Clarify outgoing proxy documentation (#2715)
This commit is contained in:
parent
23bc481c0f
commit
b666f1416a
|
@ -1,13 +1,15 @@
|
||||||
Use an outgoing proxy
|
Use an outgoing proxy
|
||||||
=====================
|
=====================
|
||||||
|
|
||||||
For some protocols, LL::NG has to directly contact the external server.
|
For some protocols, LemonLDAP::NG has to directly contact the external server.
|
||||||
This is the case for example with CAS authentication (validation of
|
This is the case for example with CAS authentication (validation of
|
||||||
service ticket) or OpenID Connect authentication (access to token
|
service ticket) or OpenID Connect authentication (access to token
|
||||||
endpoint and userinfo endpoint).
|
endpoint and userinfo endpoint).
|
||||||
|
|
||||||
If the LL::NG server needs a proxy for outgoing connections, then you
|
If the LL::NG server needs a proxy for outgoing connections, then you
|
||||||
need to configure some environment variables.
|
need to configure some environment variables. By default, only connections
|
||||||
|
to external systems (CAS, OIDC, etc.) are done through the proxy, while HTTP
|
||||||
|
connections in between LemonLDAP::NG components are not.
|
||||||
|
|
||||||
Apache
|
Apache
|
||||||
------
|
------
|
||||||
|
@ -21,6 +23,11 @@ In Apache configuration, set:
|
||||||
# on Centos7, you need LWP::Protocol::connect
|
# on Centos7, you need LWP::Protocol::connect
|
||||||
# FcgidInitialEnv https_proxy connect://X.X.X.X:X
|
# FcgidInitialEnv https_proxy connect://X.X.X.X:X
|
||||||
|
|
||||||
|
# Optional: use this to force ALL http connections to go
|
||||||
|
# through the proxy. This is only useful in some scenarios
|
||||||
|
# FcgidInitialEnv PERL_LWP_ENV_PROXY 1
|
||||||
|
# FcgidInitialEnv no_proxy <urls-without-proxy>
|
||||||
|
|
||||||
Nginx/FastCGI
|
Nginx/FastCGI
|
||||||
-------------
|
-------------
|
||||||
|
|
||||||
|
@ -33,3 +40,8 @@ add in ``/etc/default/lemonldap-ng-fastcgi-server`` :
|
||||||
# on Centos7, you need LWP::Protocol::connect
|
# on Centos7, you need LWP::Protocol::connect
|
||||||
# https_proxy=connect://X.X.X.X:X
|
# https_proxy=connect://X.X.X.X:X
|
||||||
|
|
||||||
|
# Optional: use this to force ALL http connections to go
|
||||||
|
# through the proxy. This is only useful in some scenarios
|
||||||
|
# PERL_LWP_ENV_PROXY=1
|
||||||
|
# no_proxy=<urls-without-proxy>
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue