dani
/
lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Documentation update

This commit is contained in:
Xavier Guimard 2009-06-29 09:42:44 +00:00
parent c113f7440e
commit bfed9a789c
18 changed files with 91 additions and 188 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
build/lemonldap-ng/_example/conf/lmConf-1
View File

@ -23,7 +23,7 @@ domain
'__DNSDOMAIN__'
timeout
72000
7200
groups
'$data1 = {};'

39
build/lemonldap-ng/changelog
View File

@ -1,13 +1,38 @@
lemonldap-ng (0.9.4) unstable; urgency=low
* ldap+tls uri was not working (Closes: #312418)
* Session timeout is in seconds and not in minutes in Manager/Help.pm
(Closes: #312339)
* Notification system
* Missing dependency in Debian package (Closes: #521959 / bugs.debian.org)
* Double session mechanism (1 secured and the other not)
* Bugs :
- ldap+tls uri was not working (Closes: #312418)
- Session timeout is in seconds and not in minutes in Manager/Help.pm
(Closes: #312339)
- Missing dependency in Debian package (Closes: #521959 / bugs.debian.org)
* Logs :
- CGI's log subroutine : now if a CGI runs under ModPerl::Registry, it
stores it's log using Apache2::Log
- handler logs written in PerlLogHandler
* SOAP :
- New SOAP architecture : the portal serves now all webservices and the
security is based on Apache system (different locations)
- WSDL generation
* New features :
- LDAP backend for configuration and sessions storage
- portal can be a Perl expression in handlers
- POST requests generation in handler (used to post login/password in non
compatible applications)
- Sympa auto login handler
- New auth and userDB modules for the portal : Multi, Remote, Null (for
UserDB only)
- New module system for passwords
- Notification system
- Double session mechanism (1 secured and the other not)
- New fonctions for rules (stored in
lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm) :
* checkLogonHours
* checkDate
* Other :
- Pre-compilation in Apache's configuration files
- Cross-domain now included in core
-- Xavier Guimard <x.guimard@free.fr> Sun, 08 Feb 2009 20:12:17 +0100
-- Xavier Guimard <x.guimard@free.fr> Mon, 29 Jun 2009 10:28:09 +0200
lemonldap-ng (0.9.3.4) unstable; urgency=low

17
build/lemonldap-ng/debian/storage.conf
View File

@ -18,17 +18,26 @@
# dbiUser = lemonldap
# dbiPassword = password
#
# * SOAP: SOAP configuration access is a sort of proxy: the SOAP server that
# runs Lemonldap::NG::Manager::SOAPServer is configured to use the real
# session storage type (DBI or File for example).
# * SOAP: SOAP configuration access is a sort of proxy: the portal is
# configured to use the real session storage type (DBI or File for
# example).
# You have to set 'proxy' parameter. Example:
#
# type = SOAP
# proxy = https://manager.example.com/soapmanager.pl
# proxy = https://auth.example.com/index.pl/config
# proxyOptions = { timeout => 5 }
# User = lemonldap
# Password = mypassword
#
# * LDAP: you have to set ldapServer, ldapConfBranch, ldapBindDN and ldapBindPassword.
#
# type = LDAP
# ldapServer = ldap://localhost
# ldapConfBase = ou=conf,ou=applications,dc=example,dc=com
# ldapBindDN = cn=manager,dc=example,dc=com
# ldapBindPassword = secret
#
#
# 2 - LocalStorage
#
# To increase performances, use a local cache for the configuration. You have

3
modules/lemonldap-ng-common/Changes
View File

@ -1,5 +1,8 @@
Revision history for Perl extension Lemonldap::NG::Common.
0.92 Sun Feb 8 08:04:25 2009
- Change CGI SOAP system
0.91 Sun Dec 26 10:06:42 2008
- Add SOAP::Lite dependency

17
modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session/SOAP.pm
View File

@ -227,7 +227,7 @@ access to Lemonldap::NG Web-SSO sessions via SOAP.
__PACKAGE__->init ({
globalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP',
globalStorageOptions => {
proxy => 'http://manager/cgi-bin/soapserver.pl',
proxy => 'http://auth.example.com/index.pl/sessions',
proxyOptions => {
timeout => 5,
},
@ -244,7 +244,7 @@ access to Lemonldap::NG Web-SSO sessions via SOAP.
my $portal = new Lemonldap::NG::Portal::SharedConf (
globalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP',
globalStorageOptions => {
proxy => 'http://manager/cgi-bin/soapserver.pl',
proxy => 'http://auth.example.com/index.pl/sessions',
proxyOptions => {
timeout => 5,
},
@ -267,9 +267,9 @@ Lemonldap::NG Web-SSO configuration. It is used by L<Lemonldap::NG::Handler>,
L<Lemonldap::NG::Portal> and L<Lemonldap::NG::Manager>.
Lemonldap::NG::Common::Apache::Session::SOAP used with
L<Lemonldap::NG::Manager::SOAPServer> provides the ability to acces to
Lemonldap::NG sessions via SOAP: They act as a proxy to access to the real
Apache::Session module (set as Lemonldap::NG::Manager::SOAPServer parameter).
L<Lemonldap::NG::Portal> provides the ability to acces to
Lemonldap::NG sessions via SOAP: the portal act as a proxy to access to the
real Apache::Session module (see HTML documentation for more)
=head2 SECURITY
@ -298,7 +298,7 @@ C<>SOAP::Transport::HTTP::Client::get_basic_credentials>:
},
configStorage => {
type => 'SOAP',
proxy => 'http://manager.example.com/soapserver.pl',
proxy => 'http://auth.example.com/index.pl/sessions',
User => 'http-user',
Password => 'pass',
},
@ -326,7 +326,7 @@ set environment variables.
},
configStorage => {
type => 'SOAP',
proxy => 'http://manager.example.com/soapserver.pl',
proxy => 'http://auth.example.com/index.pl/sessions',
},
https => 1,
} );
@ -335,7 +335,6 @@ set environment variables.
=head1 SEE ALSO
L<Lemonldap::NG::Manager::SOAPServer>,
L<Lemonldap::NG::Manager>, L<Lemonldap::NG::Common::Conf::SOAP>,
L<Lemonldap::NG::Handler>, L<Lemonldap::NG::Portal>,
http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation
@ -356,7 +355,7 @@ L<http://forge.objectweb.org/project/showfiles.php?group_id=274>
=head1 COPYRIGHT AND LICENSE
Copyright (C) 2007 by Xavier Guimard
Copyright (C) 2007, 2008, 2009 by Xavier Guimard
This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself, either Perl version 5.8.8 or,

11
modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf.pm
View File

@ -35,7 +35,7 @@ our %_confFiles;
# - { Type => "File", dirName => "/path/to/conf/dir/" },
# - { Type => "DBI", dbiChain => "DBI:mysql:database=lemonldap-ng;host=1.2.3.4",
# dbiUser => "user", dbiPassword => "password" },
# - { Type => "SOAP", proxy => "https://manager.example.com/soapmanager.pl" },
# - { Type => "SOAP", proxy => "https://auth.example.com/index.pl/config" },
# - { Type => "LDAP", ldapServer => "ldap://localhost", ldapConfBranch => "ou=conf,ou=applications,dc=example,dc=com",
# ldapBindDN => "cn=manager,dc=example,dc=com", ldapBindPassword => "secret"},
#
@ -414,16 +414,15 @@ choosen type. Examples:
$confAccess = new Lemonldap::NG::Common::Conf(
{
type => 'SOAP',
proxy => 'https://manager.example.com/soapmanager.pl',
proxy => 'http://auth.example.com/index.pl/config',
proxyOptions => {
timeout => 5,
},
});
SOAP configuration access is a sort of proxy: the SOAP server that runs
L<Lemonldap::NG::Manager::SOAPServer> is configured to use the real session
storage type (DBI or File for example). See L<Lemonldap::NG::Conf::SOAP> for
more.
SOAP configuration access is a sort of proxy: the portal is configured to use
the real session storage type (DBI or File for example). See HTML documentation
for more.
=item * B<LDAP>:
$confAccess = new Lemonldap::NG::Common::Conf(

22
modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SOAP.pm
View File

@ -116,7 +116,7 @@ Lemonldap::NG Web-SSO configuration via SOAP.
},
configStorage => {
type => 'SOAP',
proxy => 'http://manager.example.com/soapserver.pl',
proxy => 'http://auth.example.com/index.pl/config',
# If soapserver is protected by HTTP Basic:
User => 'http-user',
Password => 'pass',
@ -131,7 +131,7 @@ Lemonldap::NG Web-SSO configuration via SOAP.
my $portal = Lemonldap::NG::Portal::SharedConf->new ( {
configStorage => {
type => 'SOAP',
proxy => 'http://localhost/devel/test.pl',
proxy => 'http://auth.example.com/index.pl/config',
# If soapserver is protected by HTTP Basic:
User => 'http-user',
Password => 'pass',
@ -149,7 +149,7 @@ Lemonldap::NG Web-SSO configuration via SOAP.
{
configStorage=>{
type => 'SOAP',
proxy => 'http://localhost/devel/test.pl'
proxy => 'http://auth.example.com/index.pl/config',
# If soapserver is protected by HTTP Basic:
User => 'http-user',
Password => 'pass',
@ -162,14 +162,8 @@ Lemonldap::NG Web-SSO configuration via SOAP.
=head2 Server side
See L<Lemonldap::NG::Common::Conf::SOAP> for documentation on client side.
use Lemonldap::NG::Manager::SOAPServer;
Lemonldap::NG::Manager::SOAPServer->start(
configStorage => {
type=>"File",
dirName=>"/usr/share/doc/lemonldap-ng/examples/conf/"
}
You just have to set "Soap => 1" in your portal. See HTML documentation for
more.
=head1 DESCRIPTION
@ -204,7 +198,7 @@ Examples :
},
configStorage => {
type => 'SOAP',
proxy => 'http://manager.example.com/soapserver.pl',
proxy => 'http://auth.example.com/index.pl/config',
User => 'http-user',
Password => 'pass',
},
@ -232,7 +226,7 @@ set environment variables.
},
configStorage => {
type => 'SOAP',
proxy => 'http://manager.example.com/soapserver.pl',
proxy => 'http://auth.example.com/index.pl/config',
},
https => 1,
} );
@ -241,7 +235,7 @@ set environment variables.
=head1 SEE ALSO
L<Lemonldap::NG::Manager>, L<Lemonldap::NG::Common::Conf::SOAP>,
L<Lemonldap::NG::Common::Conf::SOAP>,
L<Lemonldap::NG::Handler>, L<Lemonldap::NG::Portal>,
http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation

2
modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm
View File

@ -127,7 +127,7 @@ L<Lemonldap::NG::Manager>, L<Lemonldap::NG::Portal>, L<Lemonldap::NG::Handler>
=head1 AUTHOR
Xavier Guimard, E<lt>guimard@E<gt>
Xavier Guimard, E<lt>x.guimard@free.frE<gt>
Clement Oudot
=head1 COPYRIGHT AND LICENSE

8
modules/lemonldap-ng-common/storage.conf
View File

@ -18,13 +18,13 @@
# dbiUser = lemonldap
# dbiPassword = password
#
# * SOAP: SOAP configuration access is a sort of proxy: the SOAP server that
# runs Lemonldap::NG::Manager::SOAPServer is configured to use the real
# session storage type (DBI or File for example).
# * SOAP: SOAP configuration access is a sort of proxy: the portal is
# configured to use the real session storage type (DBI or File for
# example).
# You have to set 'proxy' parameter. Example:
#
# type = SOAP
# proxy = https://manager.example.com/soapmanager.pl
# proxy = https://auth.example.com/index.pl/config
# proxyOptions = { timeout => 5 }
# User = lemonldap
# Password = mypassword

2
modules/lemonldap-ng-handler/example/MyHandler.pm
View File

@ -47,7 +47,7 @@ __PACKAGE__->init(
# configuration. Example:
#globalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP',
#globalStorageOptions => {
# proxy => 'http://manager.example.com/soapserver.pl',
# proxy => 'http://auth.example.com/index.pl/sessions',
# proxyOptions => {
# timeout => 5,
# },

2
modules/lemonldap-ng-handler/example/MyHandlerLog4Perl.pm
View File

@ -55,7 +55,7 @@ __PACKAGE__->init(
# configuration. Example:
#globalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP',
#globalStorageOptions => {
# proxy => 'http://manager.example.com/soapserver.pl',
# proxy => 'http://auth.example.com/index.pl/sessions',
# proxyOptions => {
# timeout => 5,
# },

2
modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Status.pm
View File

@ -341,7 +341,7 @@ L<http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation>
=head1 AUTHOR
Xavier Guimard, E<lt>guimard@E<gt>
Xavier Guimard, E<lt>x.guimard@free.frE<gt>
=head1 COPYRIGHT AND LICENSE

2
modules/lemonldap-ng-handler/t/11-Lemonldap-NG-Handler-Status.t
View File

@ -26,7 +26,7 @@ ok(
$h->localInit(
{
localStorage => 'Cache::FileCache',
localStorageOptions => { 'namespace' => 'MyNamespace', },
localStorageOptions => { 'namespace' => 'MyNamespaceTest', },
status => 1
}
),

1
modules/lemonldap-ng-manager/MANIFEST
View File

@ -82,7 +82,6 @@ example/mrtg/lmng-mrtg
example/mrtg/mrtg.cfg.example
example/scripts/lmConfigEditor
example/sessions.pl
example/soapserver.pl
example/theme/default.css
example/theme/hatch.gif
example/theme/logo_lemonldap-ng.png

2
modules/lemonldap-ng-manager/example/sessions.pl
View File

@ -50,7 +50,7 @@ our $cgi = Lemonldap::NG::Manager::Sessions->new({
# configuration. Example:
#globalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP',
#globalStorageOptions => {
# proxy => 'http://manager.example.com/soapserver.pl',
# proxy => 'http://auth.example.com/index.pl/sessions',
# proxyOptions => {
# timeout => 5,
# },

7
modules/lemonldap-ng-manager/example/soapserver.pl
View File

@ -1,7 +0,0 @@
#!/usr/bin/perl
use Lemonldap::NG::Manager::SOAPServer;
Lemonldap::NG::Manager::SOAPServer->start();
__END__

134
modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/SOAPServer.pm
View File

@ -6,7 +6,7 @@ our $VERSION = '0.2';
die 'This module is now obsolete. You have to use the portal as "proxy".
See http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/DocSOAP';
__END__
use SOAP::Transport::HTTP;
use Lemonldap::NG::Common::Conf; #link protected config Configuration hash reference
use UNIVERSAL qw(isa);
@ -181,142 +181,18 @@ __END__
=head1 NAME
Lemonldap::NG::Manager::SOAPServer - Perl extension written to access to
Lemonldap::NG Web-SSO configuration or sessions via SOAP.
Lemonldap::NG::Manager::SOAPServer - Obsolete : now SOAP services are included
in the Lemonldap::NG portal.
=head1 SYNOPSIS
=head2 Server side
use Lemonldap::NG::Manager::SOAPServer;
Lemonldap::NG::Manager::SOAPServer->start(
configStorage => {
type => "File",
dirName => "/usr/share/doc/lemonldap-ng/examples/conf/"
},
# 2 types are available :
# * 'config' for configuration access
# * 'sessions' for sessions access
type => 'sessions',
# For 'sessions' type, you can choose exported functions (get
# only by default):
AuthorizedFunctions => 'new get set',
);
=head2 Client side
See L<Lemonldap::NG::Common::Conf::SOAP> for documentation on client side
configuration access.
See L<Lemonldap::NG::Common::Apache::Session::SOAP> for documentation on client side
sessions access.
=head3 Configuration access
=head4 Area protection
package My::Package;
use Lemonldap::NG::Handler::SharedConf;
@ISA = qw(Lemonldap::NG::Handler::SharedConf);
__PACKAGE__->init ( {
localStorage => "Cache::FileCache",
localStorageOptions => {
'namespace' => 'MyNamespace',
'default_expires_in' => 600,
},
configStorage => {
type => 'SOAP',
proxy => 'http://manager.example.com/soapserver.pl',
# If soapserver is protected by HTTP Basic:
User => 'http-user',
Password => 'pass',
},
https => 0,
} );
=head4 Authentication portal
use Lemonldap::NG::Portal::SharedConf;
my $portal = Lemonldap::NG::Portal::SharedConf->new ( {
configStorage => {
type => 'SOAP',
proxy => 'http://localhost/devel/test.pl',
# If soapserver is protected by HTTP Basic:
User => 'http-user',
Password => 'pass',
}
});
# Next as usual...
if($portal->process()) {
...
=head4 Manager
use Lemonldap::NG::Manager;
my $m=new Lemonldap::NG::Manager(
{
configStorage=>{
type => 'SOAP',
proxy => 'http://localhost/devel/test.pl'
# If soapserver is protected by HTTP Basic:
User => 'http-user',
Password => 'pass',
},
dhtmlXTreeImageLocation=> "/imgs/",
}
) or die "Unable to start";
$m->doall();
=head3 Sessions access
Use simply Lemonldap::NG::Common::Apache::Session::SOAP in the 'Apache session
module'parameter (instead of Apache::Session::MySQL or
Apache::Session::File).
=head1 DESCRIPTION
Lemonldap::NG::Common::Conf provides a simple interface to access to
Lemonldap::NG Web-SSO configuration. It is used by L<Lemonldap::NG::Handler>,
L<Lemonldap::NG::Portal> and L<Lemonldap::NG::Manager>.
Lemonldap::NG::Manager::SOAPServer provides a SOAP proxy system that can be
used to access
=head2 SUBROUTINES
=over
=item * B<start>: main subroutine. It starts SOAP CGI system. You have to set
C<configStorage> to the real configuration storage system. See L<Synopsys> for
examples.
=item * B<process>: alias for start.
=item * B<new> (constructor): (called by C<start>). See code if you want to
overload this package.
=back
=head2 SECURITY
Since Lemonldap::NG::Manager::SOAPServer act as a CGI, you can protect
configuration access by any of the HTTP protection mecanisms.
See L<Lemonldap::NG::Common::Conf::SOAP> for the security in the client
side.
In "session" mode, you can control what functions can be used by SOAP. By
default, only "get" can be used: it means that only handlers can work with it.
Use "AuthorizedFunctions" parameter to grant other functions.
This module is obsolete. Now, use the portal.
=head1 SEE ALSO
L<Lemonldap::NG::Manager>, L<Lemonldap::NG::Common::Conf::SOAP>,
L<Lemonldap::NG::Handler>, L<Lemonldap::NG::Portal>,
http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation
L<Lemonldap::NG::Portal>,
=head1 AUTHOR

6
modules/lemonldap-ng-portal/Changes
View File

@ -1,5 +1,11 @@
Revision history for Perl extension Lemonldap::NG::Portal.
0.87 Sun feb 8 8:05:02 2009
- ldap+tls was broken
- fix security problem when running on Apache with thread support:
setMacros and setGroups were not launched with the good datas
- fix XSS filter that rejected URL with a port
0.86 Thu dec 25 8:55:41 2008
- New Menu module
* Password management