dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update doc

Browse Source
This commit is contained in:
Xavier Guimard 2018-05-17 21:42:46 +02:00
parent af138325fa
commit a8cdb046da
38 changed files with 8459 additions and 7696 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
doc/pages/documentation/current/applications/img/icons.png
View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=b1ead7f504050dc6ea4ebced99caf5c1" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=5e53528a309f1afd578fccb6a5f04cf7" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -220,7 +220,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1526412059" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1526585770" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

4
doc/pages/documentation/current/applications/img/loader.gif
View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=b1ead7f504050dc6ea4ebced99caf5c1" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=5e53528a309f1afd578fccb6a5f04cf7" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -220,7 +220,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1526412059" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1526585770" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

12
doc/pages/documentation/current/checkstate.html
View File

@ -66,25 +66,25 @@ Just enable it in the manager (section “plugins”). You <em class="u">must</e
<div class="level2">
<p>
When enabled, <code>/checkstate</code> <abbr title="Uniform Resource Locator">URL</abbr> path is handled by this plugin. It can be called only by an unauthenticated request. GET parameters:
When enabled, <code>/checkstate</code> <abbr title="Uniform Resource Locator">URL</abbr> path is handled by this plugin. GET parameters:
</p>
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Parameter </th><th class="col1 leftalign"> </th><th class="col2 centeralign"> Value </th>
<th class="col0 centeralign"> GET Parameter </th><th class="col1 centeralign"> Need </th><th class="col2 centeralign"> Value </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> secret </td><td class="col1 centeralign"> required </td><td class="col2"> Same value as the shared secret given to the manager </td>
<td class="col0 centeralign"> <code>secret</code> </td><td class="col1 centeralign"> required </td><td class="col2"> Same value as the shared secret given to the manager </td>
</tr>
<tr class="row2 roweven">
<td class="col0 centeralign"> user </td><td class="col1 centeralign"> optional </td><td class="col2"> If set (with password), a login/logout process will be tried </td>
<td class="col0 centeralign"> <code>user</code> </td><td class="col1 centeralign"> optional </td><td class="col2" rowspan="2"> If set (with password), a login/logout process will be tried </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> password </td><td class="col1 centeralign"> optional </td><td class="col2 leftalign"> </td>
<td class="col0 centeralign"> <code>password</code> </td><td class="col1 centeralign"> optional </td>
</tr>
</table></div>
<!-- EDIT4 TABLE [466-693] -->
<!-- EDIT4 TABLE [413-667] -->
<p>
Example: <code><a href="https://auth.example.com/checkstate?secret=qwerty&amp;user=dwho&amp;password=dwho" class="urlextern" title="https://auth.example.com/checkstate?secret=qwerty&amp;user=dwho&amp;password=dwho" rel="nofollow">https://auth.example.com/checkstate?secret=qwerty&amp;user=dwho&amp;password=dwho</a></code>
</p>

14
doc/pages/documentation/current/cli_examples.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:cli_examples</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,cli_examples"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="cli_examples.html"/>
@ -298,7 +298,13 @@ In this example we have:
</li>
<li class="level1"><div class="li"> Client secret : testclientsecret</div>
</li>
<li class="level1"><div class="li"> Allowed redirection <abbr title="Uniform Resource Locator">URL</abbr>: <a href="https://testrp.e-serv.ch/?callback=1" class="urlextern" title="https://testrp.e-serv.ch/?callback=1" rel="nofollow">https://testrp.e-serv.ch/?callback=1</a></div>
<li class="level1"><div class="li"> Allowed redirection <abbr title="Uniform Resource Locator">URL</abbr>:</div>
<ul>
<li class="level2"><div class="li"> For login: <a href="https://testrp.example.com/?callback=1" class="urlextern" title="https://testrp.example.com/?callback=1" rel="nofollow">https://testrp.example.com/?callback=1</a></div>
</li>
<li class="level2"><div class="li"> For logout: <a href="https://testrp.example.com/" class="urlextern" title="https://testrp.example.com/" rel="nofollow">https://testrp.example.com/</a></div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> Exported attributes:</div>
<ul>
@ -325,12 +331,12 @@ In this example we have:
<li class="level1"><div class="li"> Redirection:</div>
</li>
</ul>
<pre class="code">/usr/share/lemonldap-ng/bin/lemonldap-ng-cli -yes 1 addKey oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsRedirectUris &#039;https://testrp.e-serv.ch/?callback=1&#039;</pre>
<pre class="code">/usr/share/lemonldap-ng/bin/lemonldap-ng-cli -yes 1 addKey oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsRedirectUris &#039;https://testrp.example.com/?callback=1&#039; oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsPostLogoutRedirectUris &#039;https://testrp.example.com/&#039;</pre>
<ul>
<li class="level1"><div class="li"> Signature and token expiration:</div>
</li>
</ul>
<pre class="code">/usr/share/lemonldap-ng/bin/lemonldap-ng-cli -yes 1 addKey oidcRPMetaDataOptions/idm oidcRPMetaDataOptionsIDTokenSignAlg RS512 oidcRPMetaDataOptions/idm oidcRPMetaDataOptionsIDTokenExpiration 3600 oidcRPMetaDataOptions/idm oidcRPMetaDataOptionsAccessTokenExpiration 3600</pre>
<pre class="code">/usr/share/lemonldap-ng/bin/lemonldap-ng-cli -yes 1 addKey oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsIDTokenSignAlg RS512 oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsIDTokenExpiration 3600 oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsAccessTokenExpiration 3600</pre>
</div>
<!-- EDIT9 SECTION "Register an OpenID Connect Relying Party" [7670-] --></div>

12
doc/pages/documentation/current/configapache.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:configapache</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,configapache"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="configapache.html"/>
@ -46,13 +46,13 @@
<h1 class="sectionedit1" id="deploy_apache_configuration">Deploy Apache configuration</h1>
<div class="level1">
<div class="noteclassic">This step should already have been if you installed <abbr title="LemonLDAP::NG">LL::NG</abbr> with packages.
<div class="noteclassic">This step should have been already done if you installed <abbr title="LemonLDAP::NG">LL::NG</abbr> with packages.
</div>
</div>
<!-- EDIT1 SECTION "Deploy Apache configuration" [1-131] -->
<!-- EDIT1 SECTION "Deploy Apache configuration" [1-136] -->
<h2 class="sectionedit2" id="files">Files</h2>
<div class="level2">
<div class="noteimportant">Apache-ModPerl is no longer usable since version 2.4 <em>(many segfaults,…)</em>. No problem for portal and manager since they are now handle by FastCGI.
<div class="noteimportant">Apache-ModPerl is no longer usable since 2.4 version <em>(many segfaults,…)</em>. No problem for portal and manager since they are now handled by FastCGI.
<p>
<strong>But for handlers, please use <a href="confignginx.html" class="wikilink1" title="documentation:2.0:confignginx">Nginx</a> !</strong>
</p>
@ -82,7 +82,7 @@ a2ensite test-apache2.conf</pre>
</div>
</div>
<!-- EDIT2 SECTION "Files" [132-1156] -->
<!-- EDIT2 SECTION "Files" [137-1162] -->
<h2 class="sectionedit3" id="modules">Modules</h2>
<div class="level2">
@ -104,6 +104,6 @@ You will also need to load some Apache modules:
</div>
</div>
<!-- EDIT3 SECTION "Modules" [1157-] --></div>
<!-- EDIT3 SECTION "Modules" [1163-] --></div>
</body>
</html>

12
doc/pages/documentation/current/handlerarch.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:handlerarch</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,handlerarch"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="handlerarch.html"/>
@ -44,14 +44,14 @@
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="handler_architecture">Handler architecture</h1>
<h1 class="sectionedit1" id="handler_libraries_architecture">Handler libraries architecture</h1>
<div class="level1">
<p>
Handlers are build on rows of modules:
</p>
<ul>
<li class="level1"><div class="li"> Applications or launchers that get the request and choose the good type <em>(Main, AuthBasic, ZimbraPreAuth,…)</em> and launch it <em>(may not inherits of other Handler::* modules)</em></div>
<li class="level1"><div class="li"> Applications or launchers that get the request and choose the right type <em>(Main, AuthBasic, ZimbraPreAuth,…)</em> and launch it <em>(may not inherits from other Handler::* modules)</em></div>
</li>
<li class="level1"><div class="li"> Wrappers that call “type” library and platform “Main” <em>(may all inherits from Platform::Main)</em></div>
</li>
@ -62,7 +62,7 @@ Handlers are build on rows of modules:
</ul>
</div>
<!-- EDIT1 SECTION "Handler architecture" [1-452] -->
<!-- EDIT1 SECTION "Handler libraries architecture" [1-465] -->
<h2 class="sectionedit2" id="overview_of_handler_packages">Overview of Handler packages</h2>
<div class="level2">
<div class="table sectionedit3"><table class="inline table table-bordered table-striped">
@ -84,7 +84,7 @@ Handlers are build on rows of modules:
<td class="col0 centeralign" colspan="2"> PSGI </td><td class="col2 centeralign"> PSGI::&lt;type&gt; </td>
</tr>
</table></div>
<!-- EDIT3 TABLE [495-753] -->
<!-- EDIT3 TABLE [508-766] -->
<p>
Types are:
</p>
@ -102,6 +102,6 @@ Types are:
</ul>
</div>
<!-- EDIT2 SECTION "Overview of Handler packages" [453-] --></div>
<!-- EDIT2 SECTION "Overview of Handler packages" [466-] --></div>
</body>
</html>

18
doc/pages/documentation/current/handlerauthbasic.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:handlerauthbasic</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,handlerauthbasic"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="handlerauthbasic.html"/>
@ -70,25 +70,25 @@
<div class="level2">
<p>
The AuthBasic Handler is a special Handler that will us AuthBasic to authenticate to a virtual host, and then play authorizations rules to allow access to the virtual
The AuthBasic Handler is a special Handler that will use AuthBasic to authenticate to a virtual host, and then run authorization rules to allow access to the virtual
host.
</p>
<p>
The Handler will send a WWW-Authenticate header to the client, to request user and password, and then check the credentials using REST web service (you must enable REST session service in the manager). When session is granted, the Handler will then check the authorizations like the standard Handler.
The Handler will send a WWW-Authenticate header to the client, to request user and password, and then check the credentials using REST web service (you must enable REST session service in the manager). Then, when session is granted, the Handler will check authorizations like the standard Handler.
</p>
<p>
This can be useful to allow an third party application to access a virtual host with users credentials by sending a Basic challenge to it.
This can be useful to allow a third party application to access a virtual host with users credentials by sending a Basic challenge to it.
</p>
</div>
<!-- EDIT2 SECTION "Presentation" [34-677] -->
<!-- EDIT2 SECTION "Presentation" [34-672] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div>
<!-- EDIT3 SECTION "Configuration" [678-704] -->
<!-- EDIT3 SECTION "Configuration" [673-699] -->
<h3 class="sectionedit4" id="virtual_host">Virtual host</h3>
<div class="level3">
@ -107,7 +107,7 @@ If you want to protect only a virtualHost part, keep type on “Main” and set
</ul>
</div>
<!-- EDIT4 SECTION "Virtual host" [705-1095] -->
<!-- EDIT4 SECTION "Virtual host" [700-1090] -->
<h3 class="sectionedit5" id="nginx">Nginx</h3>
<div class="level3">
@ -144,7 +144,7 @@ location / {
}</pre>
</div>
<!-- EDIT5 SECTION "Nginx" [1096-2119] -->
<!-- EDIT5 SECTION "Nginx" [1091-2114] -->
<h3 class="sectionedit6" id="handler_parameters">Handler parameters</h3>
<div class="level3">
@ -153,6 +153,6 @@ No parameters needed. But you have to allow sessions web services, see <a href="
</p>
</div>
<!-- EDIT6 SECTION "Handler parameters" [2120-] --></div>
<!-- EDIT6 SECTION "Handler parameters" [2115-] --></div>
</body>
</html>

2
doc/pages/documentation/current/logs.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:logs</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,logs"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="logs.html"/>

10
doc/pages/documentation/current/nodehandler.html
View File

@ -88,7 +88,7 @@ Up-to-date documentation is available on GitHub.
</li>
<li class="level1"><div class="li"> Multi-lines are not supported in lemonldap-ng.ini</div>
</li>
<li class="level1"><div class="li"> Virtualhosts handled by node-lemonldap-ng-handler must be explicitly declared in you <code>lemonldap-ng.ini</code> file in <code>[node-handler]</code> section <em>(<strong>NB</strong>: section <code>[handler]</code> isn&#039;t used by node handler)</em>:</div>
<li class="level1"><div class="li"> Virtualhosts handled by node-lemonldap-ng-handler must be explicitly declared in your <code>lemonldap-ng.ini</code> file in <code>[node-handler]</code> section <em>(<strong>NB</strong>: section <code>[handler]</code> isn&#039;t used by node handler)</em>:</div>
</li>
</ul>
<pre class="code ini"><span class="re0"><span class="br0">&#91;</span>node-handler<span class="br0">&#93;</span></span>
@ -96,7 +96,7 @@ Up-to-date documentation is available on GitHub.
<span class="re1">nodeVhosts</span> <span class="sy0">=</span><span class="re2"> test.example.com, test2.example.com</span></pre>
</div>
<!-- EDIT2 SECTION "Examples" [210-730] -->
<!-- EDIT2 SECTION "Examples" [210-731] -->
<h3 class="sectionedit3" id="use_it_as_fastcgi_server_application_protection_only">Use it as FastCGI server (application protection only)</h3>
<div class="level3">
@ -142,7 +142,7 @@ handler.<span class="me1">nginxServer</span><span class="br0">&#40;</span><span
# Keep original hostname
fastcgi_param HOST $http_host;
&nbsp;
# Keep original request (LLNG server will received /llauth)
# Keep original request (LLNG server will received /lmauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
&nbsp;
@ -158,7 +158,7 @@ handler.<span class="me1">nginxServer</span><span class="br0">&#40;</span><span
</dd></dl>
</div>
<!-- EDIT3 SECTION "Use it as FastCGI server (application protection only)" [731-1912] -->
<!-- EDIT3 SECTION "Use it as FastCGI server (application protection only)" [732-1913] -->
<h3 class="sectionedit4" id="use_it_to_protect_an_express_app">Use it to protect an express app</h3>
<div class="level3">
<dl class="file">
@ -188,6 +188,6 @@ app.<span class="me1">listen</span><span class="br0">&#40;</span><span class="nu
</dd></dl>
</div>
<!-- EDIT4 SECTION "Use it to protect an express app" [1913-] --></div>
<!-- EDIT4 SECTION "Use it to protect an express app" [1914-] --></div>
</body>
</html>

2
doc/pages/documentation/current/parameterlist.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:parameterlist</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,parameterlist"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="parameterlist.html"/>

228
doc/pages/documentation/current/platformsoverview.html Normal file
View File

@ -0,0 +1,228 @@
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:platformsoverview</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,platformsoverview"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="platformsoverview.html"/>
<link rel="contents" href="platformsoverview.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:platformsoverview","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script>
<!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#portalmanager_installation">Portal/Manager installation</a></div></li>
<li class="level1"><div class="li"><a href="#application_protection_overview">Application protection overview</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#handler_integration">Handler integration</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#direct_application_mode">Direct Application Mode</a></div></li>
<li class="level3"><div class="li"><a href="#reverseproxy_mode">ReverseProxy Mode</a></div></li>
</ul>
</li>
<li class="level2"><div class="li"><a href="#external_servers_for_nginx">External servers for Nginx</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#fastcgi">FastCGI</a></div></li>
<li class="level3"><div class="li"><a href="#uwsgi">uWSGI</a></div></li>
</ul></li>
</ul></li>
</ul>
</div>
</div>
<!-- TOC END -->
<h1 class="sectionedit1" id="platforms_overview">Platforms overview</h1>
<div class="level1">
<p>
LLNG is able to use different web servers to provide its services. Here is a resume of all possibilities. We recommend:
</p>
<ul>
<li class="level1"><div class="li"> For installations subject to small/medium load: Nginx with our default FastCGI server, or Apache <em>(with mpm_prefork engine)</em></div>
</li>
<li class="level1"><div class="li"> For heavily loaded installation: Nginx. The choice for <a href="#external_servers_for_nginx" title="documentation:2.0:platformsoverview ↵" class="wikilink1">FastCGI server engine</a> depends on the behavior of your users</div>
</li>
</ul>
</div>
<!-- EDIT1 SECTION "Platforms overview" [1-437] -->
<h2 class="sectionedit2" id="portalmanager_installation">Portal/Manager installation</h2>
<div class="level2">
<p>
Since 2.0, both portal and manager are native FastCGI applications. They can be used on any web server that can dial with a FastCGI server. Some examples:
</p>
<div class="table sectionedit3"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> </th><th class="col1 centeralign" colspan="2"> Apache </th><th class="col3 centeralign"> Nginx </th><th class="col4 centeralign"> Plack servers family </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <strong>Engines</strong> </td><td class="col1 centeralign" colspan="2"> <a href="https://httpd.apache.org/mod_fcgid/" class="urlextern" title="https://httpd.apache.org/mod_fcgid/" rel="nofollow">mod_fcgid</a> or <a href="http://www.fastcgi.com/" class="urlextern" title="http://www.fastcgi.com/" rel="nofollow">mod_fastcgi</a> </td><td class="col3 centeralign"> <a href="#external_servers_for_nginx" title="documentation:2.0:platformsoverview ↵" class="wikilink1">FastCGI/uWSGI server</a> </td><td class="col4 centeralign"> Any <a href="https://plackperl.org" class="urlextern" title="https://plackperl.org" rel="nofollow">Plack HTTP server</a> <em>(see <a href="configplack.html" class="wikilink1" title="documentation:2.0:configplack">our doc</a>)</em> </td>
</tr>
<tr class="row2 roweven">
<td class="col0 centeralign"> <strong>Link with webserver process</strong> </td><td class="col1 centeralign"> External processes managed by webserver <em>(default)</em> </td><td class="col2 centeralign"> External <a href="#external_servers_for_nginx" title="documentation:2.0:platformsoverview ↵" class="wikilink1">LLNG server</a> </td><td class="col3 centeralign"> External <a href="#external_servers_for_nginx" title="documentation:2.0:platformsoverview ↵" class="wikilink1">LLNG server</a> </td><td class="col4 centeralign"> <a href="configplack.html" class="wikilink1" title="documentation:2.0:configplack">Inside</a> </td>
</tr>
</table></div>
<!-- EDIT3 TABLE [635-1181] -->
</div>
<!-- EDIT2 SECTION "Portal/Manager installation" [438-1182] -->
<h2 class="sectionedit4" id="application_protection_overview">Application protection overview</h2>
<div class="level2">
<p>
Applications can be protected:
</p>
<ul>
<li class="level1"><div class="li"> by a LLNG handler</div>
</li>
<li class="level1"><div class="li"> by themselves if they can dial with a supported protocol (<abbr title="Security Assertion Markup Language">SAML</abbr>, OpenID-Connect,…)</div>
</li>
</ul>
<p>
To protect applications with handler, LLNG can be used in two mode:
</p>
<ul>
<li class="level1"><div class="li"> Direct Application Mode : LLNG handler is an embedded application. Handler must be installed on application Web Server</div>
</li>
<li class="level1"><div class="li"> ReverseProxy Mode : applications are hidden behind a ReverseProxy which provides the required LLNG handler</div>
</li>
</ul>
</div>
<!-- EDIT4 SECTION "Application protection overview" [1183-1672] -->
<h3 class="sectionedit5" id="handler_integration">Handler integration</h3>
<div class="level3">
</div>
<h4 id="direct_application_mode">Direct Application Mode</h4>
<div class="level4">
<p>
LLNG handlers can be installed on the following web servers:
</p>
<div class="table sectionedit6"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 leftalign"> </th><th class="col1 centeralign"> Apache </th><th class="col2 centeralign"> Nginx </th><th class="col3 centeralign"> Plack servers family </th><th class="col4 centeralign"> Node.js </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <strong>Addon needed</strong> </td><td class="col1 centeralign"> ModPerl </td><td class="col2 leftalign"> </td><td class="col3 leftalign"> </td><td class="col4 centeralign"> Express </td>
</tr>
<tr class="row2 roweven">
<td class="col0 centeralign"> <strong>LLNG integration in webserver</strong> </td><td class="col1 centeralign"> <a href="configvhost.html#apache_configuration" class="wikilink1" title="documentation:2.0:configvhost">Inside</a> </td><td class="col2 centeralign"> Separate process: <a href="#external_servers_for_nginx" title="documentation:2.0:platformsoverview ↵" class="wikilink1">External LLNG FastCGI/uWSGI servers</a> <em>(auth_request)</em> </td><td class="col3 centeralign"> <a href="configplack.html" class="wikilink1" title="documentation:2.0:configplack">Inside</a> </td><td class="col4 centeralign"> <a href="https://github.com/LemonLDAPNG/node-lemonldap-ng-handler#express-app" class="urlextern" title="https://github.com/LemonLDAPNG/node-lemonldap-ng-handler#express-app" rel="nofollow">Inside</a> </td>
</tr>
</table></div>
<!-- EDIT6 TABLE [1799-2271] -->
</div>
<h4 id="reverseproxy_mode">ReverseProxy Mode</h4>
<div class="level4">
<div class="table sectionedit7"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 leftalign"> </th><th class="col1 centeralign"> Apache </th><th class="col2 centeralign"> Nginx </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <strong>LLNG integration in ReverseProxy webserver</strong> </td><td class="col1 centeralign"> <a href="configvhost.html#apache_configuration" class="wikilink1" title="documentation:2.0:configvhost">Inside</a> </td><td class="col2 centeralign"> Separate process: <a href="#external_servers_for_nginx" title="documentation:2.0:platformsoverview ↵" class="wikilink1">External LLNG FastCGI/uWSGI servers</a> </td>
</tr>
</table></div>
<!-- EDIT7 TABLE [2299-2536] -->
</div>
<!-- EDIT5 SECTION "Handler integration" [1673-2538] -->
<h3 class="sectionedit8" id="external_servers_for_nginx">External servers for Nginx</h3>
<div class="level3">
<p>
Natively, Nginx supportes FastCGI and uWSGI protocoles.
</p>
<p>
Therefore, LLNG services can be provided by compatible external servers.
</p>
<div class="notetip">FastCGI or uWSGI server(s) can be installed on separate hosts. Also you can imagine a global cloud-FastCGI/uWSGI-service for all your Nginx servers. See <a href="ssoaas.html" class="wikilink1" title="documentation:2.0:ssoaas">SSO as a service (SSOaaS)</a> for more.
</div>
</div>
<h4 id="fastcgi">FastCGI</h4>
<div class="level4">
<p>
By default, LLNG provides a Plack based FastCGI server able to afford all LLNG services using <a href="https://metacpan.org/pod/Plack::Handler::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI" rel="nofollow">FCGI</a> engine <strong>(default)</strong>.
</p>
<p>
However, you can use some other FastCGI server engines:
</p>
<ul>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" rel="nofollow">AnyEvent::FCGI</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::EV" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::EV" rel="nofollow">FCGI::EV</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" rel="nofollow">FCGI::Engine</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" rel="nofollow">FCGI::Engine::ProcManager</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Async" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Async" rel="nofollow">FCGI::Async</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://github.com/LemonLDAPNG/node-lemonldap-ng-handler#nginx-authorization-server" class="urlextern" title="https://github.com/LemonLDAPNG/node-lemonldap-ng-handler#nginx-authorization-server" rel="nofollow">LLNG FastCGI server for Node.js</a>(*)</div>
</li>
</ul>
<div class="notewarning">(*) LLNG Node.js handler can be used only as Nginx `auth_request` server, not to serve Portal or Manager
</div>
</div>
<h4 id="uwsgi">uWSGI</h4>
<div class="level4">
<ul>
<li class="level1"><div class="li"> uWSGI server <em>(with uwsgi PSGI plugin, see <a href="psgi.html" class="wikilink1" title="documentation:2.0:psgi">Advanced PSGI usage</a>)</em></div>
</li>
</ul>
</div>
<!-- EDIT8 SECTION "External servers for Nginx" [2539-] --></div>
</body>
</html>

26
doc/pages/documentation/current/psgi.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:psgi</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,psgi"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="psgi.html"/>
@ -66,11 +66,11 @@ LLNG is build on <a href="http://plackperl.org/" class="urlextern" title="http:/
</ul>
<p>
uWSGI and <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js handler</a> may provide the highest performance.
uWSGI or <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js FastCGI server</a> may provide the highest performance.
</p>
</div>
<!-- EDIT1 SECTION "Advanced PSGI usage" [1-629] -->
<!-- EDIT1 SECTION "Advanced PSGI usage" [1-635] -->
<h2 class="sectionedit2" id="fastcgi_server_replacement">FastCGI server replacement</h2>
<div class="level2">
@ -78,9 +78,21 @@ uWSGI and <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:
A <code>llng-server.psgi</code> is provided in example directory. It is designed to replace exactly FastCGI server. You can use it :
</p>
<ul>
<li class="level1"><div class="li"> with a FCGI Plack server, but you just have to change llng-fastcgi-server engine <em>(in /etc/default/llng-fastcgi-server)</em> to have the same result</div>
<li class="level1"><div class="li"> with a FCGI Plack server, but you just have to change llng-fastcgi-server engine <em>(in /etc/default/llng-fastcgi-server)</em> to have the same result. Available engines:</div>
<ul>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI" rel="nofollow">FCGI</a> <strong>(default)</strong></div>
</li>
<li class="level1"><div class="li"> with a HTTP Plack server, not yet tested</div>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" rel="nofollow">AnyEvent::FCGI</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::EV" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::EV" rel="nofollow">FCGI::EV</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" rel="nofollow">FCGI::Engine</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" rel="nofollow">FCGI::Engine::ProcManager</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Async" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Async" rel="nofollow">FCGI::Async</a></div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> with uWSGI <em><strong>(see below)</strong></em></div>
</li>
@ -100,7 +112,7 @@ See also <a href="highperfnginxhandler.html" class="wikilink1" title="documentat
</p>
</div>
<!-- EDIT2 SECTION "FastCGI server replacement" [630-1417] -->
<!-- EDIT2 SECTION "FastCGI server replacement" [636-1878] -->
<h3 class="sectionedit3" id="using_uwsgi">Using uWSGI</h3>
<div class="level3">
@ -114,6 +126,6 @@ You will find in LLNG Nginx configuration files some comments that explain how t
</p>
</div>
<!-- EDIT3 SECTION "Using uWSGI" [1418-] --></div>
<!-- EDIT3 SECTION "Using uWSGI" [1879-] --></div>
</body>
</html>

48
doc/pages/documentation/current/redirections.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:redirections</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,redirections"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="redirections.html"/>
@ -43,15 +43,37 @@
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<h1 class="sectionedit1" id="handler_redirections">Handler Redirections</h1>
<ul class="toc">
<li class="level1"><div class="li"><a href="#handler_redirections">Handler Redirections</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#protocol_and_port">Protocol and port</a></div></li>
<li class="level2"><div class="li"><a href="#forbidden_and_server_error">Forbidden and Server error</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#portal_redirections">Portal Redirections</a></div></li>
</ul>
</div>
</div>
<!-- TOC END -->
<h1 class="sectionedit1" id="redirections">Redirections</h1>
<div class="level1">
</div>
<!-- EDIT1 SECTION "Redirections" [1-28] -->
<h2 class="sectionedit2" id="handler_redirections">Handler Redirections</h2>
<div class="level2">
<div class="noteclassic">When a user access a Handler without a cookie, he is redirected on portal, and the target <abbr title="Uniform Resource Locator">URL</abbr> is encoded in redirection <abbr title="Uniform Resource Locator">URL</abbr> (to redirect user after authentication process).
</div>
</div>
<!-- EDIT1 SECTION "Handler Redirections" [1-223] -->
<h2 class="sectionedit2" id="protocol_and_port">Protocol and port</h2>
<div class="level2">
<!-- EDIT2 SECTION "Handler Redirections" [29-249] -->
<h3 class="sectionedit3" id="protocol_and_port">Protocol and port</h3>
<div class="level3">
<p>
To encode the redirection <abbr title="Uniform Resource Locator">URL</abbr>, the handler will use some Apache environment variables and also configuration settings:
@ -69,9 +91,9 @@ These parameters can be configured in Manager, in <code>General Parameters</code
<div class="notetip">These settings can be overridden per virtual host, see <a href="configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">virtual host management</a>.
</div>
</div>
<!-- EDIT2 SECTION "Protocol and port" [224-732] -->
<h2 class="sectionedit3" id="forbidden_and_server_error">Forbidden and Server error</h2>
<div class="level2">
<!-- EDIT3 SECTION "Protocol and port" [250-756] -->
<h3 class="sectionedit4" id="forbidden_and_server_error">Forbidden and Server error</h3>
<div class="level3">
<p>
Handler use the default Apache error code for the following cases:
@ -116,18 +138,20 @@ These parameters can be configured in Manager, in <code>General Parameters</code
</ul>
</div>
<!-- EDIT3 SECTION "Forbidden and Server error" [733-2104] -->
<h1 class="sectionedit4" id="portal_redirections">Portal Redirections</h1>
<div class="level1">
<!-- EDIT4 SECTION "Forbidden and Server error" [757-2126] -->
<h2 class="sectionedit5" id="portal_redirections">Portal Redirections</h2>
<div class="level2">
<div class="noteclassic">If a user is redirected from handler to portal for authentication and once he is authenticated, portal redirects him to the redirection <abbr title="Uniform Resource Locator">URL</abbr>.
</div><ul>
<li class="level1"><div class="li"> <strong>Redirection message</strong>: The redirection from portal can be done either with code 303 (See Other), or with a JavaScript redirection. Often the redirection takes some time because it is user&#039;s first access to the protected app, so a new app session has to be created : JavaScript redirection improves user experience by informing that authentication is performed, and by preventing from clicking again on the button because it is too slow.</div>
</li>
<li class="level1"><div class="li"> <strong>Keep redirections for Ajax</strong>: By default, when an Ajax request is done on the portal for an unauthenticated user (after a redirection done by the handler), a 401 code will be sentwith a <code>WWW-Authenticate</code> header containing “<abbr title="Single Sign On">SSO</abbr> &lt;portal-<abbr title="Uniform Resource Locator">URL</abbr>&gt;”. Set this option to 1 to keep the old behavior (return of <abbr title="HyperText Markup Language">HTML</abbr> code).</div>
</li>
<li class="level1"><div class="li"> <strong>Skip re-auth confirmation</strong>: by default, when re-authentication is needed, a confirmation screen is displayed to let user accept the re-authentication. If you enable this option, user will be directly redirected to login page.</div>
</li>
</ul>
</div>
<!-- EDIT4 SECTION "Portal Redirections" [2105-] --></div>
<!-- EDIT5 SECTION "Portal Redirections" [2127-] --></div>
</body>
</html>

4
doc/pages/documentation/current/restserverplugin
View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/restserverplugin?do=login&amp;sectok=b1ead7f504050dc6ea4ebced99caf5c1" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/restserverplugin?do=login&amp;sectok=5e53528a309f1afd578fccb6a5f04cf7" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -220,7 +220,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Arestserverplugin&amp;1526412078" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Arestserverplugin&amp;1526585789" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

58
doc/pages/documentation/current/ssoaas.html
View File

@ -43,18 +43,60 @@
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#our_concept_of_ssoaas">Our concept of SSOaaS</a></div></li>
<li class="level1"><div class="li"><a href="#using_front_reverse-proxies">Using front reverse-proxies</a></div></li>
<li class="level1"><div class="li"><a href="#using_a_global_fastcgi_or_uwsgi_server">Using a global FastCGI (or uWSGI) server</a></div></li>
</ul>
</div>
</div>
<!-- TOC END -->
<h1 class="sectionedit1" id="sso_as_a_service_ssoaas">SSO as a service (SSOaaS)</h1>
<div class="level1">
</div>
<!-- EDIT1 SECTION "SSO as a service (SSOaaS)" [1-41] -->
<h2 class="sectionedit2" id="our_concept_of_ssoaas">Our concept of SSOaaS</h2>
<div class="level2">
<p>
LLNG provides some features that can be used to provide <abbr title="Single Sign On">SSO</abbr> as a service. Two possibility to do it:
Access management provides 3 services:
</p>
<ul>
<li class="level1"><div class="li"> Using front reverse-proxies</div>
<li class="level1"><div class="li"> Global authentication: Single-Sign-On</div>
</li>
<li class="level1"><div class="li"> Authorization check: authentication isn&#039;t enough, user rights mus be checked</div>
</li>
<li class="level1"><div class="li"> Accounting: <abbr title="Single Sign On">SSO</abbr> logs + application logs <em>(transactions and results)</em></div>
</li>
</ul>
<p>
LLNG provides all these services (except application logs of course, but headers are provided to permit this). Headers is another LLNG service: LLNG can provide any user attributes to the application <em>(see <a href="writingrulesand_headers.html" class="wikilink1" title="documentation:2.0:writingrulesand_headers">Rules and headers</a>)</em>
</p>
<p>
<code>*aaS</code> means that application can drive undelying layer (IaaS for infrastructure, PaaS for platform,…). So for us, <code>SSOaaS</code> must provide the ability for an app to manage authorizations and to get user attributes. Authentication can&#039;t be really “*aaS”: app must not drive it, only consumes it.
</p>
<p>
LLNG provides some features that can be used to provide <abbr title="Single Sign On">SSO</abbr> as a service: a web application can drive its rules and headers. Docker or VM images (Nginx only) includes LLNG Nginx configuration that points to a global <a href="platformsoverview.html#external_servers_for_nginx" class="wikilink1" title="documentation:2.0:platformsoverview">LLNG authorization server</a>. By default, all authenticated users can access and one header is set: <code>Auth-User</code>. If application gives a RULES_<abbr title="Uniform Resource Locator">URL</abbr> parameter that points to a JSON file, authorization server will read it and apply given rules and set asked headers <em>(see <a href="devopshandler.html" class="wikilink1" title="documentation:2.0:devopshandler">DevOps Handler</a>)</em>.
</p>
<p>
Two architectures to do it:
</p>
<ul>
<li class="level1"><div class="li"> Using a global FastCGI (or uWSGI) server</div>
</li>
<li class="level1"><div class="li"> Using front reverse-proxies <em>(some cloud installation use reverse-proxies in front of the cloud)</em></div>
</li>
</ul>
<p>
@ -62,8 +104,8 @@ In both case, Handler type must be set to <a href="devopshandler.html" class="wi
</p>
</div>
<!-- EDIT1 SECTION "SSO as a service (SSOaaS)" [1-288] -->
<h2 class="sectionedit2" id="using_front_reverse-proxies">Using front reverse-proxies</h2>
<!-- EDIT2 SECTION "Our concept of SSOaaS" [42-1689] -->
<h2 class="sectionedit3" id="using_front_reverse-proxies">Using front reverse-proxies</h2>
<div class="level2">
<p>
@ -94,7 +136,7 @@ This configuration handles <code>*.dev.sso.my.domain</code> services and forward
fastcgi_param CONTENT_LENGTH &quot;&quot;;
# Keep original hostname
fastcgi_param HOST $http_host;
# Keep original request (LLNG server will received /llauth)
# Keep original request (LLNG server will received /lmauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
location /rules.json {
@ -114,8 +156,8 @@ This configuration handles <code>*.dev.sso.my.domain</code> services and forward
</dd></dl>
</div>
<!-- EDIT2 SECTION "Using front reverse-proxies" [289-1765] -->
<h2 class="sectionedit3" id="using_a_global_fastcgi_or_uwsgi_server">Using a global FastCGI (or uWSGI) server</h2>
<!-- EDIT3 SECTION "Using front reverse-proxies" [1690-3166] -->
<h2 class="sectionedit4" id="using_a_global_fastcgi_or_uwsgi_server">Using a global FastCGI (or uWSGI) server</h2>
<div class="level2">
<p>
@ -165,6 +207,6 @@ In this example, web server templates (Nginx only) are configured to ask authori
</dd></dl>
</div>
<!-- EDIT3 SECTION "Using a global FastCGI (or uWSGI) server" [1766-] --></div>
<!-- EDIT4 SECTION "Using a global FastCGI (or uWSGI) server" [3167-] --></div>
</body>
</html>

128
doc/pages/documentation/current/start.html
View File

@ -49,6 +49,7 @@
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#installation">Installation</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#before_installation">Before installation</a></div></li>
@ -94,12 +95,27 @@
</div>
<!-- EDIT1 SECTION "Documentation for LemonLDAP::NG 2.0" [1-51] -->
<h2 class="sectionedit2" id="installation">Installation</h2>
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> <a href="documentation/presentation.html" class="wikilink1" title="documentation:presentation">Presentation</a></div>
</li>
<li class="level1"><div class="li"> <a href="documentation/features.html" class="wikilink1" title="documentation:features">Main features</a></div>
</li>
<li class="level1"><div class="li"> <a href="documentation/quickstart.html" class="wikilink1" title="documentation:quickstart">Quick start tutorial</a></div>
</li>
<li class="level1"><div class="li"> <a href="platformsoverview.html" class="wikilink1" title="documentation:2.0:platformsoverview">Choose a platform</a></div>
</li>
</ul>
</div>
<!-- EDIT2 SECTION "Présentation" [52-270] -->
<h2 class="sectionedit3" id="installation">Installation</h2>
<div class="level2">
</div>
<!-- EDIT2 SECTION "Installation" [52-77] -->
<h3 class="sectionedit3" id="before_installation">Before installation</h3>
<!-- EDIT3 SECTION "Installation" [271-296] -->
<h3 class="sectionedit4" id="before_installation">Before installation</h3>
<div class="level3">
<p>
@ -119,8 +135,8 @@
</p>
</div>
<!-- EDIT3 SECTION "Before installation" [78-342] -->
<h3 class="sectionedit4" id="installation1">Installation</h3>
<!-- EDIT4 SECTION "Before installation" [297-561] -->
<h3 class="sectionedit5" id="installation1">Installation</h3>
<div class="level3">
<p>
@ -148,8 +164,8 @@
</p>
</div>
<!-- EDIT4 SECTION "Installation" [343-885] -->
<h3 class="sectionedit5" id="after_installation">After installation</h3>
<!-- EDIT5 SECTION "Installation" [562-1104] -->
<h3 class="sectionedit6" id="after_installation">After installation</h3>
<div class="level3">
<p>
@ -162,7 +178,7 @@
</li>
<li class="level1"><div class="li"> <a href="configapache.html" class="wikilink1" title="documentation:2.0:configapache">Deploy Apache configuration</a></div>
</li>
<li class="level1"><div class="li"> <a href="configplack.html" class="wikilink1" title="documentation:2.0:configplack">Deploy LemonLDAP::NG on Plack servers family</a> <em>(Twiggy, Starman, Corona,…)</em></div>
<li class="level1"><div class="li"> <a href="configplack.html" class="wikilink1" title="documentation:2.0:configplack">Deploy LemonLDAP::NG on Plack servers family</a> <em>(Twiggy, Starman, Corona,…)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a></div>
</li>
</ul>
@ -171,13 +187,13 @@
</p>
</div>
<!-- EDIT5 SECTION "After installation" [886-1296] -->
<h2 class="sectionedit6" id="configuration">Configuration</h2>
<!-- EDIT6 SECTION "After installation" [1105-1538] -->
<h2 class="sectionedit7" id="configuration">Configuration</h2>
<div class="level2">
</div>
<!-- EDIT6 SECTION "Configuration" [1297-1323] -->
<h3 class="sectionedit7" id="first_steps">First steps</h3>
<!-- EDIT7 SECTION "Configuration" [1539-1565] -->
<h3 class="sectionedit8" id="first_steps">First steps</h3>
<div class="level3">
<p>
@ -205,8 +221,8 @@
</p>
</div>
<!-- EDIT7 SECTION "First steps" [1324-1783] -->
<h3 class="sectionedit8" id="portal">Portal</h3>
<!-- EDIT8 SECTION "First steps" [1566-2025] -->
<h3 class="sectionedit9" id="portal">Portal</h3>
<div class="level3">
<p>
@ -243,7 +259,7 @@
<a href="icons/gpg.png_documentation_2.0_start.html" class="media" title="icons:gpg.png"><img src="icons/gpg.png" class="media" alt="" /></a>
</div><div class="col-md-11">
</p>
<div class="table sectionedit9"><table class="inline table table-bordered table-striped">
<div class="table sectionedit10"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> Official Backends </th><th class="col1 centeralign"> Authentication </th><th class="col2 centeralign"> Users </th><th class="col3 centeralign"> Password </th>
@ -364,7 +380,7 @@
<td class="col0"> <a href="autosignin.html" class="wikilink1" title="documentation:2.0:autosignin">Auto Signin</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign"></td><td class="col2"></td><td class="col3"></td>
</tr>
</table></div>
<!-- EDIT9 TABLE [2320-4663] -->
<!-- EDIT10 TABLE [2562-4905] -->
<p>
</div></div>
</p>
@ -386,7 +402,7 @@
<a href="icons/personal.png_documentation_2.0_start.html" class="media" title="icons:personal.png"><img src="icons/personal.png" class="media" alt="" /></a>
</div><div class="col-md-11">
</p>
<div class="table sectionedit10"><table class="inline table table-bordered table-striped">
<div class="table sectionedit11"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> Protocol </th><th class="col1 centeralign"> Service Provider </th><th class="col2 centeralign"> Identity Provider </th>
@ -408,14 +424,14 @@
<td class="col0"> <a href="issuerdbget.html" class="wikilink1" title="documentation:2.0:issuerdbget">Get parameters provider</a> <em>(for poor applications)</em> </td><td class="col1 leftalign"> </td><td class="col2 centeralign"></td>
</tr>
</table></div>
<!-- EDIT10 TABLE [5009-5370] -->
<!-- EDIT11 TABLE [5251-5612] -->
<p>
</div></div>
</p>
</div>
<!-- EDIT8 SECTION "Portal" [1784-5398] -->
<h3 class="sectionedit11" id="handlers">Handlers</h3>
<!-- EDIT9 SECTION "Portal" [2026-5640] -->
<h3 class="sectionedit12" id="handlers">Handlers</h3>
<div class="level3">
<p>
@ -427,35 +443,35 @@
<p>
Handlers are software control agents to install on your web servers <em>(Nginx, Apache or Node.js)</em>.
</p>
<div class="table sectionedit12"><table class="inline table table-bordered table-striped">
<div class="table sectionedit13"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> Handler type </th><th class="col1 centeralign"> Apache </th><th class="col2 centeralign"> Nginx </th><th class="col3 centeralign"> Node.js </th><th class="col4 centeralign"> Comment </th><td class="col5"></td>
<th class="col0"> Handler type </th><th class="col1 centeralign"> Apache </th><th class="col2 centeralign"> Nginx </th><th class="col3 rightalign"> <a href="https://plackperl.org" class="urlextern" title="https://plackperl.org" rel="nofollow">Plack* server</a></th><th class="col4 centeralign"> Node.js </th><th class="col5 centeralign"> Comment </th><td class="col6"></td>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0"> Main <em>(default handler)</em> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"> <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Partial</a> (*) </td><td class="col4 leftalign"> </td><td class="col5"></td>
<td class="col0"> Main <em>(default handler)</em> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"> </td><td class="col4 centeralign"> <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Partial</a> (*) </td><td class="col5 leftalign"> </td><td class="col6"></td>
</tr>
<tr class="row2 roweven">
<td class="col0"> <a href="handlerauthbasic.html" class="wikilink1" title="documentation:2.0:handlerauthbasic">AuthBasic</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 leftalign"> </td><td class="col4"> Designed for some server-to-server applications </td><td class="col5"></td>
<td class="col0"> <a href="handlerauthbasic.html" class="wikilink1" title="documentation:2.0:handlerauthbasic">AuthBasic</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4 leftalign"> </td><td class="col5"> Designed for some server-to-server applications </td><td class="col6"></td>
</tr>
<tr class="row3 rowodd">
<td class="col0"> <a href="cda.html" class="wikilink1" title="documentation:2.0:cda">CDA</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 leftalign"> </td><td class="col4"> For Cross Domain Authentication </td><td class="col5"></td>
<td class="col0"> <a href="cda.html" class="wikilink1" title="documentation:2.0:cda">CDA</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4 leftalign"> </td><td class="col5"> For Cross Domain Authentication </td><td class="col6"></td>
</tr>
<tr class="row4 roweven">
<td class="col0"> <a href="devopshandler.html" class="wikilink1" title="documentation:2.0:devopshandler">DevOps</a> <em>(<a href="ssoaas.html" class="wikilink1" title="documentation:2.0:ssoaas">SSOaaS</a>)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4"> Allows application developers to define their rules within the application </td><td class="col5"></td>
<td class="col0"> <a href="devopshandler.html" class="wikilink1" title="documentation:2.0:devopshandler">DevOps</a> <em>(<a href="ssoaas.html" class="wikilink1" title="documentation:2.0:ssoaas">SSOaaS</a>)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4 centeralign"></td><td class="col5"> Allows application developers to define their rules within the application </td><td class="col6"></td>
</tr>
<tr class="row5 rowodd">
<td class="col0"> <a href="securetoken.html" class="wikilink1" title="documentation:2.0:securetoken">Secure Token</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 leftalign"> </td><td class="col4"> Designed to secure dialog between a LLNG reverse-proxy and a remote app </td><td class="col5"></td>
<td class="col0"> <a href="securetoken.html" class="wikilink1" title="documentation:2.0:securetoken">Secure Token</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4 leftalign"> </td><td class="col5"> Designed to secure dialog between a LLNG reverse-proxy and a remote app </td><td class="col6"></td>
</tr>
<tr class="row6 roweven">
<td class="col0"> <a href="servertoserver.html" class="wikilink1" title="documentation:2.0:servertoserver">Service Token</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> <em>(Server-to-Server)</em> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4"> Designed to permits underlying requests <em>(<abbr title="Application Programming Interface">API</abbr>-Based Infrastructure)</em> </td><td class="col5"></td>
<td class="col0"> <a href="servertoserver.html" class="wikilink1" title="documentation:2.0:servertoserver">Service Token</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> <em>(Server-to-Server)</em> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4 centeralign"></td><td class="col5"> Designed to permits underlying requests <em>(<abbr title="Application Programming Interface">API</abbr>-Based Infrastructure)</em> </td><td class="col6"></td>
</tr>
<tr class="row7 rowodd">
<td class="col0"> <a href="applications/zimbra.html" class="wikilink1" title="documentation:2.0:applications:zimbra">Zimbra PreAuth</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 leftalign"> </td><td class="col4 leftalign"> </td>
<td class="col0"> <a href="applications/zimbra.html" class="wikilink1" title="documentation:2.0:applications:zimbra">Zimbra PreAuth</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4 leftalign"> </td><td class="col5 leftalign"> </td>
</tr>
</table></div>
<!-- EDIT12 TABLE [5637-6504] -->
<!-- EDIT13 TABLE [5879-6846] -->
<p>
<em>(*): <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js handler</a> has not yet reached the same level of functionality.</em>
</p>
@ -465,8 +481,8 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
</p>
</div>
<!-- EDIT11 SECTION "Handlers" [5399-6627] -->
<h3 class="sectionedit13" id="llng_databases">LLNG databases</h3>
<!-- EDIT12 SECTION "Handlers" [5641-6969] -->
<h3 class="sectionedit14" id="llng_databases">LLNG databases</h3>
<div class="level3">
</div>
@ -481,9 +497,9 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
</p>
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> needs a storage system to store its own configuration (managed by the manager). Choose one of the following:
<abbr title="LemonLDAP::NG">LL::NG</abbr> needs a storage system to store its own configuration (managed by the manager). Choose one in the following list:
</p>
<div class="table sectionedit14"><table class="inline table table-bordered table-striped">
<div class="table sectionedit15"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Backend </th><th class="col1 centeralign"> Shareable </th><th class="col2 centeralign"> Comment </th>
@ -511,7 +527,7 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
<td class="col0 centeralign"> <a href="restconfbackend.html" class="wikilink1" title="documentation:2.0:restconfbackend">REST</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign"></td><td class="col2 leftalign"> Proxy backend to be used in conjunction with another configuration backend. <br/><strong>Can be used to secure another backend</strong> for remote servers. </td>
</tr>
</table></div>
<!-- EDIT14 TABLE [6926-7908] --><div class="notetip">You can not start with an empty configuration, so read <a href="changeconfbackend.html" class="wikilink1" title="documentation:2.0:changeconfbackend">how to change configuration backend</a> to convert your existing configuration into another one.
<!-- EDIT15 TABLE [7274-8256] --><div class="notetip">You can not start with an empty configuration, so read <a href="changeconfbackend.html" class="wikilink1" title="documentation:2.0:changeconfbackend">how to change configuration backend</a> to convert your existing configuration into another one.
</div>
<p>
</div></div>
@ -533,7 +549,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
<div class="noteimportant">If you plan to use LLNG in a large-scale system, take a look at <a href="performances.html#performance_test" class="wikilink1" title="documentation:2.0:performances">Performance Test</a> to choose the right backend. A <a href="browseablesessionbackend.html#browseable_sql" class="wikilink1" title="documentation:2.0:browseablesessionbackend">Browseable SQL backend</a> is generally a good choice.
</div><div class="table sectionedit15"><table class="inline table table-bordered table-striped">
</div><div class="table sectionedit16"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Backend </th><th class="col1 centeralign"> Shareable </th><th class="col2 centeralign"> <a href="documentation/features.html#session_explorer" class="wikilink1" title="documentation:features">Session explorer</a> </th><th class="col3 centeralign"> <a href="documentation/features.html#session_restrictions" class="wikilink1" title="documentation:features">Session restrictions</a> </th><th class="col4 centeralign"> Session expiration </th><th class="col5 centeralign"> Comment </th>
@ -566,14 +582,14 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
<strong>Can be used to secure another backend</strong> for remote servers. </td>
</tr>
</table></div>
<!-- EDIT15 TABLE [8773-10452] -->
<!-- EDIT16 TABLE [9121-10800] -->
<p>
</div></div>
</p>
</div>
<!-- EDIT13 SECTION "LLNG databases" [6628-10480] -->
<h2 class="sectionedit16" id="applications_protection">Applications protection</h2>
<!-- EDIT14 SECTION "LLNG databases" [6970-10828] -->
<h2 class="sectionedit17" id="applications_protection">Applications protection</h2>
<div class="level2">
<p>
@ -601,8 +617,8 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT16 SECTION "Applications protection" [10481-10971] -->
<h3 class="sectionedit17" id="well_known_compatible_applications">Well known compatible applications</h3>
<!-- EDIT17 SECTION "Applications protection" [10829-11319] -->
<h3 class="sectionedit18" id="well_known_compatible_applications">Well known compatible applications</h3>
<div class="level3">
<div class="noteclassic">Here is a list of well known applications that are compatible with <abbr title="LemonLDAP::NG">LL::NG</abbr>. A full list is available on <a href="applications.html" class="wikilink1" title="documentation:2.0:applications">vendor applications page</a>.
</div>
@ -699,8 +715,8 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT17 SECTION "Well known compatible applications" [10972-13185] -->
<h2 class="sectionedit18" id="advanced_features">Advanced features</h2>
<!-- EDIT18 SECTION "Well known compatible applications" [11320-13533] -->
<h2 class="sectionedit19" id="advanced_features">Advanced features</h2>
<div class="level2">
<p>
@ -731,9 +747,9 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</li>
<li class="level1"><div class="li"> <a href="handlerauthbasic.html" class="wikilink1" title="documentation:2.0:handlerauthbasic">AuthBasic Handler</a></div>
</li>
<li class="level1"><div class="li"> <a href="devopshandler.html" class="wikilink1" title="documentation:2.0:devopshandler">DevOps Handler</a> <em>(<a href="ssoaas.html" class="wikilink1" title="documentation:2.0:ssoaas">SSOaaS</a>)</em></div>
<li class="level1"><div class="li"> <a href="ssoaas.html" class="wikilink1" title="documentation:2.0:ssoaas">SSO as a Service</a> <em>(SSOaaS)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a></div>
</li>
<li class="level1"><div class="li"> <a href="servertoserver.html" class="wikilink1" title="documentation:2.0:servertoserver">Handling server webservice calls</a></div>
<li class="level1"><div class="li"> <a href="servertoserver.html" class="wikilink1" title="documentation:2.0:servertoserver">Handling server webservice calls</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a></div>
</li>
<li class="level1"><div class="li"> <a href="https://github.com/lemonldap-ng-controller/lemonldap-ng-controller" class="urlextern" title="https://github.com/lemonldap-ng-controller/lemonldap-ng-controller" rel="nofollow">LemonLDAP::NG kubernetes controller</a></div>
</li>
@ -756,8 +772,8 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT18 SECTION "Advanced features" [13186-14338] -->
<h2 class="sectionedit19" id="mini_howtos">Mini howtos</h2>
<!-- EDIT19 SECTION "Advanced features" [13534-14716] -->
<h2 class="sectionedit20" id="mini_howtos">Mini howtos</h2>
<div class="level2">
<p>
@ -789,8 +805,8 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT19 SECTION "Mini howtos" [14339-15080] -->
<h2 class="sectionedit20" id="exploitation">Exploitation</h2>
<!-- EDIT20 SECTION "Mini howtos" [14717-15458] -->
<h2 class="sectionedit21" id="exploitation">Exploitation</h2>
<div class="level2">
<p>
@ -807,7 +823,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</li>
<li class="level1"><div class="li"> <a href="status.html" class="wikilink1" title="documentation:2.0:status">Handler status page</a></div>
</li>
<li class="level1"><div class="li"> <a href="checkstate.html" class="wikilink1" title="documentation:2.0:checkstate">Portal state check</a> <em>(health check for fail-over)</em></div>
<li class="level1"><div class="li"> <a href="checkstate.html" class="wikilink1" title="documentation:2.0:checkstate">Portal state check</a> <em>(health check for fail-over)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a></div>
</li>
<li class="level1"><div class="li"> <a href="monitoring.html" class="wikilink1" title="documentation:2.0:monitoring">Monitoring</a></div>
</li>
@ -824,8 +840,8 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT20 SECTION "Exploitation" [15081-15572] -->
<h2 class="sectionedit21" id="bug_report">Bug report</h2>
<!-- EDIT21 SECTION "Exploitation" [15459-15973] -->
<h2 class="sectionedit22" id="bug_report">Bug report</h2>
<div class="level2">
<p>
@ -833,8 +849,8 @@ See <a href="bugreport.html" class="wikilink1" title="bugreport">How to report a
</p>
</div>
<!-- EDIT21 SECTION "Bug report" [15573-15637] -->
<h2 class="sectionedit22" id="developer_corner">Developer corner</h2>
<!-- EDIT22 SECTION "Bug report" [15974-16038] -->
<h2 class="sectionedit23" id="developer_corner">Developer corner</h2>
<div class="level2">
<p>
@ -880,7 +896,7 @@ To add a new language:
</ul>
<p>
If you don&#039;t want to publish your translation <em>(XX must be replace by your language code)</em>:
If you don&#039;t want to publish your translation <em>(<code>XX</code> must be replaced by your language code)</em>:
</p>
<ul>
<li class="level1"><div class="li"> Manager: translate <code>lemonldap-ng-manager/site/htdocs/static/languages/en.json</code> in <code>lemonldap-ng-manager/site/htdocs/static/languages/XX.json</code> and enable it in “lemonldap-ng.ini” file</div>
@ -904,6 +920,6 @@ To translate this doc (Manager help):
</ul>
</div>
<!-- EDIT22 SECTION "Developer corner" [15638-] --></div>
<!-- EDIT23 SECTION "Developer corner" [16039-] --></div>
</body>
</html>

88
omegat.files/fr/fr-level1.tmx
View File

@ -14548,6 +14548,14 @@ Le nouveau rôle est-il un super-utilisateur ?</seg>
<seg>LemonLDAP::NG est hautement scalable, donc facile à insérer derière un répartisseur de charge :</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>LemonLDAP::NG offline documentation</seg>
</tuv>
<tuv lang="FR-FR" changeid="xavier" changedate="20180517T194110Z" creationid="xavier" creationdate="20180517T194110Z">
<seg>Documentation hors-ligne de LemonLDAP::NG</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>LemonLDAP::NG portal menu has 4 modules:</seg>
@ -15090,6 +15098,14 @@ Le nouveau rôle est-il un super-utilisateur ?</seg>
<seg>Système LL::NG principal</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Main features</seg>
</tuv>
<tuv lang="FR-FR">
<seg>Fonctionnalités principales</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Main parameters</seg>
@ -16770,6 +16786,14 @@ Le nouveau rôle est-il un super-utilisateur ?</seg>
<seg>Placer vos propres fichiers au lieu de ow2.cert, ow2.key, ow2-ca.cert:</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Quick start tutorial</seg>
</tuv>
<tuv lang="FR-FR">
<seg>Tutoriel rapide</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>RBAC model</seg>
@ -19092,14 +19116,6 @@ DataSource -&gt; dbi:mysql:sessions;host=...</seg>
<seg>La configuration Apache dépend du module choisi, se référer à sa documentation. Exemple :</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>The AuthBasic Handler is a special Handler that will us AuthBasic to authenticate to a virtual host, and then play authorizations rules to allow access to the virtual host.</seg>
</tuv>
<tuv lang="FR-FR" changeid="xavier" changedate="20121005T040839Z">
<seg>L'agent AuthBasic est un agent spécial qui utilise l'authentification web basique pour authentifier dans un hôte virtuel et qui utilise ensuite les règles d'autorisation pour valider les accès à l'hôte virtuel.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>The AuthDemo and UserDBDemo will allow you to log in and get the standard attributes (uid, cn and mail).</seg>
@ -20350,14 +20366,6 @@ failregex = Lemonldap\:\:NG \: .* was not found in LDAP directory \(&lt;HOST&gt;
<seg>Ceci permet de protéger des applications nécessitant la variable d'environnement REMOTE_USER en mode reverse-proxy.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>This can be useful to allow an third party application to access a virtual host with users credentials by sending a Basic challenge to it.</seg>
</tuv>
<tuv lang="FR-FR" changeid="xavier" changedate="20121005T041259Z">
<seg>Ce peut être pratique pour autoriser une application cliente à accéder à un hôte virtuel avec un authentifiant en envoyant un en-tête basique.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>This concerns all parameters for the Attribute Authority metadata section</seg>
@ -20790,14 +20798,6 @@ failregex = Lemonldap\:\:NG \: .* was not found in LDAP directory \(&lt;HOST&gt;
<seg>Peut être défini par défaut.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>This step should already have been if you installed LL::NG with packages.</seg>
</tuv>
<tuv lang="FR-FR" changeid="xavier" changedate="20160301T061046Z">
<seg>Cette étape est effectuée automatiquement lorsqu'on installe LL::NG avec les packages.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>This user will not be available anymore if you configure a new authentication backend!</seg>
@ -22178,14 +22178,6 @@ Index -&gt; ipAddr uid</seg>
<seg>À la réception de la requête, le contexte d'authentification réel est traduit en un niveau d'authentification interne (voir comment configurer la translation), utilisable pour accorder ou non la création de session.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>When session is granted, the Handler will then check the authorizations like the standard Handler.</seg>
</tuv>
<tuv lang="FR-FR" changeid="xavier" changedate="20121005T041124Z">
<seg>Lorsque la session est validée, l'agent examine les autorisations comme un agent standard.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>When status feature is activated, Handlers and portal will collect statistics and save them in their local cache.</seg>
@ -25222,6 +25214,14 @@ description: {whatToTrace}'$uid'
<seg>dob</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>documentation/features.html</seg>
</tuv>
<tuv lang="FR-FR">
<seg>documentation/features.html</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>documentation/latest/applications/zimbra.html</seg>
@ -25230,6 +25230,22 @@ description: {whatToTrace}'$uid'
<seg>documentation/latest/applications/zimbra.html</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>documentation/presentation.html</seg>
</tuv>
<tuv lang="FR-FR">
<seg>documentation/presentation.html</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>documentation/quickstart.html</seg>
</tuv>
<tuv lang="FR-FR">
<seg>documentation/quickstart.html</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>documentation:1.0:fileconfbackend</seg>
@ -25406,6 +25422,14 @@ description: {whatToTrace}'$uid'
<seg>documentation:presentation</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>documentation:quickstart</seg>
</tuv>
<tuv lang="FR-FR">
<seg>documentation:quickstart</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>documentation:remote-interoperability.png</seg>

88
omegat.files/fr/fr-level2.tmx
View File

@ -14548,6 +14548,14 @@ Le nouveau rôle est-il un super-utilisateur ?</seg>
<seg>LemonLDAP::NG est hautement scalable, donc facile à insérer derière un répartisseur de charge :</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>LemonLDAP::NG offline documentation</seg>
</tuv>
<tuv xml:lang="FR-FR" changeid="xavier" changedate="20180517T194110Z" creationid="xavier" creationdate="20180517T194110Z">
<seg>Documentation hors-ligne de LemonLDAP::NG</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>LemonLDAP::NG portal menu has 4 modules:</seg>
@ -15090,6 +15098,14 @@ Le nouveau rôle est-il un super-utilisateur ?</seg>
<seg>Système LL::NG principal</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Main features</seg>
</tuv>
<tuv xml:lang="FR-FR">
<seg>Fonctionnalités principales</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Main parameters</seg>
@ -16770,6 +16786,14 @@ Le nouveau rôle est-il un super-utilisateur ?</seg>
<seg>Placer vos propres fichiers au lieu de <bpt i="0" x="0">&lt;c0&gt;</bpt>ow2.cert<ept i="0">&lt;/c0&gt;</ept>, <bpt i="1" x="1">&lt;c1&gt;</bpt>ow2.key<ept i="1">&lt;/c1&gt;</ept>, <bpt i="2" x="2">&lt;c2&gt;</bpt>ow2-ca.cert<ept i="2">&lt;/c2&gt;</ept>:</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Quick start tutorial</seg>
</tuv>
<tuv xml:lang="FR-FR">
<seg>Tutoriel rapide</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>RBAC model</seg>
@ -19092,14 +19116,6 @@ DataSource -&gt; dbi:mysql:sessions;host=...</seg>
<seg>La configuration Apache dépend du module choisi, se référer à sa documentation. Exemple :</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>The AuthBasic Handler is a special Handler that will us AuthBasic to authenticate to a virtual host, and then play authorizations rules to allow access to the virtual host.</seg>
</tuv>
<tuv xml:lang="FR-FR" changeid="xavier" changedate="20121005T040839Z">
<seg>L'agent AuthBasic est un agent spécial qui utilise l'authentification web basique pour authentifier dans un hôte virtuel et qui utilise ensuite les règles d'autorisation pour valider les accès à l'hôte virtuel.</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>The AuthDemo and UserDBDemo will allow you to log in and get the standard attributes (uid, cn and mail).</seg>
@ -20350,14 +20366,6 @@ failregex = Lemonldap\:\:NG \: .* was not found in LDAP directory \(&lt;HOST&gt;
<seg>Ceci permet de protéger des applications nécessitant la variable d'environnement <bpt i="0" x="0">&lt;c0&gt;</bpt>REMOTE_USER<ept i="0">&lt;/c0&gt;</ept> en mode reverse-proxy.</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>This can be useful to allow an third party application to access a virtual host with users credentials by sending a Basic challenge to it.</seg>
</tuv>
<tuv xml:lang="FR-FR" changeid="xavier" changedate="20121005T041259Z">
<seg>Ce peut être pratique pour autoriser une application cliente à accéder à un hôte virtuel avec un authentifiant en envoyant un en-tête basique.</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>This concerns all parameters for the Attribute Authority metadata section</seg>
@ -20790,14 +20798,6 @@ failregex = Lemonldap\:\:NG \: .* was not found in LDAP directory \(&lt;HOST&gt;
<seg>Peut être défini par défaut.</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>This step should already have been if you installed <bpt i="0" x="0">&lt;a0&gt;</bpt>LL::NG<ept i="0">&lt;/a0&gt;</ept> with packages.</seg>
</tuv>
<tuv xml:lang="FR-FR" changeid="xavier" changedate="20160301T061046Z">
<seg>Cette étape est effectuée automatiquement lorsqu'on installe <bpt i="0" x="0">&lt;a0&gt;</bpt>LL::NG<ept i="0">&lt;/a0&gt;</ept> avec les packages.</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>This user will not be available anymore if you configure a new authentication backend!</seg>
@ -22178,14 +22178,6 @@ Index -&gt; ipAddr uid</seg>
<seg>À la réception de la requête, le contexte d'authentification réel est traduit en un niveau d'authentification interne (voir <bpt i="1" x="1">&lt;a1&gt;</bpt>comment configurer la translation<ept i="1">&lt;/a1&gt;</ept>), utilisable pour accorder ou non la création de session.</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>When session is granted, the Handler will then check the authorizations like the standard Handler.</seg>
</tuv>
<tuv xml:lang="FR-FR" changeid="xavier" changedate="20121005T041124Z">
<seg>Lorsque la session est validée, l'agent examine les autorisations comme un agent standard.</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>When status feature is activated, Handlers and portal will collect statistics and save them in their local cache.</seg>
@ -25222,6 +25214,14 @@ description: {whatToTrace}'$uid'
<seg>dob</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>documentation/features.html</seg>
</tuv>
<tuv xml:lang="FR-FR">
<seg>documentation/features.html</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>documentation/latest/applications/zimbra.html</seg>
@ -25230,6 +25230,22 @@ description: {whatToTrace}'$uid'
<seg>documentation/latest/applications/zimbra.html</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>documentation/presentation.html</seg>
</tuv>
<tuv xml:lang="FR-FR">
<seg>documentation/presentation.html</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>documentation/quickstart.html</seg>
</tuv>
<tuv xml:lang="FR-FR">
<seg>documentation/quickstart.html</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>documentation:1.0:fileconfbackend</seg>
@ -25406,6 +25422,14 @@ description: {whatToTrace}'$uid'
<seg>documentation:presentation</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>documentation:quickstart</seg>
</tuv>
<tuv xml:lang="FR-FR">
<seg>documentation:quickstart</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>documentation:remote-interoperability.png</seg>

88
omegat.files/fr/fr-omegat.tmx
View File

@ -14548,6 +14548,14 @@ Le nouveau rôle est-il un super-utilisateur ?</seg>
<seg>LemonLDAP::NG est hautement scalable, donc facile à insérer derière un répartisseur de charge :</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>LemonLDAP::NG offline documentation</seg>
</tuv>
<tuv lang="FR-FR" changeid="xavier" changedate="20180517T194110Z" creationid="xavier" creationdate="20180517T194110Z">
<seg>Documentation hors-ligne de LemonLDAP::NG</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>LemonLDAP::NG portal menu has 4 modules:</seg>
@ -15090,6 +15098,14 @@ Le nouveau rôle est-il un super-utilisateur ?</seg>
<seg>Système LL::NG principal</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Main features</seg>
</tuv>
<tuv lang="FR-FR">
<seg>Fonctionnalités principales</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Main parameters</seg>
@ -16770,6 +16786,14 @@ Le nouveau rôle est-il un super-utilisateur ?</seg>
<seg>Placer vos propres fichiers au lieu de &lt;c0&gt;ow2.cert&lt;/c0&gt;, &lt;c1&gt;ow2.key&lt;/c1&gt;, &lt;c2&gt;ow2-ca.cert&lt;/c2&gt;:</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Quick start tutorial</seg>
</tuv>
<tuv lang="FR-FR">
<seg>Tutoriel rapide</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>RBAC model</seg>
@ -19092,14 +19116,6 @@ DataSource -&gt; dbi:mysql:sessions;host=...</seg>
<seg>La configuration Apache dépend du module choisi, se référer à sa documentation. Exemple :</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>The AuthBasic Handler is a special Handler that will us AuthBasic to authenticate to a virtual host, and then play authorizations rules to allow access to the virtual host.</seg>
</tuv>
<tuv lang="FR-FR" changeid="xavier" changedate="20121005T040839Z">
<seg>L'agent AuthBasic est un agent spécial qui utilise l'authentification web basique pour authentifier dans un hôte virtuel et qui utilise ensuite les règles d'autorisation pour valider les accès à l'hôte virtuel.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>The AuthDemo and UserDBDemo will allow you to log in and get the standard attributes (uid, cn and mail).</seg>
@ -20350,14 +20366,6 @@ failregex = Lemonldap\:\:NG \: .* was not found in LDAP directory \(&lt;HOST&gt;
<seg>Ceci permet de protéger des applications nécessitant la variable d'environnement &lt;c0&gt;REMOTE_USER&lt;/c0&gt; en mode reverse-proxy.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>This can be useful to allow an third party application to access a virtual host with users credentials by sending a Basic challenge to it.</seg>
</tuv>
<tuv lang="FR-FR" changeid="xavier" changedate="20121005T041259Z">
<seg>Ce peut être pratique pour autoriser une application cliente à accéder à un hôte virtuel avec un authentifiant en envoyant un en-tête basique.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>This concerns all parameters for the Attribute Authority metadata section</seg>
@ -20790,14 +20798,6 @@ failregex = Lemonldap\:\:NG \: .* was not found in LDAP directory \(&lt;HOST&gt;
<seg>Peut être défini par défaut.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>This step should already have been if you installed &lt;a0&gt;LL::NG&lt;/a0&gt; with packages.</seg>
</tuv>
<tuv lang="FR-FR" changeid="xavier" changedate="20160301T061046Z">
<seg>Cette étape est effectuée automatiquement lorsqu'on installe &lt;a0&gt;LL::NG&lt;/a0&gt; avec les packages.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>This user will not be available anymore if you configure a new authentication backend!</seg>
@ -22178,14 +22178,6 @@ Index -&gt; ipAddr uid</seg>
<seg>À la réception de la requête, le contexte d'authentification réel est traduit en un niveau d'authentification interne (voir &lt;a1&gt;comment configurer la translation&lt;/a1&gt;), utilisable pour accorder ou non la création de session.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>When session is granted, the Handler will then check the authorizations like the standard Handler.</seg>
</tuv>
<tuv lang="FR-FR" changeid="xavier" changedate="20121005T041124Z">
<seg>Lorsque la session est validée, l'agent examine les autorisations comme un agent standard.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>When status feature is activated, Handlers and portal will collect statistics and save them in their local cache.</seg>
@ -25222,6 +25214,14 @@ description: {whatToTrace}'$uid'
<seg>dob</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>documentation/features.html</seg>
</tuv>
<tuv lang="FR-FR">
<seg>documentation/features.html</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>documentation/latest/applications/zimbra.html</seg>
@ -25230,6 +25230,22 @@ description: {whatToTrace}'$uid'
<seg>documentation/latest/applications/zimbra.html</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>documentation/presentation.html</seg>
</tuv>
<tuv lang="FR-FR">
<seg>documentation/presentation.html</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>documentation/quickstart.html</seg>
</tuv>
<tuv lang="FR-FR">
<seg>documentation/quickstart.html</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>documentation:1.0:fileconfbackend</seg>
@ -25406,6 +25422,14 @@ description: {whatToTrace}'$uid'
<seg>documentation:presentation</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>documentation:quickstart</seg>
</tuv>
<tuv lang="FR-FR">
<seg>documentation:quickstart</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>documentation:remote-interoperability.png</seg>

14653
omegat.files/fr/omegat/project_save.tmx
View File

File diff suppressed because it is too large Load Diff

33
omegat.files/fr/omegat/project_stats.txt
View File

@ -1,17 +1,17 @@
15/05/18 21:43
17/05/18 21:41
Données du projet
Segments Mots Caractères (sans espaces) Caractères (avec espaces) Nombre de fichiers
Total : 18880 81460 651859 704160 226
Restants : 11006 44210 395727 419779 226
Segments uniques : 9330 59680 466410 512627 226
Segments uniques restants : 5724 31375 276783 298854 226
Total : 19124 82505 660111 712968 227
Restants : 11225 45302 404045 428728 227
Segments uniques : 9452 60392 471600 518337 227
Segments uniques restants : 5843 32152 282212 304875 227
Statistiques par fichiers :
Nom du fichier Total segments Segments restants Segments uniques Segments uniques restants Total mots Mots restants Mots uniques Mots uniques restants Total caractères (sans espaces) Caractères restants (sans espaces) Caractères uniques (sans espaces) Caractères uniques restants (sans espaces) Total caractères (avec espaces) Caractères restants (avec espaces) Caractères uniques (avec espaces) Caractères uniques restants (avec espaces)
index.html 5 4 4 3 19 18 15 14 165 152 132 119 169 156 134 121
index.html 5 2 4 2 19 10 15 10 165 86 132 86 169 86 134 86
pages/documentation/current/activedirectoryminihowto.html 24 13 23 12 122 31 121 30 975 346 946 317 1057 346 1028 317
pages/documentation/current/applications.html 305 219 128 107 786 686 425 399 7086 6341 3665 3492 7292 6506 3821 3642
pages/documentation/current/applications/adfs.html 32 21 17 16 196 168 156 155 1242 1039 948 936 1380 1165 1074 1062
@ -102,9 +102,9 @@ pages/documentation/current/browseablesessionbackend.html
pages/documentation/current/captcha.html 25 11 15 5 158 44 137 28 929 291 763 165 1048 309 882 183
pages/documentation/current/cda.html 50 23 22 11 267 115 199 82 1866 814 1270 517 2046 878 1436 579
pages/documentation/current/changeconfbackend.html 48 21 32 14 170 45 135 26 1297 484 1074 333 1386 486 1157 333
pages/documentation/current/checkstate.html 35 27 19 18 150 139 115 114 1002 929 715 710 1083 1008 794 789
pages/documentation/current/cli_examples.html 143 128 101 101 1068 1027 943 943 8925 8633 8019 8019 9603 9289 8632 8632
pages/documentation/current/configapache.html 34 19 25 13 194 65 173 49 1383 488 1224 357 1489 519 1330 388
pages/documentation/current/checkstate.html 35 27 20 19 143 132 109 108 965 892 687 682 1039 964 759 754
pages/documentation/current/cli_examples.html 147 132 104 104 1083 1042 956 956 9151 8859 8216 8216 9837 9523 8837 8837
pages/documentation/current/configapache.html 34 20 25 14 195 79 174 63 1388 564 1229 433 1495 607 1336 476
pages/documentation/current/configlocation.html 458 256 333 175 2315 922 2015 754 18830 9254 16323 7600 20637 9844 17969 8112
pages/documentation/current/confignginx.html 49 35 27 20 271 204 215 159 2045 1610 1646 1275 2176 1697 1762 1347
pages/documentation/current/configplack.html 57 54 44 43 264 257 230 226 3771 3711 3497 3452 3922 3862 3648 3603
@ -144,8 +144,8 @@ pages/documentation/current/federationproxy.html
pages/documentation/current/fileconfbackend.html 22 11 9 1 95 27 67 3 769 273 501 33 823 273 555 33
pages/documentation/current/filesessionbackend.html 36 11 19 3 181 27 145 7 1242 291 927 95 1337 291 1021 95
pages/documentation/current/formreplay.html 78 21 45 10 594 50 512 23 3495 510 2839 260 3974 517 3289 267
pages/documentation/current/handlerarch.html 46 41 31 29 149 137 119 111 1122 1010 878 793 1193 1081 949 864
pages/documentation/current/handlerauthbasic.html 64 42 24 18 314 210 230 154 2276 1608 1413 1019 2528 1773 1630 1166
pages/documentation/current/handlerarch.html 46 41 31 29 150 138 120 112 1134 1022 890 805 1206 1094 962 877
pages/documentation/current/handlerauthbasic.html 64 45 24 21 313 278 229 222 2272 1946 1409 1357 2523 2176 1625 1569
pages/documentation/current/header_remote_user_conversion.html 47 27 23 11 275 112 221 75 2300 1266 1689 781 2490 1330 1871 837
pages/documentation/current/highavailability.html 27 13 15 7 135 35 105 19 1075 444 795 309 1147 444 867 309
pages/documentation/current/highperfnginxhandler.html 62 56 38 38 266 249 204 204 2537 2433 2037 2037 2719 2601 2198 2198
@ -186,7 +186,7 @@ pages/documentation/current/mongodbsessionbackend.html
pages/documentation/current/monitoring.html 23 20 13 13 94 88 69 69 676 639 475 475 724 685 521 521
pages/documentation/current/mrtg.html 19 11 8 3 174 27 148 7 1495 211 1299 57 1589 211 1393 57
pages/documentation/current/mysqlminihowto.html 34 19 13 6 131 44 73 13 1074 526 561 179 1134 526 605 179
pages/documentation/current/nodehandler.html 82 73 40 40 330 304 223 223 4095 3913 3159 3159 4316 4113 3313 3313
pages/documentation/current/nodehandler.html 82 74 41 41 330 312 231 231 4096 3965 3211 3211 4317 4173 3373 3373
pages/documentation/current/nosqlsessionbackend.html 37 11 8 1 163 27 63 3 1304 295 491 37 1372 295 535 37
pages/documentation/current/notifications.html 190 69 129 48 1396 389 1247 341 12278 3485 10964 3033 13314 3733 11944 3272
pages/documentation/current/openidconnectclaims.html 80 45 4 4 102 61 10 10 813 577 117 117 820 579 119 119
@ -194,15 +194,16 @@ pages/documentation/current/openidconnectservice.html
pages/documentation/current/parameterlist.html 1452 639 811 606 2519 1894 2122 1814 21860 15624 18229 14937 23380 16839 19521 16130
pages/documentation/current/passwordstore.html 38 16 14 2 186 36 142 4 1183 323 796 37 1314 325 925 37
pages/documentation/current/performances.html 305 199 210 152 1777 917 1356 796 13095 7232 9341 5656 14361 7852 10348 6210
pages/documentation/current/platformsoverview.html 147 140 81 81 606 594 435 435 4732 4655 3087 3087 5047 4966 3377 3377
pages/documentation/current/portal.html 120 71 51 17 488 200 339 83 3942 1978 2442 707 4225 2032 2715 760
pages/documentation/current/portalcustom.html 138 70 99 55 980 503 888 470 6150 3288 5446 2999 6961 3683 6219 3390
pages/documentation/current/portalmenu.html 55 20 33 8 334 129 283 101 2462 952 1973 666 2709 1038 2212 752
pages/documentation/current/portalservers.html 44 34 19 19 145 133 96 96 1160 1061 727 727 1241 1142 798 798
pages/documentation/current/prereq.html 151 95 105 75 528 370 421 319 4153 3146 3366 2726 4416 3342 3601 2914
pages/documentation/current/psgi.html 55 53 28 28 291 288 215 215 1968 1953 1298 1298 2145 2130 1474 1474
pages/documentation/current/psgi.html 73 71 29 29 383 380 212 212 2699 2684 1319 1319 2872 2857 1491 1491
pages/documentation/current/public_pages.html 38 33 21 21 196 187 138 138 1649 1587 1207 1207 1726 1662 1282 1282
pages/documentation/current/rbac.html 87 56 56 42 472 336 389 297 3101 2199 2483 1938 3415 2418 2765 2146
pages/documentation/current/redirections.html 49 20 30 12 476 213 426 193 3170 1556 2790 1380 3562 1710 3164 1534
pages/documentation/current/redirections.html 61 28 37 19 528 254 464 231 3559 1870 3089 1679 3991 2057 3494 1864
pages/documentation/current/register.html 33 27 17 17 193 182 158 158 1148 1064 851 851 1293 1205 992 992
pages/documentation/current/resetpassword.html 72 26 46 12 586 182 528 149 3516 1129 3008 806 3984 1260 3467 937
pages/documentation/current/rest2f.html 57 43 22 22 278 245 149 149 1810 1552 972 972 2008 1732 1092 1092
@ -225,9 +226,9 @@ pages/documentation/current/soapservices.html
pages/documentation/current/soapsessionbackend.html 62 36 23 18 448 307 325 240 3307 2218 2233 1679 3661 2465 2526 1893
pages/documentation/current/sqlconfbackend.html 110 88 69 60 416 349 321 269 4293 3956 3521 3268 4569 4190 3759 3465
pages/documentation/current/sqlsessionbackend.html 136 44 61 21 601 197 387 134 4358 1476 2588 938 4689 1601 2865 1044
pages/documentation/current/ssoaas.html 101 91 36 36 373 339 220 220 2867 2665 1463 1463 3116 2884 1617 1617
pages/documentation/current/ssoaas.html 129 118 54 54 602 570 418 418 4449 4264 2791 2791 4892 4681 3124 3124
pages/documentation/current/ssocookie.html 60 17 32 4 436 67 364 36 2726 520 2204 256 3073 548 2528 284
pages/documentation/current/start.html 893 580 198 141 2107 1521 904 612 19179 14968 6805 4903 19915 15352 7386 5256
pages/documentation/current/start.html 928 599 208 145 2164 1564 932 627 19794 15386 7026 4983 20539 15780 7621 5347
pages/documentation/current/status.html 96 51 48 25 449 204 355 148 3177 1554 2376 1109 3449 1677 2633 1222
pages/documentation/current/totp2f.html 60 56 32 32 430 425 365 365 2853 2812 2152 2152 3201 3160 2491 2491
pages/documentation/current/u2f.html 74 67 35 35 496 482 368 368 3360 3241 2247 2247 3732 3607 2569 2569

4
po-doc/fr/index.html
View File

@ -1,12 +1,12 @@
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>LemonLDAP::NG offline documentation</title>
<title>Documentation hors-ligne de LemonLDAP::NG</title>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css"/>
</head>
<body>
<div class="container text-center">
<h1>LemonLDAP::NG offline documentation</h1>
<h1>Documentation hors-ligne de LemonLDAP::NG</h1>
<hr />
<a href="pages/documentation/current/start.html" class="btn btn-lg btn-primary">Documentation</a>
</div>

4
po-doc/fr/pages/documentation/current/applications/img/icons.png
View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=b1ead7f504050dc6ea4ebced99caf5c1" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=5e53528a309f1afd578fccb6a5f04cf7" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -220,7 +220,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1526412059" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1526585770" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

4
po-doc/fr/pages/documentation/current/applications/img/loader.gif
View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=b1ead7f504050dc6ea4ebced99caf5c1" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=5e53528a309f1afd578fccb6a5f04cf7" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -220,7 +220,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1526412059" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1526585770" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

12
po-doc/fr/pages/documentation/current/checkstate.html
View File

@ -72,25 +72,25 @@ Just enable it in the manager (section “plugins”). You <em class="u">must</e
<p>
When enabled, <code>/checkstate</code> <abbr title="Uniform Resource Locator">URL</abbr> path is handled by this plugin. It can be called only by an unauthenticated request. GET parameters:
When enabled, <code>/checkstate</code> <abbr title="Uniform Resource Locator">URL</abbr> path is handled by this plugin. GET parameters:
</p>
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Parameter </th><th class="col1 leftalign"> </th><th class="col2 centeralign"> Value </th>
<th class="col0 centeralign"> GET Parameter </th><th class="col1 centeralign"> Need </th><th class="col2 centeralign"> Value </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> secret </td><td class="col1 centeralign"> required </td><td class="col2"> Same value as the shared secret given to the manager </td>
<td class="col0 centeralign"> <code>secret</code> </td><td class="col1 centeralign"> required </td><td class="col2"> Same value as the shared secret given to the manager </td>
</tr>
<tr class="row2 roweven">
<td class="col0 centeralign"> user </td><td class="col1 centeralign"> optional </td><td class="col2"> If set (with password), a login/logout process will be tried </td>
<td class="col0 centeralign"> <code>user</code> </td><td class="col1 centeralign"> optional </td><td class="col2" rowspan="2"> If set (with password), a login/logout process will be tried </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> password </td><td class="col1 centeralign"> optional </td><td class="col2 leftalign"> </td>
<td class="col0 centeralign"> <code>password</code> </td><td class="col1 centeralign"> optional </td>
</tr>
</table></div><!-- EDIT4 TABLE [466-693] -->
</table></div><!-- EDIT4 TABLE [413-667] -->
<p>

14
po-doc/fr/pages/documentation/current/cli_examples.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,cli_examples"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="cli_examples.html"/>
@ -333,7 +333,13 @@ In this example we have:
</li>
<li class="level1"><div class="li"> Client secret : testclientsecret</div>
</li>
<li class="level1"><div class="li"> Allowed redirection <abbr title="Uniform Resource Locator">URL</abbr>: <a href="https://testrp.e-serv.ch/?callback=1" class="urlextern" title="https://testrp.e-serv.ch/?callback=1" rel="nofollow">https://testrp.e-serv.ch/?callback=1</a></div>
<li class="level1"><div class="li"> Allowed redirection <abbr title="Uniform Resource Locator">URL</abbr>:</div>
<ul>
<li class="level2"><div class="li"> For login: <a href="https://testrp.example.com/?callback=1" class="urlextern" title="https://testrp.example.com/?callback=1" rel="nofollow">https://testrp.example.com/?callback=1</a></div>
</li>
<li class="level2"><div class="li"> For logout: <a href="https://testrp.example.com/" class="urlextern" title="https://testrp.example.com/" rel="nofollow">https://testrp.example.com/</a></div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> Exported attributes:</div>
<ul>
@ -360,12 +366,12 @@ In this example we have:
<li class="level1"><div class="li"> Redirection:</div>
</li>
</ul>
<pre class="code">/usr/share/lemonldap-ng/bin/lemonldap-ng-cli -yes 1 addKey oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsRedirectUris 'https://testrp.e-serv.ch/?callback=1'</pre>
<pre class="code">/usr/share/lemonldap-ng/bin/lemonldap-ng-cli -yes 1 addKey oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsRedirectUris 'https://testrp.example.com/?callback=1' oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsPostLogoutRedirectUris 'https://testrp.example.com/'</pre>
<ul>
<li class="level1"><div class="li"> Signature and token expiration:</div>
</li>
</ul>
<pre class="code">/usr/share/lemonldap-ng/bin/lemonldap-ng-cli -yes 1 addKey oidcRPMetaDataOptions/idm oidcRPMetaDataOptionsIDTokenSignAlg RS512 oidcRPMetaDataOptions/idm oidcRPMetaDataOptionsIDTokenExpiration 3600 oidcRPMetaDataOptions/idm oidcRPMetaDataOptionsAccessTokenExpiration 3600</pre>
<pre class="code">/usr/share/lemonldap-ng/bin/lemonldap-ng-cli -yes 1 addKey oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsIDTokenSignAlg RS512 oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsIDTokenExpiration 3600 oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsAccessTokenExpiration 3600</pre>
</div><!-- EDIT9 SECTION "Register an OpenID Connect Relying Party" [7670-] -->
</div>

13
po-doc/fr/pages/documentation/current/configapache.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,configapache"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="configapache.html"/>
@ -47,13 +47,14 @@
<h1 class="sectionedit1" id="deploy_apache_configuration">Deployer la configuration Apache</h1>
<div class="level1">
<div class="noteclassic">Cette étape est effectuée automatiquement lorsqu'on installe <abbr title="LemonLDAP::NG">LL::NG</abbr> avec les packages.
<div class="noteclassic">This step should have been already done if you installed <abbr title="LemonLDAP::NG">LL::NG</abbr> with packages.
</div>
</div><!-- EDIT1 SECTION "Deploy Apache configuration" [1-131] -->
</div><!-- EDIT1 SECTION "Deploy Apache configuration" [1-136] -->
<h2 class="sectionedit2" id="files">Fichiers</h2>
<div class="level2">
<div class="noteimportant">Apache-ModPerl is no longer usable since version 2.4 <em>(many segfaults,…)</em>. No problem for portal and manager since they are now handle by FastCGI.
<div class="noteimportant">Apache-ModPerl is no longer usable since 2.4 version <em>(many segfaults,…)</em>. No problem for portal and manager since they are now handled by FastCGI.
<p>
<strong>But for handlers, please use <a href="confignginx.html" class="wikilink1" title="documentation:2.0:confignginx">Nginx</a> !</strong>
@ -83,7 +84,7 @@ a2ensite handler-apache2.conf
a2ensite test-apache2.conf</pre>
</div>
</div><!-- EDIT2 SECTION "Files" [132-1156] -->
</div><!-- EDIT2 SECTION "Files" [137-1162] -->
<h2 class="sectionedit3" id="modules">Modules</h2>
<div class="level2">
@ -105,7 +106,7 @@ Il faut également charger quelques modules Apache :
<pre class="code">a2enmod fcgid perl alias rewrite</pre>
</div>
</div><!-- EDIT3 SECTION "Modules" [1157-] -->
</div><!-- EDIT3 SECTION "Modules" [1163-] -->
</div>
</body>
</html>

12
po-doc/fr/pages/documentation/current/handlerarch.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,handlerarch"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="handlerarch.html"/>
@ -45,7 +45,7 @@
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="handler_architecture">Handler architecture</h1>
<h1 class="sectionedit1" id="handler_libraries_architecture">Handler libraries architecture</h1>
<div class="level1">
<p>
@ -54,7 +54,7 @@ Handlers are build on rows of modules:
</p>
<ul>
<li class="level1"><div class="li"> Applications or launchers that get the request and choose the good type <em>(Main, AuthBasic, ZimbraPreAuth,…)</em> and launch it <em>(may not inherits of other Handler::* modules)</em></div>
<li class="level1"><div class="li"> Applications or launchers that get the request and choose the right type <em>(Main, AuthBasic, ZimbraPreAuth,…)</em> and launch it <em>(may not inherits from other Handler::* modules)</em></div>
</li>
<li class="level1"><div class="li"> Wrappers that call “type” library and platform “Main” <em>(may all inherits from Platform::Main)</em></div>
</li>
@ -64,7 +64,7 @@ Handlers are build on rows of modules:
</li>
</ul>
</div><!-- EDIT1 SECTION "Handler architecture" [1-452] -->
</div><!-- EDIT1 SECTION "Handler libraries architecture" [1-465] -->
<h2 class="sectionedit2" id="overview_of_handler_packages">Overview of Handler packages</h2>
<div class="level2">
@ -86,7 +86,7 @@ Handlers are build on rows of modules:
<tr class="row4 roweven">
<td class="col0 centeralign" colspan="2"> PSGI </td><td class="col2 centeralign"> PSGI::&lt;type&gt; </td>
</tr>
</table></div><!-- EDIT3 TABLE [495-753] -->
</table></div><!-- EDIT3 TABLE [508-766] -->
<p>
@ -106,7 +106,7 @@ Types are:
</li>
</ul>
</div><!-- EDIT2 SECTION "Overview of Handler packages" [453-] -->
</div><!-- EDIT2 SECTION "Overview of Handler packages" [466-] -->
</div>
</body>
</html>

25
po-doc/fr/pages/documentation/current/handlerauthbasic.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,handlerauthbasic"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="handlerauthbasic.html"/>
@ -71,23 +71,30 @@
<div class="level2">
<p>
L'agent AuthBasic est un agent spécial qui utilise l'authentification web basique pour authentifier dans un hôte virtuel et qui utilise ensuite les règles d'autorisation pour valider les accès à l'hôte virtuel.
The AuthBasic Handler is a special Handler that will use AuthBasic to authenticate to a virtual host, and then run authorization rules to allow access to the virtual
host.
</p>
<p>
The Handler will send a WWW-Authenticate header to the client, to request user and password, and then check the credentials using REST web service (you must enable REST session service in the manager). Lorsque la session est validée, l'agent examine les autorisations comme un agent standard.
The Handler will send a WWW-Authenticate header to the client, to request user and password, and then check the credentials using REST web service (you must enable REST session service in the manager). Then, when session is granted, the Handler will check authorizations like the standard Handler.
</p>
<p>
Ce peut être pratique pour autoriser une application cliente à accéder à un hôte virtuel avec un authentifiant en envoyant un en-tête basique.
This can be useful to allow a third party application to access a virtual host with users credentials by sending a Basic challenge to it.
</p>
</div><!-- EDIT2 SECTION "Presentation" [34-677] -->
</div><!-- EDIT2 SECTION "Presentation" [34-672] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Configuration" [678-704] -->
</div><!-- EDIT3 SECTION "Configuration" [673-699] -->
<h3 class="sectionedit4" id="virtual_host">Hôte virtuel</h3>
<div class="level3">
@ -110,7 +117,7 @@ If you want to protect only a virtualHost part, keep type on “Main” and set
</li>
</ul>
</div><!-- EDIT4 SECTION "Virtual host" [705-1095] -->
</div><!-- EDIT4 SECTION "Virtual host" [700-1090] -->
<h3 class="sectionedit5" id="nginx">Nginx</h3>
<div class="level3">
@ -149,7 +156,7 @@ location / {
...
}</pre>
</div><!-- EDIT5 SECTION "Nginx" [1096-2119] -->
</div><!-- EDIT5 SECTION "Nginx" [1091-2114] -->
<h3 class="sectionedit6" id="handler_parameters">Paramètres de l'agent</h3>
<div class="level3">
@ -158,7 +165,7 @@ location / {
Aucun paramètres n'est requis. But you have to allow sessions web services, see <a href="restsessionbackend.html" class="wikilink1" title="documentation:2.0:restsessionbackend">REST sessions backend</a>.
</p>
</div><!-- EDIT6 SECTION "Handler parameters" [2120-] -->
</div><!-- EDIT6 SECTION "Handler parameters" [2115-] -->
</div>
</body>
</html>

2
po-doc/fr/pages/documentation/current/logs.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,logs"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="logs.html"/>

10
po-doc/fr/pages/documentation/current/nodehandler.html
View File

@ -94,14 +94,14 @@ Up-to-date documentation is available on GitHub.
</li>
<li class="level1"><div class="li"> Multi-lines are not supported in lemonldap-ng.ini</div>
</li>
<li class="level1"><div class="li"> Virtualhosts handled by node-lemonldap-ng-handler must be explicitly declared in you <code>lemonldap-ng.ini</code> file in <code>[node-handler]</code> section <em>(<strong>NB</strong>: section <code>[handler]</code> isn't used by node handler)</em>:</div>
<li class="level1"><div class="li"> Virtualhosts handled by node-lemonldap-ng-handler must be explicitly declared in your <code>lemonldap-ng.ini</code> file in <code>[node-handler]</code> section <em>(<strong>NB</strong>: section <code>[handler]</code> isn't used by node handler)</em>:</div>
</li>
</ul>
<pre class="code ini"><span class="re0"><span class="br0">[</span>node-handler<span class="br0">]</span></span>
&nbsp;
<span class="re1">nodeVhosts</span> <span class="sy0">=</span><span class="re2"> test.example.com, test2.example.com</span></pre>
</div><!-- EDIT2 SECTION "Examples" [210-730] -->
</div><!-- EDIT2 SECTION "Examples" [210-731] -->
<h3 class="sectionedit3" id="use_it_as_fastcgi_server_application_protection_only">Use it as FastCGI server (application protection only)</h3>
<div class="level3">
@ -148,7 +148,7 @@ handler.<span class="me1">nginxServer</span><span class="br0">(</span><span clas
# Conserver le nom d'hôte original
fastcgi_param HOST $http_host;
&nbsp;
# Conserver la requête originale (le serveur LLNG va recevoir /llauth)
# Keep original request (LLNG server will received /lmauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
&nbsp;
@ -163,7 +163,7 @@ handler.<span class="me1">nginxServer</span><span class="br0">(</span><span clas
}</pre>
</dd></dl>
</div><!-- EDIT3 SECTION "Use it as FastCGI server (application protection only)" [731-1912] -->
</div><!-- EDIT3 SECTION "Use it as FastCGI server (application protection only)" [732-1913] -->
<h3 class="sectionedit4" id="use_it_to_protect_an_express_app">Use it to protect an express app</h3>
<div class="level3">
@ -193,7 +193,7 @@ app.<span class="me1">listen</span><span class="br0">(</span><span class="nu0">3
<span class="br0">}</span><span class="br0">)</span><span class="sy0">;</span></pre>
</dd></dl>
</div><!-- EDIT4 SECTION "Use it to protect an express app" [1913-] -->
</div><!-- EDIT4 SECTION "Use it to protect an express app" [1914-] -->
</div>
</body>
</html>

2
po-doc/fr/pages/documentation/current/parameterlist.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,parameterlist"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="parameterlist.html"/>

247
po-doc/fr/pages/documentation/current/platformsoverview.html Normal file
View File

@ -0,0 +1,247 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:platformsoverview</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,platformsoverview"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="platformsoverview.html"/>
<link rel="contents" href="platformsoverview.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:platformsoverview","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#portalmanager_installation">Portal/Manager installation</a></div></li>
<li class="level1"><div class="li"><a href="#application_protection_overview">Application protection overview</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#handler_integration">Handler integration</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#direct_application_mode">Direct Application Mode</a></div></li>
<li class="level3"><div class="li"><a href="#reverseproxy_mode">ReverseProxy Mode</a></div></li>
</ul>
</li>
<li class="level2"><div class="li"><a href="#external_servers_for_nginx">External servers for Nginx</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#fastcgi">FastCGI</a></div></li>
<li class="level3"><div class="li"><a href="#uwsgi">uWSGI</a></div></li>
</ul></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="platforms_overview">Platforms overview</h1>
<div class="level1">
<p>
LLNG is able to use different web servers to provide its services. Here is a resume of all possibilities. We recommend:
</p>
<ul>
<li class="level1"><div class="li"> For installations subject to small/medium load: Nginx with our default FastCGI server, or Apache <em>(with mpm_prefork engine)</em></div>
</li>
<li class="level1"><div class="li"> For heavily loaded installation: Nginx. The choice for <a href="#external_servers_for_nginx" title="documentation:2.0:platformsoverview ↵" class="wikilink1">FastCGI server engine</a> depends on the behavior of your users</div>
</li>
</ul>
</div><!-- EDIT1 SECTION "Platforms overview" [1-437] -->
<h2 class="sectionedit2" id="portalmanager_installation">Portal/Manager installation</h2>
<div class="level2">
<p>
Since 2.0, both portal and manager are native FastCGI applications. They can be used on any web server that can dial with a FastCGI server. Quelques exemples:
</p>
<div class="table sectionedit3"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> </th><th class="col1 centeralign" colspan="2"> Apache </th><th class="col3 centeralign"> Nginx </th><th class="col4 centeralign"> Plack servers family </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <strong>Engines</strong> </td><td class="col1 centeralign" colspan="2"> <a href="https://httpd.apache.org/mod_fcgid/" class="urlextern" title="https://httpd.apache.org/mod_fcgid/" rel="nofollow">mod_fcgid</a> or <a href="http://www.fastcgi.com/" class="urlextern" title="http://www.fastcgi.com/" rel="nofollow">mod_fastcgi</a> </td><td class="col3 centeralign"> <a href="#external_servers_for_nginx" title="documentation:2.0:platformsoverview ↵" class="wikilink1">FastCGI/uWSGI server</a> </td><td class="col4 centeralign"> Any <a href="https://plackperl.org" class="urlextern" title="https://plackperl.org" rel="nofollow">Plack HTTP server</a> <em>(see <a href="configplack.html" class="wikilink1" title="documentation:2.0:configplack">our doc</a>)</em> </td>
</tr>
<tr class="row2 roweven">
<td class="col0 centeralign"> <strong>Link with webserver process</strong> </td><td class="col1 centeralign"> External processes managed by webserver <em>(default)</em> </td><td class="col2 centeralign"> External <a href="#external_servers_for_nginx" title="documentation:2.0:platformsoverview ↵" class="wikilink1">LLNG server</a> </td><td class="col3 centeralign"> External <a href="#external_servers_for_nginx" title="documentation:2.0:platformsoverview ↵" class="wikilink1">LLNG server</a> </td><td class="col4 centeralign"> <a href="configplack.html" class="wikilink1" title="documentation:2.0:configplack">Inside</a> </td>
</tr>
</table></div><!-- EDIT3 TABLE [635-1181] -->
</div><!-- EDIT2 SECTION "Portal/Manager installation" [438-1182] -->
<h2 class="sectionedit4" id="application_protection_overview">Application protection overview</h2>
<div class="level2">
<p>
Applications can be protected:
</p>
<ul>
<li class="level1"><div class="li"> by a LLNG handler</div>
</li>
<li class="level1"><div class="li"> by themselves if they can dial with a supported protocol (<abbr title="Security Assertion Markup Language">SAML</abbr>, OpenID-Connect,…)</div>
</li>
</ul>
<p>
To protect applications with handler, LLNG can be used in two mode:
</p>
<ul>
<li class="level1"><div class="li"> Direct Application Mode : LLNG handler is an embedded application. Handler must be installed on application Web Server</div>
</li>
<li class="level1"><div class="li"> ReverseProxy Mode : applications are hidden behind a ReverseProxy which provides the required LLNG handler</div>
</li>
</ul>
</div><!-- EDIT4 SECTION "Application protection overview" [1183-1672] -->
<h3 class="sectionedit5" id="handler_integration">Handler integration</h3>
<div class="level3">
</div>
<h4 id="direct_application_mode">Direct Application Mode</h4>
<div class="level4">
<p>
LLNG handlers can be installed on the following web servers:
</p>
<div class="table sectionedit6"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 leftalign"> </th><th class="col1 centeralign"> Apache </th><th class="col2 centeralign"> Nginx </th><th class="col3 centeralign"> Plack servers family </th><th class="col4 centeralign"> Node.js </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <strong>Addon needed</strong> </td><td class="col1 centeralign"> ModPerl </td><td class="col2 leftalign"> </td><td class="col3 leftalign"> </td><td class="col4 centeralign"> Express </td>
</tr>
<tr class="row2 roweven">
<td class="col0 centeralign"> <strong>LLNG integration in webserver</strong> </td><td class="col1 centeralign"> <a href="configvhost.html#apache_configuration" class="wikilink1" title="documentation:2.0:configvhost">Inside</a> </td><td class="col2 centeralign"> Separate process: <a href="#external_servers_for_nginx" title="documentation:2.0:platformsoverview ↵" class="wikilink1">External LLNG FastCGI/uWSGI servers</a> <em>(auth_request)</em> </td><td class="col3 centeralign"> <a href="configplack.html" class="wikilink1" title="documentation:2.0:configplack">Inside</a> </td><td class="col4 centeralign"> <a href="https://github.com/LemonLDAPNG/node-lemonldap-ng-handler#express-app" class="urlextern" title="https://github.com/LemonLDAPNG/node-lemonldap-ng-handler#express-app" rel="nofollow">Inside</a> </td>
</tr>
</table></div><!-- EDIT6 TABLE [1799-2271] -->
</div>
<h4 id="reverseproxy_mode">ReverseProxy Mode</h4>
<div class="level4">
<div class="table sectionedit7"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 leftalign"> </th><th class="col1 centeralign"> Apache </th><th class="col2 centeralign"> Nginx </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <strong>LLNG integration in ReverseProxy webserver</strong> </td><td class="col1 centeralign"> <a href="configvhost.html#apache_configuration" class="wikilink1" title="documentation:2.0:configvhost">Inside</a> </td><td class="col2 centeralign"> Separate process: <a href="#external_servers_for_nginx" title="documentation:2.0:platformsoverview ↵" class="wikilink1">External LLNG FastCGI/uWSGI servers</a> </td>
</tr>
</table></div><!-- EDIT7 TABLE [2299-2536] -->
</div><!-- EDIT5 SECTION "Handler integration" [1673-2538] -->
<h3 class="sectionedit8" id="external_servers_for_nginx">External servers for Nginx</h3>
<div class="level3">
<p>
Natively, Nginx supportes FastCGI and uWSGI protocoles.
</p>
<p>
Therefore, LLNG services can be provided by compatible external servers.
</p>
<div class="notetip">FastCGI or uWSGI server(s) can be installed on separate hosts. Also you can imagine a global cloud-FastCGI/uWSGI-service for all your Nginx servers. See <a href="ssoaas.html" class="wikilink1" title="documentation:2.0:ssoaas">SSO as a service (SSOaaS)</a> for more.
</div>
</div>
<h4 id="fastcgi">FastCGI</h4>
<div class="level4">
<p>
By default, LLNG provides a Plack based FastCGI server able to afford all LLNG services using <a href="https://metacpan.org/pod/Plack::Handler::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI" rel="nofollow">FCGI</a> engine <strong>(default)</strong>.
</p>
<p>
However, you can use some other FastCGI server engines:
</p>
<ul>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" rel="nofollow">AnyEvent::FCGI</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::EV" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::EV" rel="nofollow">FCGI::EV</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" rel="nofollow">FCGI::Engine</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" rel="nofollow">FCGI::Engine::ProcManager</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Async" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Async" rel="nofollow">FCGI::Async</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://github.com/LemonLDAPNG/node-lemonldap-ng-handler#nginx-authorization-server" class="urlextern" title="https://github.com/LemonLDAPNG/node-lemonldap-ng-handler#nginx-authorization-server" rel="nofollow">LLNG FastCGI server for Node.js</a>(*)</div>
</li>
</ul>
<div class="notewarning">(*) LLNG Node.js handler can be used only as Nginx `auth_request` server, not to serve Portal or Manager
</div>
</div>
<h4 id="uwsgi">uWSGI</h4>
<div class="level4">
<ul>
<li class="level1"><div class="li"> uWSGI server <em>(with uwsgi PSGI plugin, see <a href="psgi.html" class="wikilink1" title="documentation:2.0:psgi">Advanced PSGI usage</a>)</em></div>
</li>
</ul>
</div><!-- EDIT8 SECTION "External servers for Nginx" [2539-] -->
</div>
</body>
</html>

26
po-doc/fr/pages/documentation/current/psgi.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,psgi"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="psgi.html"/>
@ -70,11 +70,11 @@ LLNG is build on <a href="http://plackperl.org/" class="urlextern" title="http:/
<p>
uWSGI and <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js handler</a> may provide the highest performance.
uWSGI or <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js FastCGI server</a> may provide the highest performance.
</p>
</div><!-- EDIT1 SECTION "Advanced PSGI usage" [1-629] -->
</div><!-- EDIT1 SECTION "Advanced PSGI usage" [1-635] -->
<h2 class="sectionedit2" id="fastcgi_server_replacement">FastCGI server replacement</h2>
<div class="level2">
@ -85,9 +85,21 @@ A <code>llng-server.psgi</code> is provided in example directory. It is designed
</p>
<ul>
<li class="level1"><div class="li"> with a FCGI Plack server, but you just have to change llng-fastcgi-server engine <em>(in /etc/default/llng-fastcgi-server)</em> to have the same result</div>
<li class="level1"><div class="li"> with a FCGI Plack server, but you just have to change llng-fastcgi-server engine <em>(in /etc/default/llng-fastcgi-server)</em> to have the same result. Available engines:</div>
<ul>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI" rel="nofollow">FCGI</a> <strong>(default)</strong></div>
</li>
<li class="level1"><div class="li"> with a HTTP Plack server, not yet tested</div>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" rel="nofollow">AnyEvent::FCGI</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::EV" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::EV" rel="nofollow">FCGI::EV</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" rel="nofollow">FCGI::Engine</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" rel="nofollow">FCGI::Engine::ProcManager</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Async" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Async" rel="nofollow">FCGI::Async</a></div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> with uWSGI <em><strong>(see below)</strong></em></div>
</li>
@ -112,7 +124,7 @@ There are also some other psgi files in examples directory.
See also <a href="highperfnginxhandler.html" class="wikilink1" title="documentation:2.0:highperfnginxhandler">High performance handler for Nginx</a>
</p>
</div><!-- EDIT2 SECTION "FastCGI server replacement" [630-1417] -->
</div><!-- EDIT2 SECTION "FastCGI server replacement" [636-1878] -->
<h3 class="sectionedit3" id="using_uwsgi">Using uWSGI</h3>
<div class="level3">
@ -130,7 +142,7 @@ You will find in LLNG Nginx configuration files some comments that explain how t
</p>
</div><!-- EDIT3 SECTION "Using uWSGI" [1418-] -->
</div><!-- EDIT3 SECTION "Using uWSGI" [1879-] -->
</div>
</body>
</html>

50
po-doc/fr/pages/documentation/current/redirections.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,redirections"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="redirections.html"/>
@ -43,16 +43,38 @@
</head>
<body>
<div class="dokuwiki export container">
<div class="dokuwiki export container"><!-- TOC START -->
<h1 class="sectionedit1" id="handler_redirections">Redirections des agents</h1>
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#handler_redirections">Redirections des agents</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#protocol_and_port">Protocole et port</a></div></li>
<li class="level2"><div class="li"><a href="#forbidden_and_server_error">Accès interdits et erreurs du serveur</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#portal_redirections">Redirections du portail</a></div></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="redirections">Redirections</h1>
<div class="level1">
</div><!-- EDIT1 SECTION "Redirections" [1-28] -->
<h2 class="sectionedit2" id="handler_redirections">Redirections des agents</h2>
<div class="level2">
<div class="noteclassic">Lorsqu'un utilisateur accède à un agent sans cookie, il est redirigé vers le portail, et l'<abbr title="Uniform Resource Locator">URL</abbr> cible est encodée dans l'<abbr title="Uniform Resource Locator">URL</abbr> de redirection (pour rediriger l'utilisateur après authentification).
</div>
</div><!-- EDIT1 SECTION "Handler Redirections" [1-223] -->
</div><!-- EDIT2 SECTION "Handler Redirections" [29-249] -->
<h2 class="sectionedit2" id="protocol_and_port">Protocole et port</h2>
<div class="level2">
<h3 class="sectionedit3" id="protocol_and_port">Protocole et port</h3>
<div class="level3">
<p>
Pour encoder l'<abbr title="Uniform Resource Locator">URL</abbr> de redirection, l'agent utilise des variables d'environnement Apache et des paramètres de configuration :
@ -70,10 +92,10 @@ Cesparamètres peuvent être configurés dans le manager, dans <code>Paramètres
<div class="notetip">These settings can be overridden per virtual host, see <a href="configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">virtual host management</a>.
</div>
</div><!-- EDIT2 SECTION "Protocol and port" [224-732] -->
</div><!-- EDIT3 SECTION "Protocol and port" [250-756] -->
<h2 class="sectionedit3" id="forbidden_and_server_error">Accès interdits et erreurs du serveur</h2>
<div class="level2">
<h3 class="sectionedit4" id="forbidden_and_server_error">Accès interdits et erreurs du serveur</h3>
<div class="level3">
<p>
Les agents utilisent le code d'erreur d'Apache dans les cas suivants :
@ -121,19 +143,21 @@ Ces paramètres peuvent être configurés dans le manager, dans <code>Paramètre
</li>
</ul>
</div><!-- EDIT3 SECTION "Forbidden and Server error" [733-2104] -->
</div><!-- EDIT4 SECTION "Forbidden and Server error" [757-2126] -->
<h1 class="sectionedit4" id="portal_redirections">Redirections du portail</h1>
<div class="level1">
<h2 class="sectionedit5" id="portal_redirections">Redirections du portail</h2>
<div class="level2">
<div class="noteclassic">Si un utilisateur est redirigé depuis un agent vers le portail pour s'authentifier et s'il est déjà authentifié, le portail le redirige vers l'<abbr title="Uniform Resource Locator">URL</abbr> de redirection.
</div><ul>
<li class="level1"><div class="li"> <strong>Redirection message</strong>: The redirection from portal can be done either with code 303 (See Other), or with a JavaScript redirection. Souvent la redirection prend du temps car c'est le premier accès de l'utilisateur à l'application protégée et il faut créer la session applicative ; la redirection JavaScript améliore le ressenti utilisateur en l'informant que l'authentification est réussie et en évitant qu'il clique de nouveau sur le bouton.</div>
</li>
<li class="level1"><div class="li"> <strong>Keep redirections for Ajax</strong>: By default, when an Ajax request is done on the portal for an unauthenticated user (after a redirection done by the handler), a 401 code will be sentwith a <code>WWW-Authenticate</code> header containing “<abbr title="Authentification unique (Single Sign On)">SSO</abbr> &lt;portal-<abbr title="Uniform Resource Locator">URL</abbr>&gt;”. Set this option to 1 to keep the old behavior (return of <abbr title="HyperText Markup Language">HTML</abbr> code).</div>
</li>
<li class="level1"><div class="li"> <strong>Skip re-auth confirmation</strong>: by default, when re-authentication is needed, a confirmation screen is displayed to let user accept the re-authentication. If you enable this option, user will be directly redirected to login page.</div>
</li>
</ul>
</div><!-- EDIT4 SECTION "Portal Redirections" [2105-] -->
</div><!-- EDIT5 SECTION "Portal Redirections" [2127-] -->
</div>
</body>
</html>

4
po-doc/fr/pages/documentation/current/restserverplugin
View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/restserverplugin?do=login&amp;sectok=b1ead7f504050dc6ea4ebced99caf5c1" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/restserverplugin?do=login&amp;sectok=5e53528a309f1afd578fccb6a5f04cf7" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -220,7 +220,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Arestserverplugin&amp;1526412078" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Arestserverplugin&amp;1526585789" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

66
po-doc/fr/pages/documentation/current/ssoaas.html
View File

@ -43,21 +43,69 @@
</head>
<body>
<div class="dokuwiki export container">
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#our_concept_of_ssoaas">Our concept of SSOaaS</a></div></li>
<li class="level1"><div class="li"><a href="#using_front_reverse-proxies">Using front reverse-proxies</a></div></li>
<li class="level1"><div class="li"><a href="#using_a_global_fastcgi_or_uwsgi_server">Using a global FastCGI (or uWSGI) server</a></div></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="sso_as_a_service_ssoaas">SSO as a service (SSOaaS)</h1>
<div class="level1">
</div><!-- EDIT1 SECTION "SSO as a service (SSOaaS)" [1-41] -->
<h2 class="sectionedit2" id="our_concept_of_ssoaas">Our concept of SSOaaS</h2>
<div class="level2">
<p>
LLNG provides some features that can be used to provide <abbr title="Authentification unique (Single Sign On)">SSO</abbr> as a service. Two possibility to do it:
Access management provides 3 services:
</p>
<ul>
<li class="level1"><div class="li"> Using front reverse-proxies</div>
<li class="level1"><div class="li"> Global authentication: Single-Sign-On</div>
</li>
<li class="level1"><div class="li"> Authorization check: authentication isn't enough, user rights mus be checked</div>
</li>
<li class="level1"><div class="li"> Accounting: <abbr title="Authentification unique (Single Sign On)">SSO</abbr> logs + application logs <em>(transactions and results)</em></div>
</li>
</ul>
<p>
LLNG provides all these services (except application logs of course, but headers are provided to permit this). Headers is another LLNG service: LLNG can provide any user attributes to the application <em>(see <a href="writingrulesand_headers.html" class="wikilink1" title="documentation:2.0:writingrulesand_headers">Rules and headers</a>)</em>
</p>
<p>
<code>*aaS</code> means that application can drive undelying layer (IaaS for infrastructure, PaaS for platform,…). So for us, <code>SSOaaS</code> must provide the ability for an app to manage authorizations and to get user attributes. Authentication can't be really “*aaS”: app must not drive it, only consumes it.
</p>
<p>
LLNG provides some features that can be used to provide <abbr title="Authentification unique (Single Sign On)">SSO</abbr> as a service: a web application can drive its rules and headers. Docker or VM images (Nginx only) includes LLNG Nginx configuration that points to a global <a href="platformsoverview.html#external_servers_for_nginx" class="wikilink1" title="documentation:2.0:platformsoverview">LLNG authorization server</a>. By default, all authenticated users can access and one header is set: <code>Auth-User</code>. If application gives a RULES_<abbr title="Uniform Resource Locator">URL</abbr> parameter that points to a JSON file, authorization server will read it and apply given rules and set asked headers <em>(see <a href="devopshandler.html" class="wikilink1" title="documentation:2.0:devopshandler">DevOps Handler</a>)</em>.
</p>
<p>
Two architectures to do it:
</p>
<ul>
<li class="level1"><div class="li"> Using a global FastCGI (or uWSGI) server</div>
</li>
<li class="level1"><div class="li"> Using front reverse-proxies <em>(some cloud installation use reverse-proxies in front of the cloud)</em></div>
</li>
</ul>
<p>
@ -66,9 +114,9 @@ In both case, Handler type must be set to <a href="devopshandler.html" class="wi
</p>
</div><!-- EDIT1 SECTION "SSO as a service (SSOaaS)" [1-288] -->
</div><!-- EDIT2 SECTION "Our concept of SSOaaS" [42-1689] -->
<h2 class="sectionedit2" id="using_front_reverse-proxies">Using front reverse-proxies</h2>
<h2 class="sectionedit3" id="using_front_reverse-proxies">Using front reverse-proxies</h2>
<div class="level2">
<p>
@ -103,7 +151,7 @@ This configuration handles <code>*.dev.sso.my.domain</code> services and forward
fastcgi_param CONTENT_LENGTH "";
# Conserver le nom d'hôte original
fastcgi_param HOST $http_host;
# Conserver la requête originale (le serveur LLNG va recevoir /llauth)
# Keep original request (LLNG server will received /lmauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
location /rules.json {
@ -122,9 +170,9 @@ This configuration handles <code>*.dev.sso.my.domain</code> services and forward
}</pre>
</dd></dl>
</div><!-- EDIT2 SECTION "Using front reverse-proxies" [289-1765] -->
</div><!-- EDIT3 SECTION "Using front reverse-proxies" [1690-3166] -->
<h2 class="sectionedit3" id="using_a_global_fastcgi_or_uwsgi_server">Using a global FastCGI (or uWSGI) server</h2>
<h2 class="sectionedit4" id="using_a_global_fastcgi_or_uwsgi_server">Using a global FastCGI (or uWSGI) server</h2>
<div class="level2">
<p>
@ -175,7 +223,7 @@ In this example, web server templates (Nginx only) are configured to ask authori
}</pre>
</dd></dl>
</div><!-- EDIT3 SECTION "Using a global FastCGI (or uWSGI) server" [1766-] -->
</div><!-- EDIT4 SECTION "Using a global FastCGI (or uWSGI) server" [3167-] -->
</div>
</body>
</html>

128
po-doc/fr/pages/documentation/current/start.html
View File

@ -50,6 +50,7 @@
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#installation">Installation</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#before_installation">Before installation</a></div></li>
@ -95,12 +96,27 @@
</div><!-- EDIT1 SECTION "Documentation for LemonLDAP::NG 2.0" [1-51] -->
<h2 class="sectionedit2" id="installation">Installation</h2>
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> <a href="documentation/presentation.html" class="wikilink1" title="documentation:presentation">Présentation</a></div>
</li>
<li class="level1"><div class="li"> <a href="documentation/features.html" class="wikilink1" title="documentation:features">Fonctionnalités principales</a></div>
</li>
<li class="level1"><div class="li"> <a href="documentation/quickstart.html" class="wikilink1" title="documentation:quickstart">Tutoriel rapide</a></div>
</li>
<li class="level1"><div class="li"> <a href="platformsoverview.html" class="wikilink1" title="documentation:2.0:platformsoverview">Choose a platform</a></div>
</li>
</ul>
</div><!-- EDIT2 SECTION "Présentation" [52-270] -->
<h2 class="sectionedit3" id="installation">Installation</h2>
<div class="level2">
</div><!-- EDIT2 SECTION "Installation" [52-77] -->
</div><!-- EDIT3 SECTION "Installation" [271-296] -->
<h3 class="sectionedit3" id="before_installation">Before installation</h3>
<h3 class="sectionedit4" id="before_installation">Before installation</h3>
<div class="level3">
<p>
@ -119,9 +135,9 @@
</div></div>
</p>
</div><!-- EDIT3 SECTION "Before installation" [78-342] -->
</div><!-- EDIT4 SECTION "Before installation" [297-561] -->
<h3 class="sectionedit4" id="installation1">Installation</h3>
<h3 class="sectionedit5" id="installation1">Installation</h3>
<div class="level3">
<p>
@ -148,9 +164,9 @@
</div></div>
</p>
</div><!-- EDIT4 SECTION "Installation" [343-885] -->
</div><!-- EDIT5 SECTION "Installation" [562-1104] -->
<h3 class="sectionedit5" id="after_installation">After installation</h3>
<h3 class="sectionedit6" id="after_installation">After installation</h3>
<div class="level3">
<p>
@ -163,7 +179,7 @@
</li>
<li class="level1"><div class="li"> <a href="configapache.html" class="wikilink1" title="documentation:2.0:configapache">Deployer la configuration Apache</a></div>
</li>
<li class="level1"><div class="li"> <a href="configplack.html" class="wikilink1" title="documentation:2.0:configplack">Deploy LemonLDAP::NG on Plack servers family</a> <em>(Twiggy, Starman, Corona,…)</em></div>
<li class="level1"><div class="li"> <a href="configplack.html" class="wikilink1" title="documentation:2.0:configplack">Deploy LemonLDAP::NG on Plack servers family</a> <em>(Twiggy, Starman, Corona,…)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a></div>
</li>
</ul>
@ -171,14 +187,14 @@
</div></div>
</p>
</div><!-- EDIT5 SECTION "After installation" [886-1296] -->
</div><!-- EDIT6 SECTION "After installation" [1105-1538] -->
<h2 class="sectionedit6" id="configuration">Configuration</h2>
<h2 class="sectionedit7" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT6 SECTION "Configuration" [1297-1323] -->
</div><!-- EDIT7 SECTION "Configuration" [1539-1565] -->
<h3 class="sectionedit7" id="first_steps">Premiers pas</h3>
<h3 class="sectionedit8" id="first_steps">Premiers pas</h3>
<div class="level3">
<p>
@ -205,9 +221,9 @@
</div></div>
</p>
</div><!-- EDIT7 SECTION "First steps" [1324-1783] -->
</div><!-- EDIT8 SECTION "First steps" [1566-2025] -->
<h3 class="sectionedit8" id="portal">Portail</h3>
<h3 class="sectionedit9" id="portal">Portail</h3>
<div class="level3">
<p>
@ -244,7 +260,7 @@
<a href="icons/gpg.png_documentation_2.0_start.html" class="media" title="icons:gpg.png"><img src="icons/gpg.png" class="media" alt="" /></a>
</div><div class="col-md-11">
</p>
<div class="table sectionedit9"><table class="inline table table-bordered table-striped">
<div class="table sectionedit10"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> Official Backends </th><th class="col1 centeralign"> Authentification </th><th class="col2 centeralign"> Utilisateurs </th><th class="col3 centeralign"> Mot-de-passe </th>
@ -364,7 +380,7 @@
<tr class="row38 roweven">
<td class="col0"> <a href="autosignin.html" class="wikilink1" title="documentation:2.0:autosignin">Auto Signin</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign"></td><td class="col2"></td><td class="col3"></td>
</tr>
</table></div><!-- EDIT9 TABLE [2320-4663] -->
</table></div><!-- EDIT10 TABLE [2562-4905] -->
<p>
</div></div>
@ -387,7 +403,7 @@
<a href="icons/personal.png_documentation_2.0_start.html" class="media" title="icons:personal.png"><img src="icons/personal.png" class="media" alt="" /></a>
</div><div class="col-md-11">
</p>
<div class="table sectionedit10"><table class="inline table table-bordered table-striped">
<div class="table sectionedit11"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> Protocol </th><th class="col1 centeralign"> Fournisseur de service </th><th class="col2 centeralign"> Fournisseur d'identité </th>
@ -408,15 +424,15 @@
<tr class="row5 rowodd">
<td class="col0"> <a href="issuerdbget.html" class="wikilink1" title="documentation:2.0:issuerdbget">Get parameters provider</a> <em>(for poor applications)</em> </td><td class="col1 leftalign"> </td><td class="col2 centeralign"></td>
</tr>
</table></div><!-- EDIT10 TABLE [5009-5370] -->
</table></div><!-- EDIT11 TABLE [5251-5612] -->
<p>
</div></div>
</p>
</div><!-- EDIT8 SECTION "Portal" [1784-5398] -->
</div><!-- EDIT9 SECTION "Portal" [2026-5640] -->
<h3 class="sectionedit11" id="handlers">Handlers</h3>
<h3 class="sectionedit12" id="handlers">Handlers</h3>
<div class="level3">
<p>
@ -430,34 +446,34 @@
Handlers are software control agents to install on your web servers <em>(Nginx, Apache or Node.js)</em>.
</p>
<div class="table sectionedit12"><table class="inline table table-bordered table-striped">
<div class="table sectionedit13"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> Handler type </th><th class="col1 centeralign"> Apache </th><th class="col2 centeralign"> Nginx </th><th class="col3 centeralign"> Node.js </th><th class="col4 centeralign"> Commentaire </th><td class="col5"></td>
<th class="col0"> Handler type </th><th class="col1 centeralign"> Apache </th><th class="col2 centeralign"> Nginx </th><th class="col3 rightalign"> <a href="https://plackperl.org" class="urlextern" title="https://plackperl.org" rel="nofollow">Plack* server</a></th><th class="col4 centeralign"> Node.js </th><th class="col5 centeralign"> Commentaire </th><td class="col6"></td>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0"> Main <em>(default handler)</em> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"> <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Partial</a> (*) </td><td class="col4 leftalign"> </td><td class="col5"></td>
<td class="col0"> Main <em>(default handler)</em> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"> </td><td class="col4 centeralign"> <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Partial</a> (*) </td><td class="col5 leftalign"> </td><td class="col6"></td>
</tr>
<tr class="row2 roweven">
<td class="col0"> <a href="handlerauthbasic.html" class="wikilink1" title="documentation:2.0:handlerauthbasic">AuthBasic</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 leftalign"> </td><td class="col4"> Designed for some server-to-server applications </td><td class="col5"></td>
<td class="col0"> <a href="handlerauthbasic.html" class="wikilink1" title="documentation:2.0:handlerauthbasic">AuthBasic</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4 leftalign"> </td><td class="col5"> Designed for some server-to-server applications </td><td class="col6"></td>
</tr>
<tr class="row3 rowodd">
<td class="col0"> <a href="cda.html" class="wikilink1" title="documentation:2.0:cda">CDA</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 leftalign"> </td><td class="col4"> For Cross Domain Authentication </td><td class="col5"></td>
<td class="col0"> <a href="cda.html" class="wikilink1" title="documentation:2.0:cda">CDA</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4 leftalign"> </td><td class="col5"> For Cross Domain Authentication </td><td class="col6"></td>
</tr>
<tr class="row4 roweven">
<td class="col0"> <a href="devopshandler.html" class="wikilink1" title="documentation:2.0:devopshandler">DevOps</a> <em>(<a href="ssoaas.html" class="wikilink1" title="documentation:2.0:ssoaas">SSOaaS</a>)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4"> Allows application developers to define their rules within the application </td><td class="col5"></td>
<td class="col0"> <a href="devopshandler.html" class="wikilink1" title="documentation:2.0:devopshandler">DevOps</a> <em>(<a href="ssoaas.html" class="wikilink1" title="documentation:2.0:ssoaas">SSOaaS</a>)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4 centeralign"></td><td class="col5"> Allows application developers to define their rules within the application </td><td class="col6"></td>
</tr>
<tr class="row5 rowodd">
<td class="col0"> <a href="securetoken.html" class="wikilink1" title="documentation:2.0:securetoken">Secure Token</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 leftalign"> </td><td class="col4"> Designed to secure dialog between a LLNG reverse-proxy and a remote app </td><td class="col5"></td>
<td class="col0"> <a href="securetoken.html" class="wikilink1" title="documentation:2.0:securetoken">Secure Token</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4 leftalign"> </td><td class="col5"> Designed to secure dialog between a LLNG reverse-proxy and a remote app </td><td class="col6"></td>
</tr>
<tr class="row6 roweven">
<td class="col0"> <a href="servertoserver.html" class="wikilink1" title="documentation:2.0:servertoserver">Service Token</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> <em>(Server-to-Server)</em> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4"> Designed to permits underlying requests <em>(<abbr title="Interface de programmation">API</abbr>-Based Infrastructure)</em> </td><td class="col5"></td>
<td class="col0"> <a href="servertoserver.html" class="wikilink1" title="documentation:2.0:servertoserver">Service Token</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> <em>(Server-to-Server)</em> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4 centeralign"></td><td class="col5"> Designed to permits underlying requests <em>(<abbr title="Interface de programmation">API</abbr>-Based Infrastructure)</em> </td><td class="col6"></td>
</tr>
<tr class="row7 rowodd">
<td class="col0"> <a href="applications/zimbra.html" class="wikilink1" title="documentation:2.0:applications:zimbra">Zimbra PreAuth</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 leftalign"> </td><td class="col4 leftalign"> </td>
<td class="col0"> <a href="applications/zimbra.html" class="wikilink1" title="documentation:2.0:applications:zimbra">Zimbra PreAuth</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4 leftalign"> </td><td class="col5 leftalign"> </td>
</tr>
</table></div><!-- EDIT12 TABLE [5637-6504] -->
</table></div><!-- EDIT13 TABLE [5879-6846] -->
<p>
<em>(*): <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js handler</a> has not yet reached the same level of functionality.</em>
@ -467,9 +483,9 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
</div></div>
</p>
</div><!-- EDIT11 SECTION "Handlers" [5399-6627] -->
</div><!-- EDIT12 SECTION "Handlers" [5641-6969] -->
<h3 class="sectionedit13" id="llng_databases">LLNG databases</h3>
<h3 class="sectionedit14" id="llng_databases">LLNG databases</h3>
<div class="level3">
</div>
@ -484,9 +500,9 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
</p>
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> a besoin d'un dispositif de stockage de sa propre configuration (gérée par le manager). Choisir l'une des options suivantes :
<abbr title="LemonLDAP::NG">LL::NG</abbr> a besoin d'un dispositif de stockage de sa propre configuration (gérée par le manager). Choose one in the following list:
</p>
<div class="table sectionedit14"><table class="inline table table-bordered table-striped">
<div class="table sectionedit15"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Backend </th><th class="col1 centeralign"> Partageable </th><th class="col2 centeralign"> Commentaire </th>
@ -513,7 +529,7 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
<tr class="row7 rowodd">
<td class="col0 centeralign"> <a href="restconfbackend.html" class="wikilink1" title="documentation:2.0:restconfbackend">REST</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign"></td><td class="col2 leftalign"> Backend proxy à utiliser avec un autre backend de configuration. <br/><strong>Peut être utilisé pour sécuriser un autre backend</strong> pour des serveurs distants. </td>
</tr>
</table></div><!-- EDIT14 TABLE [6926-7908] -->
</table></div><!-- EDIT15 TABLE [7274-8256] -->
<div class="notetip">On ne peut démarrer avec une configuration vide, il faut donc lire <a href="changeconfbackend.html" class="wikilink1" title="documentation:2.0:changeconfbackend">comment changer de backend de configuration</a> pour convertir une configuration existante en une autre.
</div>
<p>
@ -538,7 +554,7 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
</div><div class="table sectionedit15"><table class="inline table table-bordered table-striped">
</div><div class="table sectionedit16"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Backend </th><th class="col1 centeralign"> Partageable </th><th class="col2 centeralign"> <a href="documentation/features.html#session_explorer" class="wikilink1" title="documentation:features">Explorateur de sessions</a> </th><th class="col3 centeralign"> <a href="documentation/features.html#session_restrictions" class="wikilink1" title="documentation:features">Resctriction d'ouverture de session</a> </th><th class="col4 centeralign"> Expiration des sessions </th><th class="col5 centeralign"> Commentaire </th>
@ -568,15 +584,15 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
<tr class="row8 roweven">
<td class="col0 centeralign"> <a href="soapsessionbackend.html" class="wikilink1" title="documentation:2.0:soapsessionbackend">SOAP</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4 centeralign"></td><td class="col5 leftalign"> Backend proxy à utiliser avec un autre backend de sessions. <br/> <strong>Peut être utilisé pour sécuriser un autre backend</strong> pour des serveurs distants. </td>
</tr>
</table></div><!-- EDIT15 TABLE [8773-10452] -->
</table></div><!-- EDIT16 TABLE [9121-10800] -->
<p>
</div></div>
</p>
</div><!-- EDIT13 SECTION "LLNG databases" [6628-10480] -->
</div><!-- EDIT14 SECTION "LLNG databases" [6970-10828] -->
<h2 class="sectionedit16" id="applications_protection">Protection des applications</h2>
<h2 class="sectionedit17" id="applications_protection">Protection des applications</h2>
<div class="level2">
<p>
@ -603,9 +619,9 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
</div></div>
</p>
</div><!-- EDIT16 SECTION "Applications protection" [10481-10971] -->
</div><!-- EDIT17 SECTION "Applications protection" [10829-11319] -->
<h3 class="sectionedit17" id="well_known_compatible_applications">Well known compatible applications</h3>
<h3 class="sectionedit18" id="well_known_compatible_applications">Well known compatible applications</h3>
<div class="level3">
<div class="noteclassic">Here is a list of well known applications that are compatible with <abbr title="LemonLDAP::NG">LL::NG</abbr>. A full list is available on <a href="applications.html" class="wikilink1" title="documentation:2.0:applications">vendor applications page</a>.
@ -702,9 +718,9 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
</div>
</p>
</div><!-- EDIT17 SECTION "Well known compatible applications" [10972-13185] -->
</div><!-- EDIT18 SECTION "Well known compatible applications" [11320-13533] -->
<h2 class="sectionedit18" id="advanced_features">Fonctionnalités avancées</h2>
<h2 class="sectionedit19" id="advanced_features">Fonctionnalités avancées</h2>
<div class="level2">
<p>
@ -735,9 +751,9 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
</li>
<li class="level1"><div class="li"> <a href="handlerauthbasic.html" class="wikilink1" title="documentation:2.0:handlerauthbasic">Agent AuthBasic</a></div>
</li>
<li class="level1"><div class="li"> <a href="devopshandler.html" class="wikilink1" title="documentation:2.0:devopshandler">DevOps Handler</a> <em>(<a href="ssoaas.html" class="wikilink1" title="documentation:2.0:ssoaas">SSOaaS</a>)</em></div>
<li class="level1"><div class="li"> <a href="ssoaas.html" class="wikilink1" title="documentation:2.0:ssoaas">SSO as a Service</a> <em>(SSOaaS)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a></div>
</li>
<li class="level1"><div class="li"> <a href="servertoserver.html" class="wikilink1" title="documentation:2.0:servertoserver">Handling server webservice calls</a></div>
<li class="level1"><div class="li"> <a href="servertoserver.html" class="wikilink1" title="documentation:2.0:servertoserver">Handling server webservice calls</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a></div>
</li>
<li class="level1"><div class="li"> <a href="https://github.com/lemonldap-ng-controller/lemonldap-ng-controller" class="urlextern" title="https://github.com/lemonldap-ng-controller/lemonldap-ng-controller" rel="nofollow">LemonLDAP::NG kubernetes controller</a></div>
</li>
@ -759,9 +775,9 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
</div></div>
</p>
</div><!-- EDIT18 SECTION "Advanced features" [13186-14338] -->
</div><!-- EDIT19 SECTION "Advanced features" [13534-14716] -->
<h2 class="sectionedit19" id="mini_howtos">Mini howtos</h2>
<h2 class="sectionedit20" id="mini_howtos">Mini howtos</h2>
<div class="level2">
<p>
@ -792,9 +808,9 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
</div></div>
</p>
</div><!-- EDIT19 SECTION "Mini howtos" [14339-15080] -->
</div><!-- EDIT20 SECTION "Mini howtos" [14717-15458] -->
<h2 class="sectionedit20" id="exploitation">Exploitation</h2>
<h2 class="sectionedit21" id="exploitation">Exploitation</h2>
<div class="level2">
<p>
@ -811,7 +827,7 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
</li>
<li class="level1"><div class="li"> <a href="status.html" class="wikilink1" title="documentation:2.0:status">Page de statut de l'agent</a></div>
</li>
<li class="level1"><div class="li"> <a href="checkstate.html" class="wikilink1" title="documentation:2.0:checkstate">Portal state check</a> <em>(health check for fail-over)</em></div>
<li class="level1"><div class="li"> <a href="checkstate.html" class="wikilink1" title="documentation:2.0:checkstate">Portal state check</a> <em>(health check for fail-over)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a></div>
</li>
<li class="level1"><div class="li"> <a href="monitoring.html" class="wikilink1" title="documentation:2.0:monitoring">Monitoring</a></div>
</li>
@ -827,9 +843,9 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
</div></div>
</p>
</div><!-- EDIT20 SECTION "Exploitation" [15081-15572] -->
</div><!-- EDIT21 SECTION "Exploitation" [15459-15973] -->
<h2 class="sectionedit21" id="bug_report">Bug report</h2>
<h2 class="sectionedit22" id="bug_report">Bug report</h2>
<div class="level2">
<p>
@ -838,9 +854,9 @@ See <a href="bugreport.html" class="wikilink1" title="bugreport">How to report a
</p>
</div><!-- EDIT21 SECTION "Bug report" [15573-15637] -->
</div><!-- EDIT22 SECTION "Bug report" [15974-16038] -->
<h2 class="sectionedit22" id="developer_corner">Developer corner</h2>
<h2 class="sectionedit23" id="developer_corner">Developer corner</h2>
<div class="level2">
<p>
@ -893,7 +909,7 @@ To add a new language:
<p>
If you don't want to publish your translation <em>(XX must be replace by your language code)</em>:
If you don't want to publish your translation <em>(<code>XX</code> must be replaced by your language code)</em>:
</p>
<ul>
@ -919,7 +935,7 @@ To translate this doc (Manager help):
</li>
</ul>
</div><!-- EDIT22 SECTION "Developer corner" [15638-] -->
</div><!-- EDIT23 SECTION "Developer corner" [16039-] -->
</div>
</body>
</html>