VERSION 0.9.4.1
This commit is contained in:
parent
49cc593005
commit
bf6230c5ac
|
@ -1,10 +1,20 @@
|
||||||
lemonldap-ng (0.9.5) unstable; urgency=low
|
lemonldap-ng (0.9.5) unstable; urgency=low
|
||||||
|
|
||||||
* Bugs :
|
* TODO
|
||||||
- bad XML filter when embedding <application> in <application> tags
|
|
||||||
- testUri() not usable in Lemonldap::NG::Handler::CGI
|
|
||||||
|
|
||||||
-- Xavier Guimard <x.guimard@free.fr> Thu, 20 Aug 2009 16:20:26 +0200
|
-- Xavier Guimard <x.guimard@free.fr> Sun, 11 Oct 2009 09:08:46 +0200
|
||||||
|
|
||||||
|
lemonldap-ng (0.9.4.1) unstable; urgency=low
|
||||||
|
|
||||||
|
* Safe jail update
|
||||||
|
* Many little bugs in Handler/CGI.pm
|
||||||
|
* Apache::Session::LDAP was not usable with session explorer
|
||||||
|
* syslog facility was not taken in account in Common/CGI.pm
|
||||||
|
* require failed in _Multi.pm
|
||||||
|
* doc update
|
||||||
|
* ru debconf translation (Closes: #550552 / bugs.debian.org)
|
||||||
|
|
||||||
|
-- Xavier Guimard <x.guimard@free.fr> Sun, 11 Oct 2009 09:36:35 +0200
|
||||||
|
|
||||||
lemonldap-ng (0.9.4) unstable; urgency=low
|
lemonldap-ng (0.9.4) unstable; urgency=low
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,135 @@
|
||||||
|
# translation of lemonldap-ng_0.9.4-1_ru.po to Russian
|
||||||
|
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
|
||||||
|
# This file is distributed under the same license as the PACKAGE package.
|
||||||
|
#
|
||||||
|
# Yuri Kozlov <yuray@komyakino.ru>, 2009.
|
||||||
|
msgid ""
|
||||||
|
msgstr ""
|
||||||
|
"Project-Id-Version: lemonldap-ng 0.9.4-1\n"
|
||||||
|
"Report-Msgid-Bugs-To: x.guimard@free.fr\n"
|
||||||
|
"POT-Creation-Date: 2007-09-22 13:08+0200\n"
|
||||||
|
"PO-Revision-Date: 2009-10-01 09:27+0400\n"
|
||||||
|
"Last-Translator: Yuri Kozlov <yuray@komyakino.ru>\n"
|
||||||
|
"Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n"
|
||||||
|
"MIME-Version: 1.0\n"
|
||||||
|
"Content-Type: text/plain; charset=UTF-8\n"
|
||||||
|
"Content-Transfer-Encoding: 8bit\n"
|
||||||
|
"X-Generator: KBabel 1.11.4\n"
|
||||||
|
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
|
||||||
|
|
||||||
|
#. Type: string
|
||||||
|
#. Description
|
||||||
|
#: ../liblemonldap-ng-conf-perl.templates:1001
|
||||||
|
msgid "LDAP server:"
|
||||||
|
msgstr "Сервер LDAP:"
|
||||||
|
|
||||||
|
#. Type: string
|
||||||
|
#. Description
|
||||||
|
#: ../liblemonldap-ng-conf-perl.templates:1001
|
||||||
|
msgid ""
|
||||||
|
"Set here name or IP address of the LDAP server that has to be used by "
|
||||||
|
"Lemonldap::NG. You can modify this value later using the Lemonldap::NG "
|
||||||
|
"manager."
|
||||||
|
msgstr ""
|
||||||
|
"Введите имя или IP-адрес сервера LDAP, который будет "
|
||||||
|
"использовать Lemonldap::NG. Позже вы можете изменить это значение "
|
||||||
|
"через менеджер Lemonldap::NG."
|
||||||
|
|
||||||
|
#. Type: string
|
||||||
|
#. Description
|
||||||
|
#: ../liblemonldap-ng-conf-perl.templates:2001
|
||||||
|
msgid "Lemonldap::NG DNS domain:"
|
||||||
|
msgstr "DNS домен Lemonldap::NG:"
|
||||||
|
|
||||||
|
#. Type: string
|
||||||
|
#. Description
|
||||||
|
#: ../liblemonldap-ng-conf-perl.templates:2001
|
||||||
|
msgid ""
|
||||||
|
"Set here the main domain protected by Lemonldap::NG. You can modify this "
|
||||||
|
"value later using the Lemonldap::NG manager."
|
||||||
|
msgstr ""
|
||||||
|
"Введите главный домен, защищаемый Lemonldap::NG. Позже вы можете изменить "
|
||||||
|
"это значение через менеджер Lemonldap::NG."
|
||||||
|
|
||||||
|
#. Type: string
|
||||||
|
#. Description
|
||||||
|
#: ../liblemonldap-ng-conf-perl.templates:3001
|
||||||
|
msgid "Lemonldap::NG portal:"
|
||||||
|
msgstr "Портал Lemonldap::NG:"
|
||||||
|
|
||||||
|
#. Type: string
|
||||||
|
#. Description
|
||||||
|
#: ../liblemonldap-ng-conf-perl.templates:3001
|
||||||
|
msgid ""
|
||||||
|
"Set here the Lemonldap::NG portal URL. You can modify this value later using "
|
||||||
|
"the Lemonldap::NG manager."
|
||||||
|
msgstr ""
|
||||||
|
"Введите URL портала Lemonldap::NG. Позже вы можете изменить "
|
||||||
|
"это значение через менеджер Lemonldap::NG."
|
||||||
|
|
||||||
|
#. Type: string
|
||||||
|
#. Description
|
||||||
|
#: ../liblemonldap-ng-conf-perl.templates:4001
|
||||||
|
msgid "LDAP server port:"
|
||||||
|
msgstr "Порт сервера LDAP:"
|
||||||
|
|
||||||
|
#. Type: string
|
||||||
|
#. Description
|
||||||
|
#: ../liblemonldap-ng-conf-perl.templates:4001
|
||||||
|
msgid ""
|
||||||
|
"Set here the port used by the LDAP server. You can modify this value later "
|
||||||
|
"using the Lemonldap::NG manager."
|
||||||
|
msgstr ""
|
||||||
|
"Введите используемый порт сервера LDAP. Позже вы можете изменить "
|
||||||
|
"это значение через менеджер Lemonldap::NG."
|
||||||
|
|
||||||
|
#. Type: string
|
||||||
|
#. Description
|
||||||
|
#: ../liblemonldap-ng-conf-perl.templates:5001
|
||||||
|
msgid "LDAP search base:"
|
||||||
|
msgstr "База поиска LDAP:"
|
||||||
|
|
||||||
|
#. Type: string
|
||||||
|
#. Description
|
||||||
|
#: ../liblemonldap-ng-conf-perl.templates:5001
|
||||||
|
msgid ""
|
||||||
|
"Set here the search base to use in LDAP queries. You can modify this value "
|
||||||
|
"later using the Lemonldap::NG manager."
|
||||||
|
msgstr ""
|
||||||
|
"Введите поисковую базу, используемую в запросах LDAP. Позже вы можете изменить "
|
||||||
|
"это значение через менеджер Lemonldap::NG."
|
||||||
|
|
||||||
|
#. Type: string
|
||||||
|
#. Description
|
||||||
|
#: ../liblemonldap-ng-conf-perl.templates:6001
|
||||||
|
msgid "LDAP account:"
|
||||||
|
msgstr "Учётная запись в LDAP:"
|
||||||
|
|
||||||
|
#. Type: string
|
||||||
|
#. Description
|
||||||
|
#: ../liblemonldap-ng-conf-perl.templates:6001
|
||||||
|
msgid ""
|
||||||
|
"Set here the account that Lemonldap::NG has to use for its LDAP requests. "
|
||||||
|
"Leaving it blank causes Lemonldap::NG to use anonymous connections. You can "
|
||||||
|
"modify this value later using the Lemonldap::NG manager."
|
||||||
|
msgstr ""
|
||||||
|
"Введите имя учётной записи, которое Lemonldap::NG будет использовать в "
|
||||||
|
"запросах LDAP. Оставьте поле пустым, если Lemonldap::NG должен подключаться "
|
||||||
|
"анонимно. Позже вы можете изменить это значение через менеджер Lemonldap::NG."
|
||||||
|
|
||||||
|
#. Type: string
|
||||||
|
#. Description
|
||||||
|
#: ../liblemonldap-ng-conf-perl.templates:7001
|
||||||
|
msgid "LDAP password:"
|
||||||
|
msgstr "Пароль к LDAP:"
|
||||||
|
|
||||||
|
#. Type: string
|
||||||
|
#. Description
|
||||||
|
#: ../liblemonldap-ng-conf-perl.templates:7001
|
||||||
|
msgid ""
|
||||||
|
"Set here the password for the Lemonldap::NG LDAP account. You can modify "
|
||||||
|
"this value later using the Lemonldap::NG manager."
|
||||||
|
msgstr ""
|
||||||
|
"Введите пароль к учётной записи Lemonldap::NG в LDAP. "
|
||||||
|
"Позже вы можете изменить это значение через менеджер Lemonldap::NG."
|
||||||
|
|
|
@ -190,7 +190,7 @@ MyGroup => { $uid eq <span class=
|
||||||
|
|
||||||
<ul class="star">
|
<ul class="star">
|
||||||
<li>You can use DocumentRoot to protect a local application, or use
|
<li>You can use DocumentRoot to protect a local application, or use
|
||||||
mod_proxy to use LemonLDAP::NG as a reverse proxy</li>
|
mod_proxy to use LemonLDAP::NG as a reverse proxy (see below)</li>
|
||||||
|
|
||||||
<li>You have to declare only one "reload" target on a physical server,
|
<li>You have to declare only one "reload" target on a physical server,
|
||||||
because only one Handler can be instancied on a physical server</li>
|
because only one Handler can be instancied on a physical server</li>
|
||||||
|
@ -198,11 +198,45 @@ MyGroup => { $uid eq <span class=
|
||||||
<li>Of course you must already have a virtualhost for the portal and
|
<li>Of course you must already have a virtualhost for the portal and
|
||||||
another for the manager; These hosts are only in Apache, and not in
|
another for the manager; These hosts are only in Apache, and not in
|
||||||
LemonLDAP::NG configuration.</li>
|
LemonLDAP::NG configuration.</li>
|
||||||
</ul>
|
</ul>To transform your VirtualHost into a reverse proxy, use for example:
|
||||||
|
|
||||||
<h3 class="heading-1-1"><span id="HTogofurther">To go further</span></h3>
|
<div class="code">
|
||||||
|
<pre>
|
||||||
|
# Application Test
|
||||||
|
<VirtualHost *:80>
|
||||||
|
ServerName test1.example.com
|
||||||
|
ServerAlias test2.example.com<br /><br /> # SSO protection
|
||||||
|
PerlHeaderParserHandler My::Package<br /><br /> ProxyPreserveHost on
|
||||||
|
ProxyPass / <span class="nobr"><a href=
|
||||||
|
"http://APPLICATION_IP/">http://APPLICATION_IP/</a></span>
|
||||||
|
ProxyPassReverse / <span class="nobr"><a href=
|
||||||
|
"http://APPLICATION_IP/">http://APPLICATION_IP/</a></span><br /><br /></VirtualHost>
|
||||||
|
</pre>
|
||||||
|
</div>
|
||||||
|
|
||||||
<p class="paragraph"></p>See the <span class="wikilink"><a href=
|
<p class="paragraph"></p><strong class="strong">Remarks</strong>:
|
||||||
|
|
||||||
|
<ul class="star">
|
||||||
|
<li>The ProxyPreserveHost directive will forward the Host header to the
|
||||||
|
protected application</li>
|
||||||
|
</ul>Using the reverse proxy mode, you will not have the REMOTE_USER
|
||||||
|
environment variable set. Indeed, this variable is set by the Handler on
|
||||||
|
the physical server hosting the Handlers, and not on other servers where
|
||||||
|
the Handler is not installed. But this magic Apache configuration will let
|
||||||
|
you transform the Auth-User HTTP header in REMOTE_USER envronment
|
||||||
|
varibale:<br />
|
||||||
|
<br />
|
||||||
|
|
||||||
|
<div class="code">
|
||||||
|
<pre>
|
||||||
|
SetEnvIfNoCase Auth-User <span class="java-quote">"(.*)"</span> REMOTE_USER=$1
|
||||||
|
</pre>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<h3 class="heading-1-1"><span id="HTogofurther">To go
|
||||||
|
further</span></h3><br />
|
||||||
|
<br />
|
||||||
|
See the <span class="wikilink"><a href=
|
||||||
"4.1-Configuration-parameter-list.html">full parameters list</a></span>.
|
"4.1-Configuration-parameter-list.html">full parameters list</a></span>.
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
|
@ -66,14 +66,25 @@
|
||||||
|
|
||||||
<li><a href="#HConfiguration">Configuration</a></li>
|
<li><a href="#HConfiguration">Configuration</a></li>
|
||||||
|
|
||||||
|
<li>
|
||||||
|
<a href="#HKnownproblems">Known problems</a>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li><a href="#HAuthApacheauthentication">AuthApache
|
||||||
|
authentication</a></li>
|
||||||
|
|
||||||
|
<li><a href="#HSSLauthentication">SSL authentication</a></li>
|
||||||
|
</ul>
|
||||||
|
</li>
|
||||||
|
|
||||||
<li><a href="#HSeealso">See also</a></li>
|
<li><a href="#HSeealso">See also</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
<h3 class="heading-1-1"><span id="HPresentation">Presentation</span></h3>
|
<h3 class="heading-1-1"><span id="HPresentation">Presentation</span></h3>
|
||||||
|
|
||||||
<p class="paragraph"></p>This backend allows to chain authentication
|
<p class="paragraph"></p>This backend allows to chain authentication
|
||||||
method, for example to failback to LDAP authentication if Kerberos
|
method, for example to failback to LDAP authentication if Remote
|
||||||
authentication failed.
|
authentication failed…
|
||||||
|
|
||||||
<h3 class="heading-1-1"><span id=
|
<h3 class="heading-1-1"><span id=
|
||||||
"HConfiguration">Configuration</span></h3>
|
"HConfiguration">Configuration</span></h3>
|
||||||
|
@ -99,6 +110,23 @@ authentication => 'Multi Remote $ENV{REMOTE_ADDR}=~/^192/;LDAP $ENV{REMOTE_AD
|
||||||
</pre>
|
</pre>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<h3 class="heading-1-1"><span id="HKnownproblems">Known
|
||||||
|
problems</span></h3>
|
||||||
|
|
||||||
|
<h4 class="heading-1-1-1"><span id="HAuthApacheauthentication">AuthApache
|
||||||
|
authentication</span></h4><br />
|
||||||
|
<br />
|
||||||
|
When using this module, Lemonldap::NG portal will be called only if Apache
|
||||||
|
does not return "401 Authentication required", but this is not the Apache
|
||||||
|
behaviour: if the auth module fails, Apache returns 401. We're studying a
|
||||||
|
future solutuion for this…
|
||||||
|
|
||||||
|
<h4 class="heading-1-1-1"><span id="HSSLauthentication">SSL
|
||||||
|
authentication</span></h4><br />
|
||||||
|
<br />
|
||||||
|
To chain SSL, you have to set "SSLRequire optional" in Apache
|
||||||
|
configuration, else users will be authenticated by SSL only.
|
||||||
|
|
||||||
<h3 class="heading-1-1"><span id="HSeealso">See also</span></h3>
|
<h3 class="heading-1-1"><span id="HSeealso">See also</span></h3>
|
||||||
|
|
||||||
<ul class="star">
|
<ul class="star">
|
||||||
|
|
|
@ -10,7 +10,7 @@ package Lemonldap::NG::Common::Apache::Session;
|
||||||
use strict;
|
use strict;
|
||||||
use Storable qw(thaw);
|
use Storable qw(thaw);
|
||||||
|
|
||||||
our $VERSION = 0.2;
|
our $VERSION = 0.21;
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
|
|
||||||
|
|
|
@ -13,7 +13,7 @@ use CGI;
|
||||||
|
|
||||||
#parameter syslog Indicates syslog facility for logging user actions
|
#parameter syslog Indicates syslog facility for logging user actions
|
||||||
|
|
||||||
our $VERSION = '0.5';
|
our $VERSION = '0.51';
|
||||||
|
|
||||||
use base qw(CGI);
|
use base qw(CGI);
|
||||||
|
|
||||||
|
|
|
@ -11,7 +11,7 @@ use Crypt::Rijndael;
|
||||||
use MIME::Base64;
|
use MIME::Base64;
|
||||||
use base qw(Crypt::Rijndael);
|
use base qw(Crypt::Rijndael);
|
||||||
|
|
||||||
our $VERSION = '0.1';
|
our $VERSION = '0.2';
|
||||||
|
|
||||||
our $msg;
|
our $msg;
|
||||||
|
|
||||||
|
|
|
@ -17,7 +17,7 @@ use Lemonldap::NG::Handler::SharedConf qw(:all);
|
||||||
|
|
||||||
#link Lemonldap::NG::Handler::_CGI protected _handler
|
#link Lemonldap::NG::Handler::_CGI protected _handler
|
||||||
|
|
||||||
our $VERSION = '0.3';
|
our $VERSION = '0.4';
|
||||||
|
|
||||||
## @cmethod Lemonldap::NG::Handler::CGI new(hashRef args)
|
## @cmethod Lemonldap::NG::Handler::CGI new(hashRef args)
|
||||||
# Constructor.
|
# Constructor.
|
||||||
|
|
|
@ -26,7 +26,7 @@ require POSIX;
|
||||||
#inherits Apache::Session
|
#inherits Apache::Session
|
||||||
#link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
|
#link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
|
||||||
|
|
||||||
our $VERSION = '0.91';
|
our $VERSION = '0.92';
|
||||||
|
|
||||||
our %EXPORT_TAGS;
|
our %EXPORT_TAGS;
|
||||||
|
|
||||||
|
|
|
@ -26,7 +26,7 @@ use MIME::Base64;
|
||||||
use base qw(Lemonldap::NG::Common::CGI);
|
use base qw(Lemonldap::NG::Common::CGI);
|
||||||
our @ISA;
|
our @ISA;
|
||||||
|
|
||||||
our $VERSION = '0.90';
|
our $VERSION = '0.91';
|
||||||
|
|
||||||
# Secure jail
|
# Secure jail
|
||||||
our $msafe;
|
our $msafe;
|
||||||
|
|
|
@ -9,7 +9,7 @@ use strict;
|
||||||
use Lemonldap::NG::Portal::Simple;
|
use Lemonldap::NG::Portal::Simple;
|
||||||
use AuthCAS;
|
use AuthCAS;
|
||||||
|
|
||||||
our $VERSION = '0.1';
|
our $VERSION = '0.11';
|
||||||
|
|
||||||
## @apmethod int authInit()
|
## @apmethod int authInit()
|
||||||
# Does nothing.
|
# Does nothing.
|
||||||
|
|
|
@ -20,7 +20,7 @@ use Lemonldap::NG::Portal::PasswordDBLDAP; #inherits
|
||||||
*_modifyPassword = *Lemonldap::NG::Portal::PasswordDBLDAP::modifyPassword;
|
*_modifyPassword = *Lemonldap::NG::Portal::PasswordDBLDAP::modifyPassword;
|
||||||
*_passwordDBInit = *Lemonldap::NG::Portal::PasswordDBLDAP::passwordDBInit;
|
*_passwordDBInit = *Lemonldap::NG::Portal::PasswordDBLDAP::passwordDBInit;
|
||||||
|
|
||||||
our $VERSION = '0.11';
|
our $VERSION = '0.2';
|
||||||
|
|
||||||
### ACCESS CONTROL DISPLAY SYSTEM
|
### ACCESS CONTROL DISPLAY SYSTEM
|
||||||
|
|
||||||
|
|
|
@ -34,7 +34,7 @@ use Safe;
|
||||||
#inherits Apache::Session
|
#inherits Apache::Session
|
||||||
#link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
|
#link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
|
||||||
|
|
||||||
our $VERSION = '0.89';
|
our $VERSION = '0.90';
|
||||||
|
|
||||||
use base qw(Lemonldap::NG::Common::CGI Exporter);
|
use base qw(Lemonldap::NG::Common::CGI Exporter);
|
||||||
our @ISA;
|
our @ISA;
|
||||||
|
|
|
@ -12,7 +12,7 @@ package Lemonldap::NG::Portal::_Multi;
|
||||||
|
|
||||||
use Lemonldap::NG::Portal::Simple;
|
use Lemonldap::NG::Portal::Simple;
|
||||||
|
|
||||||
our $VERSION = '0.1';
|
our $VERSION = '0.11';
|
||||||
|
|
||||||
## @cmethod Lemonldap::NG::Portal::_Multi new(Lemonldap::NG::Portal::Simple portal)
|
## @cmethod Lemonldap::NG::Portal::_Multi new(Lemonldap::NG::Portal::Simple portal)
|
||||||
# Constructor
|
# Constructor
|
||||||
|
|
Loading…
Reference in New Issue