From bfed9a789cb86c218b3bf6285ffd1cfeb2881b71 Mon Sep 17 00:00:00 2001 From: Xavier Guimard Date: Mon, 29 Jun 2009 09:42:44 +0000 Subject: [PATCH] Documentation update --- build/lemonldap-ng/_example/conf/lmConf-1 | 2 +- build/lemonldap-ng/changelog | 39 ++++- build/lemonldap-ng/debian/storage.conf | 17 ++- modules/lemonldap-ng-common/Changes | 3 + .../NG/Common/Apache/Session/SOAP.pm | 17 ++- .../lib/Lemonldap/NG/Common/Conf.pm | 11 +- .../lib/Lemonldap/NG/Common/Conf/SOAP.pm | 22 ++- .../lib/Lemonldap/NG/Common/Safelib.pm | 2 +- modules/lemonldap-ng-common/storage.conf | 8 +- .../lemonldap-ng-handler/example/MyHandler.pm | 2 +- .../example/MyHandlerLog4Perl.pm | 2 +- .../lib/Lemonldap/NG/Handler/Status.pm | 2 +- .../t/11-Lemonldap-NG-Handler-Status.t | 2 +- modules/lemonldap-ng-manager/MANIFEST | 1 - .../lemonldap-ng-manager/example/sessions.pl | 2 +- .../example/soapserver.pl | 7 - .../lib/Lemonldap/NG/Manager/SOAPServer.pm | 134 +----------------- modules/lemonldap-ng-portal/Changes | 6 + 18 files changed, 91 insertions(+), 188 deletions(-) delete mode 100755 modules/lemonldap-ng-manager/example/soapserver.pl diff --git a/build/lemonldap-ng/_example/conf/lmConf-1 b/build/lemonldap-ng/_example/conf/lmConf-1 index 596d41edf..6ff495eb3 100644 --- a/build/lemonldap-ng/_example/conf/lmConf-1 +++ b/build/lemonldap-ng/_example/conf/lmConf-1 @@ -23,7 +23,7 @@ domain '__DNSDOMAIN__' timeout - 72000 + 7200 groups '$data1 = {};' diff --git a/build/lemonldap-ng/changelog b/build/lemonldap-ng/changelog index 653b0184e..ba5a59908 100644 --- a/build/lemonldap-ng/changelog +++ b/build/lemonldap-ng/changelog @@ -1,13 +1,38 @@ lemonldap-ng (0.9.4) unstable; urgency=low - * ldap+tls uri was not working (Closes: #312418) - * Session timeout is in seconds and not in minutes in Manager/Help.pm - (Closes: #312339) - * Notification system - * Missing dependency in Debian package (Closes: #521959 / bugs.debian.org) - * Double session mechanism (1 secured and the other not) + * Bugs : + - ldap+tls uri was not working (Closes: #312418) + - Session timeout is in seconds and not in minutes in Manager/Help.pm + (Closes: #312339) + - Missing dependency in Debian package (Closes: #521959 / bugs.debian.org) + * Logs : + - CGI's log subroutine : now if a CGI runs under ModPerl::Registry, it + stores it's log using Apache2::Log + - handler logs written in PerlLogHandler + * SOAP : + - New SOAP architecture : the portal serves now all webservices and the + security is based on Apache system (different locations) + - WSDL generation + * New features : + - LDAP backend for configuration and sessions storage + - portal can be a Perl expression in handlers + - POST requests generation in handler (used to post login/password in non + compatible applications) + - Sympa auto login handler + - New auth and userDB modules for the portal : Multi, Remote, Null (for + UserDB only) + - New module system for passwords + - Notification system + - Double session mechanism (1 secured and the other not) + - New fonctions for rules (stored in + lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm) : + * checkLogonHours + * checkDate + * Other : + - Pre-compilation in Apache's configuration files + - Cross-domain now included in core - -- Xavier Guimard Sun, 08 Feb 2009 20:12:17 +0100 + -- Xavier Guimard Mon, 29 Jun 2009 10:28:09 +0200 lemonldap-ng (0.9.3.4) unstable; urgency=low diff --git a/build/lemonldap-ng/debian/storage.conf b/build/lemonldap-ng/debian/storage.conf index 912a47696..771be4ffd 100644 --- a/build/lemonldap-ng/debian/storage.conf +++ b/build/lemonldap-ng/debian/storage.conf @@ -18,17 +18,26 @@ # dbiUser = lemonldap # dbiPassword = password # -# * SOAP: SOAP configuration access is a sort of proxy: the SOAP server that -# runs Lemonldap::NG::Manager::SOAPServer is configured to use the real -# session storage type (DBI or File for example). +# * SOAP: SOAP configuration access is a sort of proxy: the portal is +# configured to use the real session storage type (DBI or File for +# example). # You have to set 'proxy' parameter. Example: # # type = SOAP -# proxy = https://manager.example.com/soapmanager.pl +# proxy = https://auth.example.com/index.pl/config # proxyOptions = { timeout => 5 } # User = lemonldap # Password = mypassword # +# * LDAP: you have to set ldapServer, ldapConfBranch, ldapBindDN and ldapBindPassword. +# +# type = LDAP +# ldapServer = ldap://localhost +# ldapConfBase = ou=conf,ou=applications,dc=example,dc=com +# ldapBindDN = cn=manager,dc=example,dc=com +# ldapBindPassword = secret +# +# # 2 - LocalStorage # # To increase performances, use a local cache for the configuration. You have diff --git a/modules/lemonldap-ng-common/Changes b/modules/lemonldap-ng-common/Changes index 3b50e91e0..1ee176c07 100644 --- a/modules/lemonldap-ng-common/Changes +++ b/modules/lemonldap-ng-common/Changes @@ -1,5 +1,8 @@ Revision history for Perl extension Lemonldap::NG::Common. +0.92 Sun Feb 8 08:04:25 2009 + - Change CGI SOAP system + 0.91 Sun Dec 26 10:06:42 2008 - Add SOAP::Lite dependency diff --git a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session/SOAP.pm b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session/SOAP.pm index da02adcde..7f3e26e40 100644 --- a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session/SOAP.pm +++ b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Apache/Session/SOAP.pm @@ -227,7 +227,7 @@ access to Lemonldap::NG Web-SSO sessions via SOAP. __PACKAGE__->init ({ globalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP', globalStorageOptions => { - proxy => 'http://manager/cgi-bin/soapserver.pl', + proxy => 'http://auth.example.com/index.pl/sessions', proxyOptions => { timeout => 5, }, @@ -244,7 +244,7 @@ access to Lemonldap::NG Web-SSO sessions via SOAP. my $portal = new Lemonldap::NG::Portal::SharedConf ( globalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP', globalStorageOptions => { - proxy => 'http://manager/cgi-bin/soapserver.pl', + proxy => 'http://auth.example.com/index.pl/sessions', proxyOptions => { timeout => 5, }, @@ -267,9 +267,9 @@ Lemonldap::NG Web-SSO configuration. It is used by L, L and L. Lemonldap::NG::Common::Apache::Session::SOAP used with -L provides the ability to acces to -Lemonldap::NG sessions via SOAP: They act as a proxy to access to the real -Apache::Session module (set as Lemonldap::NG::Manager::SOAPServer parameter). +L provides the ability to acces to +Lemonldap::NG sessions via SOAP: the portal act as a proxy to access to the +real Apache::Session module (see HTML documentation for more) =head2 SECURITY @@ -298,7 +298,7 @@ C<>SOAP::Transport::HTTP::Client::get_basic_credentials>: }, configStorage => { type => 'SOAP', - proxy => 'http://manager.example.com/soapserver.pl', + proxy => 'http://auth.example.com/index.pl/sessions', User => 'http-user', Password => 'pass', }, @@ -326,7 +326,7 @@ set environment variables. }, configStorage => { type => 'SOAP', - proxy => 'http://manager.example.com/soapserver.pl', + proxy => 'http://auth.example.com/index.pl/sessions', }, https => 1, } ); @@ -335,7 +335,6 @@ set environment variables. =head1 SEE ALSO -L, L, L, L, L, http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation @@ -356,7 +355,7 @@ L =head1 COPYRIGHT AND LICENSE -Copyright (C) 2007 by Xavier Guimard +Copyright (C) 2007, 2008, 2009 by Xavier Guimard This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.8 or, diff --git a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf.pm b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf.pm index d64a186b7..4f99ac05b 100644 --- a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf.pm +++ b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf.pm @@ -35,7 +35,7 @@ our %_confFiles; # - { Type => "File", dirName => "/path/to/conf/dir/" }, # - { Type => "DBI", dbiChain => "DBI:mysql:database=lemonldap-ng;host=1.2.3.4", # dbiUser => "user", dbiPassword => "password" }, -# - { Type => "SOAP", proxy => "https://manager.example.com/soapmanager.pl" }, +# - { Type => "SOAP", proxy => "https://auth.example.com/index.pl/config" }, # - { Type => "LDAP", ldapServer => "ldap://localhost", ldapConfBranch => "ou=conf,ou=applications,dc=example,dc=com", # ldapBindDN => "cn=manager,dc=example,dc=com", ldapBindPassword => "secret"}, # @@ -414,16 +414,15 @@ choosen type. Examples: $confAccess = new Lemonldap::NG::Common::Conf( { type => 'SOAP', - proxy => 'https://manager.example.com/soapmanager.pl', + proxy => 'http://auth.example.com/index.pl/config', proxyOptions => { timeout => 5, }, }); -SOAP configuration access is a sort of proxy: the SOAP server that runs -L is configured to use the real session -storage type (DBI or File for example). See L for -more. +SOAP configuration access is a sort of proxy: the portal is configured to use +the real session storage type (DBI or File for example). See HTML documentation +for more. =item * B: $confAccess = new Lemonldap::NG::Common::Conf( diff --git a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SOAP.pm b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SOAP.pm index 9d2f779a1..0a18c8ff2 100644 --- a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SOAP.pm +++ b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SOAP.pm @@ -116,7 +116,7 @@ Lemonldap::NG Web-SSO configuration via SOAP. }, configStorage => { type => 'SOAP', - proxy => 'http://manager.example.com/soapserver.pl', + proxy => 'http://auth.example.com/index.pl/config', # If soapserver is protected by HTTP Basic: User => 'http-user', Password => 'pass', @@ -131,7 +131,7 @@ Lemonldap::NG Web-SSO configuration via SOAP. my $portal = Lemonldap::NG::Portal::SharedConf->new ( { configStorage => { type => 'SOAP', - proxy => 'http://localhost/devel/test.pl', + proxy => 'http://auth.example.com/index.pl/config', # If soapserver is protected by HTTP Basic: User => 'http-user', Password => 'pass', @@ -149,7 +149,7 @@ Lemonldap::NG Web-SSO configuration via SOAP. { configStorage=>{ type => 'SOAP', - proxy => 'http://localhost/devel/test.pl' + proxy => 'http://auth.example.com/index.pl/config', # If soapserver is protected by HTTP Basic: User => 'http-user', Password => 'pass', @@ -162,14 +162,8 @@ Lemonldap::NG Web-SSO configuration via SOAP. =head2 Server side -See L for documentation on client side. - - use Lemonldap::NG::Manager::SOAPServer; - Lemonldap::NG::Manager::SOAPServer->start( - configStorage => { - type=>"File", - dirName=>"/usr/share/doc/lemonldap-ng/examples/conf/" - } +You just have to set "Soap => 1" in your portal. See HTML documentation for +more. =head1 DESCRIPTION @@ -204,7 +198,7 @@ Examples : }, configStorage => { type => 'SOAP', - proxy => 'http://manager.example.com/soapserver.pl', + proxy => 'http://auth.example.com/index.pl/config', User => 'http-user', Password => 'pass', }, @@ -232,7 +226,7 @@ set environment variables. }, configStorage => { type => 'SOAP', - proxy => 'http://manager.example.com/soapserver.pl', + proxy => 'http://auth.example.com/index.pl/config', }, https => 1, } ); @@ -241,7 +235,7 @@ set environment variables. =head1 SEE ALSO -L, L, +L, L, L, http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation diff --git a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm index d73b2adaf..c515eecfe 100644 --- a/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm +++ b/modules/lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm @@ -127,7 +127,7 @@ L, L, L =head1 AUTHOR -Xavier Guimard, Eguimard@E +Xavier Guimard, Ex.guimard@free.frE Clement Oudot =head1 COPYRIGHT AND LICENSE diff --git a/modules/lemonldap-ng-common/storage.conf b/modules/lemonldap-ng-common/storage.conf index 58f5144ab..771be4ffd 100644 --- a/modules/lemonldap-ng-common/storage.conf +++ b/modules/lemonldap-ng-common/storage.conf @@ -18,13 +18,13 @@ # dbiUser = lemonldap # dbiPassword = password # -# * SOAP: SOAP configuration access is a sort of proxy: the SOAP server that -# runs Lemonldap::NG::Manager::SOAPServer is configured to use the real -# session storage type (DBI or File for example). +# * SOAP: SOAP configuration access is a sort of proxy: the portal is +# configured to use the real session storage type (DBI or File for +# example). # You have to set 'proxy' parameter. Example: # # type = SOAP -# proxy = https://manager.example.com/soapmanager.pl +# proxy = https://auth.example.com/index.pl/config # proxyOptions = { timeout => 5 } # User = lemonldap # Password = mypassword diff --git a/modules/lemonldap-ng-handler/example/MyHandler.pm b/modules/lemonldap-ng-handler/example/MyHandler.pm index c69e3a290..a36dc1a60 100644 --- a/modules/lemonldap-ng-handler/example/MyHandler.pm +++ b/modules/lemonldap-ng-handler/example/MyHandler.pm @@ -47,7 +47,7 @@ __PACKAGE__->init( # configuration. Example: #globalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP', #globalStorageOptions => { - # proxy => 'http://manager.example.com/soapserver.pl', + # proxy => 'http://auth.example.com/index.pl/sessions', # proxyOptions => { # timeout => 5, # }, diff --git a/modules/lemonldap-ng-handler/example/MyHandlerLog4Perl.pm b/modules/lemonldap-ng-handler/example/MyHandlerLog4Perl.pm index 7664e676b..0efc40527 100644 --- a/modules/lemonldap-ng-handler/example/MyHandlerLog4Perl.pm +++ b/modules/lemonldap-ng-handler/example/MyHandlerLog4Perl.pm @@ -55,7 +55,7 @@ __PACKAGE__->init( # configuration. Example: #globalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP', #globalStorageOptions => { - # proxy => 'http://manager.example.com/soapserver.pl', + # proxy => 'http://auth.example.com/index.pl/sessions', # proxyOptions => { # timeout => 5, # }, diff --git a/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Status.pm b/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Status.pm index 58a9e7da5..4b2d8913f 100644 --- a/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Status.pm +++ b/modules/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Status.pm @@ -341,7 +341,7 @@ L =head1 AUTHOR -Xavier Guimard, Eguimard@E +Xavier Guimard, Ex.guimard@free.frE =head1 COPYRIGHT AND LICENSE diff --git a/modules/lemonldap-ng-handler/t/11-Lemonldap-NG-Handler-Status.t b/modules/lemonldap-ng-handler/t/11-Lemonldap-NG-Handler-Status.t index c43a661a2..0f7fe18c8 100644 --- a/modules/lemonldap-ng-handler/t/11-Lemonldap-NG-Handler-Status.t +++ b/modules/lemonldap-ng-handler/t/11-Lemonldap-NG-Handler-Status.t @@ -26,7 +26,7 @@ ok( $h->localInit( { localStorage => 'Cache::FileCache', - localStorageOptions => { 'namespace' => 'MyNamespace', }, + localStorageOptions => { 'namespace' => 'MyNamespaceTest', }, status => 1 } ), diff --git a/modules/lemonldap-ng-manager/MANIFEST b/modules/lemonldap-ng-manager/MANIFEST index 9547055b0..d918c2abd 100644 --- a/modules/lemonldap-ng-manager/MANIFEST +++ b/modules/lemonldap-ng-manager/MANIFEST @@ -82,7 +82,6 @@ example/mrtg/lmng-mrtg example/mrtg/mrtg.cfg.example example/scripts/lmConfigEditor example/sessions.pl -example/soapserver.pl example/theme/default.css example/theme/hatch.gif example/theme/logo_lemonldap-ng.png diff --git a/modules/lemonldap-ng-manager/example/sessions.pl b/modules/lemonldap-ng-manager/example/sessions.pl index e229cb127..971077988 100644 --- a/modules/lemonldap-ng-manager/example/sessions.pl +++ b/modules/lemonldap-ng-manager/example/sessions.pl @@ -50,7 +50,7 @@ our $cgi = Lemonldap::NG::Manager::Sessions->new({ # configuration. Example: #globalStorage => 'Lemonldap::NG::Common::Apache::Session::SOAP', #globalStorageOptions => { - # proxy => 'http://manager.example.com/soapserver.pl', + # proxy => 'http://auth.example.com/index.pl/sessions', # proxyOptions => { # timeout => 5, # }, diff --git a/modules/lemonldap-ng-manager/example/soapserver.pl b/modules/lemonldap-ng-manager/example/soapserver.pl deleted file mode 100755 index ea11321c8..000000000 --- a/modules/lemonldap-ng-manager/example/soapserver.pl +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/perl - -use Lemonldap::NG::Manager::SOAPServer; - -Lemonldap::NG::Manager::SOAPServer->start(); - -__END__ diff --git a/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/SOAPServer.pm b/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/SOAPServer.pm index 48e34e0ab..4c7ea3cb7 100644 --- a/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/SOAPServer.pm +++ b/modules/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/SOAPServer.pm @@ -6,7 +6,7 @@ our $VERSION = '0.2'; die 'This module is now obsolete. You have to use the portal as "proxy". See http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/DocSOAP'; -__END__ + use SOAP::Transport::HTTP; use Lemonldap::NG::Common::Conf; #link protected config Configuration hash reference use UNIVERSAL qw(isa); @@ -181,142 +181,18 @@ __END__ =head1 NAME -Lemonldap::NG::Manager::SOAPServer - Perl extension written to access to -Lemonldap::NG Web-SSO configuration or sessions via SOAP. +Lemonldap::NG::Manager::SOAPServer - Obsolete : now SOAP services are included +in the Lemonldap::NG portal. =head1 SYNOPSIS -=head2 Server side - - use Lemonldap::NG::Manager::SOAPServer; - Lemonldap::NG::Manager::SOAPServer->start( - configStorage => { - type => "File", - dirName => "/usr/share/doc/lemonldap-ng/examples/conf/" - }, - # 2 types are available : - # * 'config' for configuration access - # * 'sessions' for sessions access - type => 'sessions', - # For 'sessions' type, you can choose exported functions (get - # only by default): - AuthorizedFunctions => 'new get set', - ); - -=head2 Client side - -See L for documentation on client side -configuration access. - -See L for documentation on client side -sessions access. - -=head3 Configuration access - -=head4 Area protection - - package My::Package; - use Lemonldap::NG::Handler::SharedConf; - @ISA = qw(Lemonldap::NG::Handler::SharedConf); - - __PACKAGE__->init ( { - localStorage => "Cache::FileCache", - localStorageOptions => { - 'namespace' => 'MyNamespace', - 'default_expires_in' => 600, - }, - configStorage => { - type => 'SOAP', - proxy => 'http://manager.example.com/soapserver.pl', - # If soapserver is protected by HTTP Basic: - User => 'http-user', - Password => 'pass', - }, - https => 0, - } ); - -=head4 Authentication portal - - use Lemonldap::NG::Portal::SharedConf; - - my $portal = Lemonldap::NG::Portal::SharedConf->new ( { - configStorage => { - type => 'SOAP', - proxy => 'http://localhost/devel/test.pl', - # If soapserver is protected by HTTP Basic: - User => 'http-user', - Password => 'pass', - } - }); - # Next as usual... - if($portal->process()) { - ... - -=head4 Manager - - use Lemonldap::NG::Manager; - - my $m=new Lemonldap::NG::Manager( - { - configStorage=>{ - type => 'SOAP', - proxy => 'http://localhost/devel/test.pl' - # If soapserver is protected by HTTP Basic: - User => 'http-user', - Password => 'pass', - }, - dhtmlXTreeImageLocation=> "/imgs/", - } - ) or die "Unable to start"; - - $m->doall(); - -=head3 Sessions access - - Use simply Lemonldap::NG::Common::Apache::Session::SOAP in the 'Apache session - module'parameter (instead of Apache::Session::MySQL or - Apache::Session::File). - =head1 DESCRIPTION -Lemonldap::NG::Common::Conf provides a simple interface to access to -Lemonldap::NG Web-SSO configuration. It is used by L, -L and L. - -Lemonldap::NG::Manager::SOAPServer provides a SOAP proxy system that can be -used to access - -=head2 SUBROUTINES - -=over - -=item * B: main subroutine. It starts SOAP CGI system. You have to set -C to the real configuration storage system. See L for -examples. - -=item * B: alias for start. - -=item * B (constructor): (called by C). See code if you want to -overload this package. - -=back - -=head2 SECURITY - -Since Lemonldap::NG::Manager::SOAPServer act as a CGI, you can protect -configuration access by any of the HTTP protection mecanisms. -See L for the security in the client -side. - -In "session" mode, you can control what functions can be used by SOAP. By -default, only "get" can be used: it means that only handlers can work with it. -Use "AuthorizedFunctions" parameter to grant other functions. +This module is obsolete. Now, use the portal. =head1 SEE ALSO -L, L, -L, L, -http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation +L, =head1 AUTHOR diff --git a/modules/lemonldap-ng-portal/Changes b/modules/lemonldap-ng-portal/Changes index 3d7c6930a..9e3429e47 100644 --- a/modules/lemonldap-ng-portal/Changes +++ b/modules/lemonldap-ng-portal/Changes @@ -1,5 +1,11 @@ Revision history for Perl extension Lemonldap::NG::Portal. +0.87 Sun feb 8 8:05:02 2009 + - ldap+tls was broken + - fix security problem when running on Apache with thread support: + setMacros and setGroups were not launched with the good datas + - fix XSS filter that rejected URL with a port + 0.86 Thu dec 25 8:55:41 2008 - New Menu module * Password management