then comment application list in ini file.</div>
</li>
<li class="level1"><div class="li"> Be sure that lemonldap-ng.ini is readable by your Apache server and not for other:</div>
</li>
</ul>
<pre class="code shell">chmod 640 /etc/lemonldap-ng/lemonldap-ng.ini
chown root:www-data /etc/lemonldap-ng/lemonldap-ng.ini</pre>
@ -140,7 +140,25 @@ chown root:www-data /etc/lemonldap-ng/lemonldap-ng.ini</pre>
</p>
</div>
<!-- SECTION "LemonLDAP::NG configuration files" [777-2569] -->
<!-- SECTION "LemonLDAP::NG configuration files" [777-2634] -->
<h2><a name="custom_skin" id="custom_skin">Custom skin</a></h2>
<div class="level2">
<p>
If you have built a custom skin for <acronym title="LemonLDAP::NG">LL::NG</acronym> portal, you will need to adapt it to the new version.
</p>
<p>
If you just modified the <acronym title="Cascading Style Sheets">CSS</acronym> file, you can follow the <a href="../../documentation/1.0/portalcustom.html#skin_customization" class="wikilink1" title="documentation:1.0:portalcustom">skin customization documentation</a> and copy you <acronym title="Cascading Style Sheets">CSS</acronym> in the new skin.
</p>
<p>
If you modified also the templates, you have to import all templates changes into your skin. The easiest way is maybe to start by copying new skin and then import your changes into it.
</p>
</div>
<!-- SECTION "Custom skin" [2635-3102] -->
<h2><a name="customized_scripts_parameters" id="customized_scripts_parameters">Customized scripts parameters</a></h2>
<div class="level2">
@ -177,7 +195,7 @@ This will prevent your local modifications to be dropped when you will update yo
</p>
</div>
<!-- SECTION "Customized scripts parameters" [2570-3507] -->
<!-- SECTION "Customized scripts parameters" [3103-4040] -->
<h2><a name="liberty_alliance_portal" id="liberty_alliance_portal">Liberty Alliance portal</a></h2>
<div class="level2">
@ -191,7 +209,7 @@ To replace it, LemonLDAP::NG has now SAML2 authentication backend.
</p>
</div>
<!-- SECTION "Liberty Alliance portal" [3508-3697] -->
<!-- SECTION "Liberty Alliance portal" [4041-4230] -->
<h2><a name="dbi_configuration_backend" id="dbi_configuration_backend">DBI configuration backend</a></h2>
<div class="level2">
@ -214,4 +232,4 @@ To replace it, LemonLDAP::NG has now SAML2 authentication backend.
</p>
</div>
<!-- SECTION "DBI configuration backend" [3698-] --></div><!-- closes <div class="dokuwiki export">-->
<!-- SECTION "DBI configuration backend" [4231-] --></div><!-- closes <div class="dokuwiki export">-->

View File

@ -1,11 +1,10 @@
How to build RPM LemonLDAP::NG
== How to build RPM LemonLDAP::NG ==
%_topdir: where you build RPMs (by default, /usr/src/redhat)
- Install rpm-build package
- Install all build dependencies (see BuildRequires in lemonldap-ng.spec)
- Put lemonldap-ng.spec in %_topdir/SPECS
- Put LemonLDAP::NG tarball in %_topdir/SOURCES
- Put LemonLDAP::NG tarball in %_topdir/SOURCES (built with 'make dist')
- Edit ~/.rpmmacros and set your build parameters (example for RHEL5):
-----
%_topdir /home/user/build
@ -13,7 +12,20 @@ How to build RPM LemonLDAP::NG
%rhel 5
-----
- Go to %_topdir
- Do rpmbuild -ba SPECS/lemonldap-ng.spec
- Do rpmbuild -ta SOURCES/lemonldap-ng-VERSION.tar.gz
This RPM can be build for several distribution like RedHat, CentOS, Fedora, OpenSuSE...
This RPM can be built for several distribution like RedHat, CentOS, Fedora, OpenSuSE...
== Update YUM repository ==
The YUM repository is hosted on http://lemonldap-ng.org/rpm
First copy RPM files (they must be signed!) and source RPM:
$ scp *.noarch.rpm lemonldapng@lemonldap-ng.org:rpm/noarch/
$ scp *.src.rpm lemonldapng@lemonldap-ng.org:rpm/SRPMS/
Then connect on server and launch repodata:
$ ssh lemonldapng@lemonldap-ng.org
lemonldapng@lemonldap-ng.org$ repodata rpm/
That's all!