diff --git a/doc/pages/documentation/current/applications/img/icons.png b/doc/pages/documentation/current/applications/img/icons.png
index a0759219e..3cd52d5f6 100644
--- a/doc/pages/documentation/current/applications/img/icons.png
+++ b/doc/pages/documentation/current/applications/img/icons.png
@@ -90,7 +90,7 @@
+ Login
@@ -241,7 +241,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio
-
+
diff --git a/doc/pages/documentation/current/applications/img/loader.gif b/doc/pages/documentation/current/applications/img/loader.gif
index ad820f854..657a7dcb4 100644
--- a/doc/pages/documentation/current/applications/img/loader.gif
+++ b/doc/pages/documentation/current/applications/img/loader.gif
@@ -90,7 +90,7 @@
+
Login
@@ -241,7 +241,7 @@ You've followed a link to a topic that doesn't exist yet. If permissio
- ![](/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&1543524687)
+ ![](/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&1545299080)
diff --git a/doc/pages/documentation/current/authcas.html b/doc/pages/documentation/current/authcas.html
index 94731bc75..e4ae9de5f 100644
--- a/doc/pages/documentation/current/authcas.html
+++ b/doc/pages/documentation/current/authcas.html
@@ -89,6 +89,16 @@ They can then be forwarded to applications trough
CAS for authentication.
You can then choose any other module for users and password.
+
Browser implementations of formAction directive are inconsistent (e.g. Firefox doesn't block the redirects whereas Chrome does).
+Administrators may have to modify formAction value with wildcard likes *.
+
+In Manager, go in :
+
+
+
+General Parameters
> Advanced Parameters
> Security
> Content Security Policy
> Form destination
+
+
Then, go in CAS parameters
:
diff --git a/doc/pages/documentation/current/authcombination.html b/doc/pages/documentation/current/authcombination.html
index 961670f76..eb3b5abb2 100644
--- a/doc/pages/documentation/current/authcombination.html
+++ b/doc/pages/documentation/current/authcombination.html
@@ -135,10 +135,12 @@ Each module that will be used in combination rule must be declared. You must set
-
overwritten parameters: you can redefine any LLNG string parameter. For example, if you use 2 different LDAP, the first can use normal configuration and for the second, overwritten parameter can redefine ldapServer,…
+ overloaded parameters: you can redefine any LLNG string parameters. For example, if you use 2 different LDAP, the first can use normal configuration and for the second, overwritten parameter can redefine ldapServer,…
+To overload parameters, you must select a module, add a parameter and set its value.
+
For example:
@@ -155,13 +157,13 @@ For example:
DB2 | DBI | User DB only | dbiAuthChain ⇒ “mysql:…” |
-
+
Usually, you can't declare two modules of the same type if they don't have the same parameters. For example, usually you can't declare a MySQL DBI and a PostgreSQL DBI, because there is no extra field for PostgreSQL parameters. Now with Combination, you can declare some overloaded parameters. For example, if DBI is configured to use PostgreSQL but DB2 is a MySQL DB, you can override the “dbiChain” parameter.
-
+
Rule chain
@@ -208,7 +210,7 @@ Remember that schemes in rules are the names declared above.
[mySSL and myLDAP, myLDAP ] | Use mySSL and myLDAP to authentify, myLDAP to get user |
-Note that “or” can't be used inside a scheme.
+
Note that “or” can't be used inside a scheme.
If you think to “[mySSL or myLDAP, myLDAP]”, you must write [mySSL, myLDAP] or [myLDAP, myLDAP]
@@ -224,7 +226,7 @@ If you think to “[mySSL or myLDAP, myLDAP]”, you must write [mySSL, my
[myDBI1] and [myDBI2] or [myLDAP] and [myDBI2] | Try myDBI1 and myDBI2, if it fails, try myLDAP and myDBI2 |
-
You can't use brackets in a boolean expression and “and” has precedence on “or”.
+
You can't use brackets in a boolean expression and “and” has precedence on “or”.
If you think to “( [myLDAP] or [myDBI1] ) and [myDBI2]”, you must write [myLDAP] and [myDBI2] or [myDBI1] and [myDBI2]
@@ -251,7 +253,7 @@ Test can use only the
$env
variable. It contains the FastCGI enviro
if($env→{REMOTE_ADDR} =~ /^10\./) then [myLDAP] else if($env→{REMOTE_ADDR} =~ /^192/) then [myDBI1] else [myDBI2] | Chain tests |
-
Note that brackets can't be used except to enclose test.
+
Note that brackets can't be used except to enclose test.
If you wants to write if(…) then if…
, you must write if(not …) then … else if(…)…
@@ -271,7 +273,7 @@ The following rule is valid:
-
+
Combine second factor
@@ -296,7 +298,7 @@ Now if you want to authenticate users either by LDAP or LDAP+U2F (to have 2
-
+
@@ -307,12 +309,12 @@ Combination module returns the form corresponding to the first authentication sc
combinationForms = standardform, openidform
-
+
Known problems
-
+
Federation protocols
@@ -332,9 +334,9 @@ Combination module returns the form corresponding to the first authentication sc
[SAML] and [LDAP] or [LDAP] | [SAML, SAML and LDAP] or [LDAP] | Authentication is done by SAML or LDAP but user must match an LDAP entry |
-
+
-
+
Auth::Apache authentication
+