dani
/
lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

LEMONLDAP::NG : documentation and Debian installation improvement

This commit is contained in:
Xavier Guimard 2007-05-03 19:47:57 +00:00
parent d1f45296a3
commit 95221d4ae4
12 changed files with 296 additions and 206 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
build/lemonldap-ng/TODO
View File

@ -2,15 +2,28 @@ Lemonldap::NG TODO
------------------
TODO list for Lemonldap::NG development
- Priority: High Status: Planning Created: 2007\04\21 13-13-25
- Priority: High Status: In progress Created: 2007\04\21 13-13-25
Buttons to manage configurations (delete, next, previous, last,...)
- Priority: Normal Status: In progress Created: 2007\04\21 13-05-54
Help in english
- Priority: Low Status: Planning Created: 2007\04\21 13-14-55
- Priority: Low Status: N/A Created: 2007\05\03 11-40-36
Delete buttons in virtualHosts if 'read"-"only'
- Priority: Normal Status: Planning Created: 2007\05\03 12-28-30
Modify example to use nameVirtualHost instead of 127.0.0.x adresses
- Priority: Normal Status: In progress Created: 2007\05\03 10-41-36
Modify install to make a running example as debian install
- Priority: Normal Status: In progress Created: 2007\05\03 11-45-05
Display errors in saveConf
- Priority: Normal Status: N/A Created: 2007\05\03 11-50-17
Test and documentation for SOAP authentication
- Priority: Low Status: Planning Created: 2007\05\03 11-46-55
Documentation :
* logout documentation
- Priority: Low Status: N/A Created: 2007\05\03 11-47-42
Order rules :
* find a system to move up and down rules in manager interface
* split locationRules into 2 arrays
- Priority: Low Status: N/A Created: 2007\04\21 13-14-55
Simplified manager interface fo rules:
* simplified regexp (* instead of .*,...)
* simple combobox to choose groups
- Priority: Low Status: Planning Created: 2007\04\23 21-26-18
TLS in LDAP connection. SSL works, but start_tls cannot yet be called.
- Priority: Normal Status: Planning Created: 2007\05\01 08-59-46
Timeout documentation

3
build/lemonldap-ng/debian/changelog
View File

@ -5,11 +5,12 @@ lemonldap-ng (0.8.1.2) unstable; urgency=low
* New: port is now checked in portal redirection
* Different configurations can now be used on the same server at the same
time
* Help in english
* New debian structure: lemonldap-ng is splitted in 5 packages, default
configuration file has moved to /var/lib/lemonldap-ng/conf/ and first
configuration file is managed by debconf
-- Xavier Guimard <x.guimard@free.fr> Tue, 01 May 2007 16:18:47 +0200
-- Xavier Guimard <x.guimard@free.fr> Thu, 03 May 2007 10:39:51 +0200
lemonldap-ng (0.8.1.1) unstable; urgency=low

12
build/lemonldap-ng/debian/control
View File

@ -11,6 +11,8 @@ Depends: liblemonldap-ng-handler-perl, liblemonldap-ng-manager-perl, liblemonlda
Description: Lemonldap::NG Web-SSO system
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
or directly on application apache servers.
.
This package is a meta package that install handler, manager and portal.
Package: liblemonldap-ng-handler-perl
Architecture: all
@ -18,6 +20,8 @@ Depends: libapache-session-perl, libwww-perl, libcache-cache-perl, liblemonldap-
Description: Lemonldap::NG apache module part
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
or directly on application apache servers.
.
This package installs the Apache module part (handler) used to protect web areas.
Package: liblemonldap-ng-conf-perl
Architecture: all
@ -26,6 +30,9 @@ Recommends: libsoap-lite-perl
Description: Lemonldap::NG apache manager part
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
or directly on application apache servers.
.
This package installs the configuration libraries used by other Lemonldap::NG
modules.
Package: liblemonldap-ng-manager-perl
Architecture: all
@ -34,6 +41,8 @@ Recommends: libcache-cache-perl, libapache-session-perl, libsoap-lite-perl
Description: Lemonldap::NG apache manager part
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
or directly on application apache servers.
.
This package installs the administration interface (manager).
Package: liblemonldap-ng-portal-perl
Architecture: all
@ -42,4 +51,5 @@ Recommends: liblasso-perl
Description: Lemonldap::NG apache authentication portal part
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
or directly on application apache servers.
.
This package installs the authentication portal.

3
build/lemonldap-ng/debian/liblemonldap-ng-conf-perl.postinst
View File

@ -15,7 +15,8 @@ then
for i in domain ldapServer ldapPort ldapBase managerDn managerPassword portal; do
db_get liblemonldap-ng-conf-perl/$i || true
perl -000 -i -pe "s#^$i(\\n\\s+)('?)[^\\n]*?('?)\$#$i\${1}\${2}$RET\${3}#m" $FIRSTCONFFILE
perl -000 -i -pe "s#^$i(\\n\\s+)('?)[^\\n]*?('?)\$#$i\${1}\${2}$RET\${3}#m" $FIRSTCONFFILE
done
perl -000 -i -pe "s#^(globalStorageOptions\\n\\s+)'[^\\n]*?'\$#\${1}\'BAcEMTIzNAQEBAgDAgAAAAofL3Zhci9saWIvbGVtb25sZGFwLW5nL3Nlc3Npb25zLwkAAABEaXJlY3RvcnkKJC92YXIvbGliL2xlbW9ubGRhcC1uZy9zZXNzaW9ucy9sb2NrLw0AAABMb2NrRGlyZWN0b3J5'#m" $FIRSTCONFFILE
fi
exit 0

2
build/lemonldap-ng/debian/liblemonldap-ng-conf-perl.templates
View File

@ -38,7 +38,7 @@ Default: http://auth.example.com/
Description: Lemonldap::NG portal
Set here the Lemonldap::NG portal URL.
You can modify this value later using the Lemonldap::NG manager.
Description-fr: Port du serveur LDAP
Description-fr: Portail Lemonldap::NG
Indiquez ici l'URL du portail Lemonldap::NG.
Vous pourrez modifier cette valeur ultérieurement dans le gestionnaire
Lemonldap::NG.

1
build/lemonldap-ng/debian/liblemonldap-ng-handler-perl.dirs
View File

@ -1,3 +1,4 @@
/usr/share
/var/lib/lemonldap-ng/handler
/var/lib/lemonldap-ng/sessions
/var/lib/lemonldap-ng/sessions/lock

5
build/lemonldap-ng/debian/liblemonldap-ng-handler-perl.postinst
View File

@ -13,8 +13,9 @@ then
perl -000 -pe 's/(configStorage\s*=>\s*){[^}]+}/$1\$Lemonldap::NG::Conf::configStorage/;
s#^use#\nrequire "/usr/share/lemonldap-ng/configStorage.pm";\nuse#m;' \
$EXAMPLEHANDLERFILE >$HANDLERFILE
chmod 770 $SESSIONSDIR;
chown www-data.www-data $SESSIONSDIR;
chmod 770 $SESSIONSDIR
chmod 770 $SESSIONSDIR/lock
chown -R www-data.www-data $SESSIONSDIR
fi

2
build/lemonldap-ng/debian/liblemonldap-ng-portal-perl.cron.d
View File

@ -1,4 +1,4 @@
#
# Regular cron jobs for the Lemonldap::NG portal
#
*/10 * * * * www-data test -x /usr/share/lemonldap-ng/bin/purgeCentralCache
*/10 * * * * www-data test -x /usr/share/lemonldap-ng/bin/purgeCentralCache && /usr/share/lemonldap-ng/bin/purgeCentralCache

1
build/lemonldap-ng/debian/liblemonldap-ng-portal-perl.dirs
View File

@ -2,3 +2,4 @@
/usr/share/lemonldap-ng/bin
/var/lib/lemonldap-ng/portal
/var/lib/lemonldap-ng/sessions
/var/lib/lemonldap-ng/sessions/lock

5
build/lemonldap-ng/debian/liblemonldap-ng-portal-perl.postinst
View File

@ -21,8 +21,9 @@ then
$EXAMPLECLEANERFILE >$CLEANERFILE
chmod +x $PORTALFILE
chmod +x $CLEANERFILE
chmod 770 $SESSIONSDIR;
chown www-data.www-data $SESSIONSDIR;
chmod 770 $SESSIONSDIR
chmod 770 $SESSIONSDIR/lock
chown -R www-data.www-data $SESSIONSDIR
fi

438
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Help.pm
View File

@ -2,7 +2,7 @@ package Lemonldap::NG::Manager::Help;
use AutoLoader qw(AUTOLOAD);
use UNIVERSAL qw(can);
our $VERSION = '0.32';
our $VERSION = '0.33';
sub import {
my ($caller_package) = caller;
@ -18,19 +18,104 @@ sub import {
}
}
$l ||= "en";
foreach $h (qw(virtualHosts groups ldap vars storage macros authParams
cookieName domain)) {
foreach $h (qw(authParams cookieName domain groups ldap macros storage vars
whatToTrace virtualHosts)) {
*{"${caller_package}::help_$h"} = \&{"help_${h}_$l"};
}
}
# TODO: Help in English
1;
__END__
=pod
=cut
sub help_authParams_en {
print <<EOT;
<h3>Authentication Parameters</h3>
<dl>
<dt> Authentication type </dt>
<dd> By default,Lemonldap::NG uses ldap authentication scheme. You can change
this by 'SSL' for example.</dd>
<dt> Portal </dt>
<dd> Set here the URL used to authenticate users (portal). The portal has to
inherits from Lemonldap::NG::Portal::SharedConf.</dd>
<dt> Secured cookie (SSL) </dt>
<dd> An authenticated user is known by his cookie. If all (virtual) hosts use
HTTPS, set this value to 1 so the cookie will be protected and will not be
transmitted unless https is used.</dd>
</dl>
EOT
}
sub help_authParams_fr {
print <<EOT;
<h3>Param&egrave;tres d'authentification</h3>
<dl>
<dt> Type d'authentification </dt>
<dd> Le sch&eacute;ma classique d'authentification Lemonldap;;NG consiste &agrave; utiliser une
authentification par LDAP. Vous pouvez changer ceci en "SSL" par exemple.</dd>
<dt> Portail </dt>
<dd> Indiquez ici l'URL ou seront renvoy&eacute;s les utilisateurs non authentifi&eacute;s.
Cette URL doit bien sur correspondre &agrave; un portail utilisant
Lemonldap::NG::Portal::SharedConf.</dd>
<dt> Cookie s&eacute;curis&eacute; (SSL) </dt>
<dd> Une fois authentifi&eacute;, l'utilisateur est reconnu par son cookie. Si tous
les h&ocirc;tes virtuels de votre domaine son prot&eacute;g&eacute;s par SSL, mettez cette option
&agrave; 1, ainsi le cookie ne sera pr&eacute;sent&eacute; par le navigateur qu'aux sites prot&eacute;g&eacute;s,
ce qui &eacute;vite un vol de session.</dd>
</dl>
EOT
}
sub help_cookieName_en {
print <<EOT;
<h3>Cookie Name</h3>
<p> Set here the name of the cookie ('lemonldap' by default).<br>
WARNING, any change here needs to restart all the Apache servers that use
a Lemonldap::NG::Handler.</p>
EOT
}
sub help_cookieName_fr {
print <<EOT;
<h3>Nom de cookie</h3>
<p> Indiquez ici le nom du cookie ('lemonldap' par d&eacute;faut).<br>
ATTENTION, tout changement n&eacute;cessite le red&eacute;marrage de tous les serveurs Apache
h&eacute;bergeant des agents de protection Lemonldap::NG::Handler.</p>
EOT
}
sub help_domain_en {
print <<EOT;
<h3>Protected domain</h3>
<p> Set here the main domain (or sub-domain) protected by Lemonldap::NG. If you
use "Cross domain authentication", set here the domain of the portal.<br>
WARNING : all the virtual hosts that are not under the same domain than the
portal must be protected by handlers that inherits from
Lemonldap::NG::Handler::CDA and if such handlers exist, you have to use
Lemonldap::NG::Portal::CDA.
EOT
}
sub help_domain_fr {
print <<EOT;
<h3>Domaine prot&eacute;g&eacute;</h3>
<p> Indiquez ici le nom du domaine (ou du sous-domaine) contenant vos
applications &agrave; prot&eacute;ger. Si vous utilisez le "Cross domain
authentication", indiquez ici le domaine du portail<br>
ATTENTION : tous les h&ocirc;tes virtuels prot&eacute;g&eacute;s ne se trouvant
pas dans le m&ecirc;me domaine que le portail doivent &ecirc;tre prot&eacute;g&eacute;s par un agent
h&eacute;ritant de Lemonldap::NG::Handler::CDA et si un seul de ces agents est
utilis&eacute;, le portail doit &ecirc;tre de type Lemonldap::NG::Portal::CDA.
EOT
}
sub help_groups_en {
print <<EOT;
<h3>User Groups</h3>
@ -95,6 +180,154 @@ noms de groupe pour lesquels l'expression est vraie).</p>
EOT
}
sub help_ldap_en {
print <<EOT;
<h3>LDAP Parameters</h3>
<p>LDAP parameters are used to identify users. They must be set even if
authentication is done by another system (SSL for example).</p>
<ul>
<li>LDAP base : required (except if your server accepts the requests without
base). Example&nbsp;:
<pre> dc=example, dc=com </pre></li>
<li>LDAP server port : 389 by default&nbsp;;</li>
<li>LDAP server : Name (or IP address) of the LDAP server. To use LDAPS, set
here&nbsp;:
<pre> ldaps://server/</pre>
and don't forget to change port (636 for example)</li>
<li>LDAP account : optional, must be set if anonymous connection cannot
access to the wanted LDAP attributes. This account is used before LDAP
authentication to find user's dn&nbsp;;
</li>
<li>LDAP password : password corresponding to the account above.
</ul>
EOT
}
sub help_ldap_fr {
print <<EOT;
<h3>Param&egrave;tres LDAP</h3>
<p> Les param&egrave;tres LDAP servent &agrave; identifier les utilisateurs.
Ils doivent &ecirc;tre renseign&eacute;s m&ecirc;me si l'authentification est
r&eacute;alis&eacute;e par un autre moyen (SSL par exemple).</p>
<ul>
<li>Base de recherche LDAP : obligatoire (&agrave; moins que votre serveur LDAP
accepte les requ&ecirc;tes sans base). Exemple&nbsp;:
<pre> dc=example, dc=com </pre></li>
<li>Port du serveur LDAP : 389 par d&eacute;faut&nbsp;;</li>
<li>Serveur LDAP : Nom (ou adresse IP) du serveur LDAP. Pour une connexion
LDAPS, indiquez ici&nbsp;:
<pre> ldaps://server/</pre>
et n'oubliez pas de changer le port (636 en g&eacute;n&eacute;ral)</li>
<li>Compte de connexion LDAP : optionnel, &agrave; renseigner si les attributs LDAP
utilis&eacute;s ne sont pas accessibles par une session anonyme. Ce compte est
utilis&eacute; avant l'authentification pour trouver le dn de l'utilisateur&nbsp;;
</li>
<li>Mot de passe LDAP : mot de passe correspondant au compte ci-dessus.
</ul>
EOT
}
sub help_macros_en {
print <<EOT;
<h3>Macros</h3>
<p> Macros are used to add new variables to user variables attributes). Those
new variables are calculated from other variables issued from LDAP attributes.
This mechanism avoid to do more than one time the same operation in the
authentication phase. Example&nbsp;:</p>
<pre>
# macros
long_name => \$givenname . " " . \$surname
admin => \$uid eq "foo" or \$uid eq "bar"
# test.example.com - Headers
Name => \$long_name
# test.example.com - Rules
^/admin/ => \$admin
EOT
}
sub help_macros_fr {
print <<EOT;
<h3>Macros</h3>
<p> Les macros permettent d'ajouter des variables calcul&eacute;es &agrave;
partir des attributs LDAP (variables export&eacute;es). Elles &eacute;vitent
de r&eacute;p&eacute;ter le m&ecirc;me calcul plusieurs fois dans la phase
d'authentification. Exemple&nbsp;:</p>
<pre>
# macros
nom_complet => \$givenname . " " . \$surname
admin => \$uid eq "foo" or \$uid eq "bar"
# test.example.com - En-t&ecirc;tes
Nom => \$nom_complet
# test.example.com - R&egrave;gles
^/admin/ => \$admin
EOT
}
sub help_storage_en {
print <<EOT;
<h3>Sessions Storage</h3>
<p> Lemonldap::NG sessions storage works with modules that inherits from
Apache::Session. You have to set here the choosen module and add the
corresponding parameters&nbsp;:</p>
<p>Examples :</p>
<ul>
<li>Module =&gt; Apache::Session::File, <br>options :
<ul>
<li> Directory =&gt; /var/cache/lemonldap</li>
</ul>
</li>
<li>Module =&gt; Apache::Session::MySQL, <br>options :
<ul>
<li> DataSource =&gt; DBI:mysql:database=lemon;host=1.2.3.4</li>
<li> UserName =&gt; Lemonldap
<li> Password =&gt; mypass
<li> timeout =&gt; 7200
</ul>
</li>
</ul>
<p>
<b>Note</b>&nbsp;: if you use <tt><b>purgeCentralCache</b></tt> script provided
in the portal sources (to use in crontab), you can set the <b>timeout</b>
parameter to manage sessions end (7200 secondes by default).
</p>
EOT
}
sub help_storage_fr {
print <<EOT;
<h3>Stockage des sessions</h3>
<p> Le stockage des sessions Lemonldap::NG est r&eacute;alis&eacute; au travers des modules
h&eacute;rit&eacute;s de Apache::Session. Vous devez indiquer ici le module choisi et
indiquer les param&egrave;tres correspondants &agrave; ce module&nbsp;:</p>
<p>Exemples :</p>
<ul>
<li>Module =&gt; Apache::Session::File, <br>options :
<ul>
<li> Directory =&gt; /var/cache/lemonldap</li>
</ul>
</li>
<li>Module =&gt; Apache::Session::MySQL, <br>options :
<ul>
<li> DataSource =&gt; DBI:mysql:database=lemon;host=1.2.3.4</li>
<li> UserName =&gt; Lemonldap
<li> Password =&gt; mypass
<li> timeout =&gt; 7200
</ul>
</li>
</ul>
<p>
<b>Note</b>&nbsp;: si vous utilisez le script <tt><b>purgeCentralCache</b></tt>
fourni dans les sources du portail (&agrave; mettre en crontab), vous pouvez ajouter
le param&egrave;tre <b>timeout</b> pour g&eacute;rer la destruction des sessions (7200
secondes par d&eacute;faut).
</p>
EOT
}
sub help_vars_en {
print <<EOT;
<h3>Variables (LDAP attributes)</h3>
@ -137,58 +370,6 @@ pr&eacute;c&eacute;der du signe '\$'. Exemple&nbsp;:
EOT
}
sub help_authParams_en {
print <<EOT;
<h3>Authentication Parameters</h3>
This help chapter does not exist in english. If you want to help us, you can
edit lib/Lemonldap/NG/Manager/Help.pm in lemonldap-ng source tree and send us
your contribution.<br>
Thanks.
EOT
}
sub help_authParams_fr {
print <<EOT;
<h3>Param&egrave;tres d'authentification</h3>
<dl>
<dt> Type d'authentification </dt>
<dd> Le sch&eacute;ma classique d'authentification Lemonldap consiste &agrave; utiliser une
authentification par LDAP. Vous pouvez changer ceci en ssl par exemple.</dd>
<dt> Portail </dt>
<dd> Indiquez ici l'URL ou seront renvoy&eacute;s les utilisateurs non authentifi&eacute;s.
Cette URL doit bien sur correspondre &agrave; un portail utilisant
Lemonldap::NG::Portal::SharedConf.</dd>
<dt> Cookie s&eacute;curis&eacute; (SSL) </dt>
<dd> Une fois authentifi&eacute;, l'utilisateur est reconnu par son cookie. Si tous
les h&ocirc;tes virtuels de votre domaine son prot&eacute;g&eacute;s par SSL, mettez cette option
&agrave; 1, ainsi le cookie ne sera pr&eacute;sent&eacute; par le navigateur qu'aux sites prot&eacute;g&eacute;s,
ce qui &eacute;vite un vol de session.
</dl>
EOT
}
sub help_domain_en {
print <<EOT;
<h3>Protected domain</h3>
This help chapter does not exist in english. If you want to help us, you can
edit lib/Lemonldap/NG/Manager/Help.pm in lemonldap-ng source tree and send us
your contribution.<br>
Thanks.
EOT
}
sub help_domain_fr {
print <<EOT;
<h3>Domaine prot&eacute;g&eacute;</h3>
<p> Indiquez ici le nom du domaine (ou du sous-domaine) contenant vos
applications &agrave; prot&eacute;ger.<br>
ATTENTION : tous les h&ocirc;tes virtuels prot&eacute;g&eacute;s ainsi que le portail
d'authentification doivent se trouver dans ce domaine.
EOT
}
sub help_virtualHosts_en {
print <<EOT;
<h3>Virtual Hosts</h3>
@ -281,143 +462,20 @@ comme suit&nbsp;: <tt>&lt;nom de l'en-t&ecirc;te&gt; =&gt; &lt;expression Perl&g
EOT
}
sub help_macros_en {
sub help_whatToTrace_en {
print <<EOT;
<h3>Macros</h3>
<p> Macros are used to add new variables to user variables attributes). Those
new variables are calculated from other variables issued from LDAP attributes.
This mechanism avoid to do more than one time the same operation in the
authentication phase. Example&nbsp;:</p>
<pre>
# macros
long_name => \$givenname . " " . \$surname
admin => \$uid eq "foo" or \$uid eq "bar"
# test.example.com - Headers
Name => \$long_name
# test.example.com - Rules
^/admin/ => \$admin
<h3>What to log in Apache</h3>
<p> Set here le name of the variable (attribute) or macro that has to be used
in proected application Apache logs (don't forget "\$"). By default&nbsp;:
\$uid</p>
EOT
}
sub help_macros_fr {
sub help_whatToTrace_fr {
print <<EOT;
<h3>Macros</h3>
<p> Les macros permettent d'ajouter des variables calcul&eacute;es &agrave;
partir des attributs LDAP (variables export&eacute;es). Elles &eacute;vitent
de r&eacute;p&eacute;ter le m&ecirc;me calcul plusieurs fois dans la phase
d'authentification. Exemple&nbsp;:</p>
<pre>
# macros
nom_complet => \$givenname . " " . \$surname
admin => \$uid eq "foo" or \$uid eq "bar"
# test.example.com - En-t&ecirc;tes
Nom => \$nom_complet
# test.example.com - R&egrave;gles
^/admin/ => \$admin
EOT
}
sub help_ldap_en {
print <<EOT;
<h3>LDAP Parameters</h3>
<p>LDAP parameters are used to identify users. They must be set even if
authentication is done by another system (SSL for example).</p>
<ul>
<li>LDAP base : required (except if your server accepts the requests without
base). Example&nbsp;:
<pre> dc=example, dc=com </pre></li>
<li>LDAP server port : 389 by default&nbsp;;</li>
<li>LDAP server : Name (or IP address) of the LDAP server. To use LDAPS, set
here&nbsp;:
<pre> ldaps://server/</pre>
and don't forget to change port (636 for example)</li>
<li>LDAP account : optional, must be set if anonymous connection cannot
access to the wanted LDAP attributes. This account is used before LDAP
authentication to find user's dn&nbsp;;
</li>
<li>LDAP password : password corresponding to the account above.
</ul>
EOT
}
sub help_ldap_fr {
print <<EOT;
<h3>Param&egrave;tres LDAP</h3>
<p> Les param&egrave;tres LDAP servent &agrave; identifier les utilisateurs.
Ils doivent &ecirc;tre renseign&eacute;s m&ecirc;me si l'authentification est
r&eacute;alis&eacute;e par un autre moyen (SSL par exemple).</p>
<ul>
<li>Base de recherche LDAP : obligatoire (&agrave; moins que votre serveur LDAP
accepte les requ&ecirc;tes sans base). Exemple&nbsp;:
<pre> dc=example, dc=com </pre></li>
<li>Port du serveur LDAP : 389 par d&eacute;faut&nbsp;;</li>
<li>Serveur LDAP : Nom (ou adresse IP) du serveur LDAP. Pour une connexion
LDAPS, indiquez ici&nbsp;:
<pre> ldaps://server/</pre>
et n'oubliez pas de changer le port (636 en général)</li>
<li>Compte de connexion LDAP : optionnel, &agrave; renseigner si les attributs LDAP
utilis&eacute;s ne sont pas accessibles par une session anonyme. Ce compte est
utilis&eacute; avant l'authentification pour trouver le dn de l'utilisateur&nbsp;;
</li>
<li>Mot de passe LDAP : mot de passe correspondant au compte ci-dessus.
</ul>
EOT
}
sub help_storage_en {
print <<EOT;
<h3>Sessions Storage</h3>
This help chapter does not exist in english. If you want to help us, you can
edit lib/Lemonldap/NG/Manager/Help.pm in lemonldap-ng source tree and send us
your contribution.<br>
Thanks.
EOT
}
sub help_storage_fr {
print <<EOT;
<h3>Stockage des sessions</h3>
<p> Le stockage des sessions Lemonldap::NG est r&eacute;alis&eacute; au travers des modules
h&eacute;rit&eacute;s de Apache::Session. Vous devez indiquer ici le module choisi et
indiquer les param&egrave;tres correspondants &agrave; ce module&nbsp;:</p>
<p>Exemples :</p>
<ul>
<li>Module =&gt; Apache::Session::File, <br>options :
<ul>
<li> Directory =&gt; /var/cache/lemonldap</li>
</ul>
</li>
<li>Module =&gt; Apache::Session::MySQL, <br>options :
<ul>
<li> DataSource =&gt; DBI:mysql:database=lemon;host=1.2.3.4</li>
<li> UserName =&gt; Lemonldap
<li> Password =&gt; mypass
</ul>
</li>
</ul>
EOT
}
sub help_cookieName_en {
print <<EOT;
<h3>Cookie Name</h3>
This help chapter does not exist in english. If you want to help us, you can
edit lib/Lemonldap/NG/Manager/Help.pm in lemonldap-ng source tree and send us
your contribution.<br>
Thanks.
EOT
}
sub help_cookieName_fr {
print <<EOT;
<h3>Nom de cookie</h3>
<p> Indiquez ici le nom du cookie ('lemonldap' par d&eacute;faut).<br>
ATTENTION, tout changement n&eacute;cessite le red&eacute;marrage de tous les serveurs Apache
h&eacute;bergeant des agents de protection Lemonldap::NG::Handler.</p>
<h3>Donnée à journaliser dans Apache</h3>
<p> Indiquez ici le nom de la variable (attribut) ou de la macro qui doit être
utilisée pour alimenter les journaux Apache des applications protégées
(n'oubliez pas le "\$"). Par défaut&nbsp;: \$uid</p>
EOT
}

5
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/_HTML.pm
View File

@ -8,7 +8,7 @@ use AutoLoader qw(AUTOLOAD);
require Lemonldap::NG::Manager::_i18n;
use Lemonldap::NG::Manager::Conf::Constants;
our $VERSION = '0.25';
our $VERSION = '0.26';
# TODO: Delete buttons in headers and rules if 'read-only'
@ -172,6 +172,9 @@ function onNodeSelect(nodeId) {
but+=button('$text{newGroup}','newGroup',nodeId);
help('groups');
}
else if(nodeIs(nodeId,"whatToTrace")){
help('whatToTrace');
}
else if(nodeIs(nodeId,"generalParameters")){
if(nodeIs(nodeId,"ldapParameters")){
help('ldap');