dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Documentation update

Browse Source
This commit is contained in:
Xavier Guimard 2009-06-04 10:37:26 +00:00
parent 821c731f00
commit c9f496d7c6
19 changed files with 1832 additions and 1016 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
build/lemonldap-ng/doc/1-Overview-fr.html
View File

@ -63,11 +63,6 @@
<h2 class="heading-1"><span id=
"HLemonLDAP3A3ANG">LemonLDAP::NG</span></h2>
<p class="paragraph"></p>
<div class="c1"><img src="logo_lemonldap-ng_400px.png" alt=
"logo_lemonldap-ng_400px.png" /></div>
<p class="paragraph"></p>Lemonldap::NG est un <span class=
"wikilink"><a href=
"2-FAQ-fr.html#HQu27estcequ27unWebSSO3F">Web-SSO</a></span> modulaire
@ -142,8 +137,10 @@
<p class="paragraph"></p>Lemonldap::NG est compos&eacute; de 3
&eacute;l&eacute;ments s'appuyant sur 3 bases de donn&eacute;es&nbsp;:
<p class="paragraph"></p><img src="lemonldap-ng-architecture.png" alt=
"lemonldap-ng-architecture.png" />
<p class="paragraph"></p>
<div class="c1"><img src="lemonldap-ng-architecture.png" alt=
"lemonldap-ng-architecture.png" /></div>
<p class="paragraph"></p>Composants de Lemonldap::NG :
@ -192,8 +189,10 @@
<h3 class="heading-1-1"><span id=
"HCinC3A9matique">Cin&eacute;matique</span></h3>
<p class="paragraph"></p><img src="lemonldap-ng-cinematique.png" alt=
"lemonldap-ng-cinematique.png" />
<p class="paragraph"></p>
<div class="c1"><img src="lemonldap-ng-cinematique.png" alt=
"lemonldap-ng-cinematique.png" /></div>
<p class="paragraph"></p>D&eacute;tail du fonctionnement :

17
build/lemonldap-ng/doc/1-Overview.html
View File

@ -63,11 +63,6 @@
<h2 class="heading-1"><span id=
"HLemonLDAP3A3ANG">LemonLDAP::NG</span></h2>
<p class="paragraph"></p>
<div class="c1"><img src="logo_lemonldap-ng_400px.png" alt=
"logo_lemonldap-ng_400px.png" /></div>
<p class="paragraph"></p>Lemonldap::NG is a modular Web-SSO based on
Apache::Session modules. It simplifies the build of a protected area with
a few changes in the application. It manages both authentication and
@ -130,8 +125,10 @@
<p class="paragraph"></p>Lemonldap::NG est composed by 3 elements and 3
databases&nbsp;:
<p class="paragraph"></p><img src="lemonldap-ng-architecture.png" alt=
"lemonldap-ng-architecture.png" />
<p class="paragraph"></p>
<div class="c1"><img src="lemonldap-ng-architecture.png" alt=
"lemonldap-ng-architecture.png" /></div>
<p class="paragraph"></p>Lemonldap::NG components :
@ -166,8 +163,10 @@
<h3 class="heading-1-1"><span id="HKinematics">Kinematics</span></h3>
<p class="paragraph"></p><img src="lemonldap-ng-cinematique.png" alt=
"lemonldap-ng-cinematique.png" />
<p class="paragraph"></p>
<div class="c1"><img src="lemonldap-ng-cinematique.png" alt=
"lemonldap-ng-cinematique.png" /></div>
<p class="paragraph"></p>Detail of operations :

7
build/lemonldap-ng/doc/2-FAQ-fr.html
View File

@ -251,9 +251,10 @@
par une simple connexion HTTP(S). Le serveur SOAP acc&egrave;de lui
&agrave; la configuration par un des syst&egrave;mes
pr&eacute;c&eacute;dents (File ou DBI). Pour plus d'informations, voir
la page <span class="wikilink"><a href=
"4.3-Configure-SOAP-fr.html">Utilisation des Web
Services</a></span>.</li>
la page <a class="wikicreatelink" href=
"/xwiki/bin/edit/NG/DocSOAP?parent=NG.FAQ"><span class=
"wikicreatelinktext">Utilisation des Web Services</span><span class=
"wikicreatelinkqm">?</span></a>.</li>
</ul>
<h4 class="heading-1-1-1"><span id=

208
build/lemonldap-ng/doc/3-Table-of-contents-fr.html
View File

@ -70,10 +70,25 @@
<ul>
<li><a href="#HGC3A9nC3A9ral">G&eacute;n&eacute;ral</a></li>
<li><a href="#HLDAP">LDAP</a></li>
<li><a href="#HPortail">Portail</a></li>
<li><a href="#HFonctionnalitC3A9sC3A9tendues">Fonctionnalit&eacute;s
&eacute;tendues</a></li>
<li><a href="#HStockagedelaconfiguration">Stockage de la
configuration</a></li>
<li><a href="#HStockagedessessions">Stockage des sessions</a></li>
<li><a href="#HMC3A9thodesd27authentification">M&eacute;thodes
d'authentification</a></li>
<li><a href="#HBased27utilisateurs">Base d'utilisateurs</a></li>
<li><a href="#HBasedemotsdepasse">Base de mots de passe</a></li>
<li><a href="#HSpC3A9cificitC3A9sLDAP">Sp&eacute;cificit&eacute;s
LDAP</a></li>
<li><a href="#HFonctionnalitC3A9savancC3A9es">Fonctionnalit&eacute;s
avanc&eacute;es</a></li>
</ul>
</li>
@ -134,18 +149,6 @@
<li><span class="wikilink"><a href=
"3.3-Install-from-redhat-packages.html">Installation sous RHEL/CentOS
&agrave; partir des paquets</a></span> (en)</li>
<li><span class="wikilink"><a href=
"3.4-Install-of-MySQL-storage.html">Utilisation de MySQL pour le
stockage des sessions et/ou de la configuration</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocLDAPStorage">Utilisation de LDAP pour le stockage
de la configuration</a></span> (en)</li>
<li><span class="wikilink"><a href=
"3.5-Install-of-example-fr.html">Installation l'exemple
fourni</a></span></li>
</ul>
<h3 class="heading-1-1"><span id=
@ -160,22 +163,121 @@
"4.1-Configuration-overview.html">Vision globale de la
configuration</a></span> (en)</li>
<li><span class="wikilink"><a href="4.1-RBAC-model.html">Mod&egrave;le
RBAC</a></span> (en)</li>
<li><span class="wikilink"><a href=
"4.1-Configuration-parameter-list.html">Liste des param&egrave;tres de
configuration</a></span> (en)</li>
</ul>
<h4 class="heading-1-1-1"><span id="HPortail">Portail</span></h4>
<ul class="star">
<li><span class="wikilink"><a href="4.1-Configure-portal-menu.html">Menu
du portail</a></span> (en)</li>
<li><span class="wikilink"><a href=
"4.1-HTML-templates-customization.html">Personnalisation des canevas
HTML pour le portail</a></span> (en)</li>
<li><span class="wikilink"><a href="4.1-RBAC-model.html">Mod&egrave;le
RBAC</a></span> (en)</li>
</ul>
<h4 class="heading-1-1-1"><span id="HLDAP">LDAP</span></h4>
<h4 class="heading-1-1-1"><span id="HStockagedelaconfiguration">Stockage
de la configuration</span></h4>
<ul class="star">
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocFileStorage">Fichiers</a></span> (en)</li>
<li><span class="wikilink"><a href=
"3.4-Install-of-MySQL-storage.html">MySQL</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocLDAPStorage">LDAP</a></span> (en)</li>
<li><span class="wikilink"><a href=
"4.3-Configure-SOAP-fr.htmlStorage">SOAP</a></span> (en)</li>
</ul>
<h4 class="heading-1-1-1"><span id="HStockagedessessions">Stockage des
sessions</span></h4>
<ul class="star">
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocFileSessionStorage">Fichiers</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocMySQLSessionStorage">MySQL</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocLDAPSessionStorage">LDAP</a></span> (en)</li>
<li><span class="wikilink"><a href=
"4.3-Configure-SOAP-fr.htmlSessionStorage">SOAP</a></span> (en)</li>
</ul>
<h4 class="heading-1-1-1"><span id=
"HMC3A9thodesd27authentification">M&eacute;thodes
d'authentification</span></h4>
<ul class="star">
<li><span class="wikilink"><a href="/xwiki/bin/view/NG/AuthLDAP">LDAP,
Active Directory</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/SSL">SSL</a></span> (en)</li>
<li><span class="wikilink"><a href="/xwiki/bin/view/NG/Kerberos">Apache,
Kerberos</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/CAS">CAS</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/AuthRemote">Distante</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/AuthMulti">Multiple</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/AuthSAML">SAML</a></span> (en)</li>
<li><span class="wikilink"><a href=
"4.3-Configure-Liberty-Alliance-fr.html">Liberty Alliance (projet
FederID)</a></span> (fr)</li>
</ul>
<h4 class="heading-1-1-1"><span id="HBased27utilisateurs">Base
d'utilisateurs</span></h4>
<ul class="star">
<li><span class="wikilink"><a href="/xwiki/bin/view/NG/UserDBLDAP">LDAP,
Active Directory</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/UserDBNull">Vide</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/AuthRemote">Distante</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/UserDBMulti">Multiple</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/UserDBSAML">SAML</a></span> (en)</li>
</ul>
<h4 class="heading-1-1-1"><span id="HBasedemotsdepasse">Base de mots de
passe</span></h4>
<ul class="star">
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/PasswordDBLDAP">LDAP, Active Directory</a></span>
(en)</li>
</ul>
<h4 class="heading-1-1-1"><span id=
"HSpC3A9cificitC3A9sLDAP">Sp&eacute;cificit&eacute;s LDAP</span></h4>
<ul class="star">
<li><span class="wikilink"><a href=
@ -188,29 +290,25 @@
</ul>
<h4 class="heading-1-1-1"><span id=
"HFonctionnalitC3A9sC3A9tendues">Fonctionnalit&eacute;s
&eacute;tendues</span></h4>
"HFonctionnalitC3A9savancC3A9es">Fonctionnalit&eacute;s
avanc&eacute;es</span></h4>
<ul class="star">
<li><span class="wikilink"><a href=
"4.3-Configure-SOAP-fr.html">Utilisation des Web Services (modules
SOAP)</a></span> (fr)</li>
<li><span class="wikilink"><a href=
"4.3-Configure-Liberty-Alliance-fr.html">Utilisation de Liberty Alliance
pour la f&eacute;d&eacute;ration d'identit&eacute;s (projet
FederID)</a></span> (fr)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/SSL">Authentification SSL</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/Kerberos">Authentification Kerberos</a></span>
"/xwiki/bin/view/NG/CDA">Authentification "cross domain"</a></span>
(en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/Notifications">Syst&egrave;me de
notifications</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/SeveralIndependantPortals">Gestion de plusieurs
portails ind&eacute;pendants</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/ResetPassword">Envoi d'un nouveau mot de passe par
mail</a></span> (en)</li>
</ul>
<h3 class="heading-1-1"><span id="HProtectiondesapplications">Protection
@ -297,6 +395,20 @@
<span class="wikiexternallink"><a href="http://www.sympa.org/">Site
web officiel</a></span></td>
</tr>
<tr class="table-even">
<td><strong class="strong">Bugzilla</strong><br />
<img src="/xwiki/bin/download/NG/Documentation/bugzilla_logo.png" alt=
"bugzilla_logo.png" /></td>
<td>Gestionnaire de bugs<br />
<br />
<span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocAppBugzilla">Proc&eacute;dure SSO</a></span>
(en)<br />
<span class="wikiexternallink"><a href="http://www.bugzilla.org/">Site
web officiel</a></span></td>
</tr>
</table>
<h4 class="heading-1-1-1"><span id="HConnecteurs">Connecteurs</span></h4>
@ -343,7 +455,9 @@
"maison"</span></h4>
<ul class="star">
<li>Comment modifier mon application?</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocAppSelfMade">Comment modifier mon application
?</a></span></li>
</ul>
<h3 class="heading-1-1"><span id="HAutres">Autres</span></h3><img src=
@ -362,26 +476,32 @@
"HDocumentationpourlesdC3A9veloppeurs">Documentation pour les
d&eacute;veloppeurs</span></h4>
<p class="paragraph"></p>Voir la <span class="wikiexternallink"><a href=
"http://lemonldap.objectweb.org/NG/devel-doc/">documentation
Doxygen</a></span>
<ul class="star">
<li>Voir la <span class="wikiexternallink"><a href=
"http://lemonldap.objectweb.org/NG/devel-doc/">documentation
Doxygen</a></span></li>
</ul>
<h4 class="heading-1-1-1"><span id="HFAQ">FAQ</span></h4>
<p class="paragraph"></p>Voir la page <span class="wikilink"><a href=
"2-FAQ-fr.html">FAQ</a></span>.
<ul class="star">
<li>Voir la page <span class="wikilink"><a href=
"2-FAQ-fr.html">FAQ</a></span>.</li>
</ul>
<h4 class="heading-1-1-1"><span id="HErreurs">Erreurs</span></h4>
<p class="paragraph"></p>Voir la page <span class="wikilink"><a href=
"6-Errors-fr.html">erreurs</a></span>.
<ul class="star">
<li>Voir la page <span class="wikilink"><a href=
"6-Errors-fr.html">erreurs</a></span>.</li>
</ul>
<h4 class="heading-1-1-1"><span id="HFormations">Formations</span></h4>
<ul class="star">
<li><span class="wikiexternallink"><a href=
"http://www.linagora.org/article166.html">Le WebSSO LemonLDAP::NG
(LINAGORA)</a></span> (fr)</li>
"http://linagora.org/contrib/annuaires/formations/websso_lemonldap_ng">Le
WebSSO LemonLDAP::NG (LINAGORA)</a></span> (fr)</li>
</ul>
</div>

203
build/lemonldap-ng/doc/3-Table-of-contents.html
View File

@ -69,9 +69,24 @@
<ul>
<li><a href="#HGeneral">General</a></li>
<li><a href="#HLDAP">LDAP</a></li>
<li><a href="#HPortal">Portal</a></li>
<li><a href="#HExtendedfeatures">Extended features</a></li>
<li><a href="#HConfigurationbackends">Configuration
backends</a></li>
<li><a href="#HSessionbackends">Session backends</a></li>
<li><a href="#HAuthenticationbackends">Authentication
backends</a></li>
<li><a href="#HUserdatabasebackends">User database backends</a></li>
<li><a href="#HPassworddatabasebackends">Password database
backends</a></li>
<li><a href="#HLDAPspecificities">LDAP specificities</a></li>
<li><a href="#HAdvancedfeatures">Advanced features</a></li>
</ul>
</li>
@ -129,18 +144,6 @@
<li><span class="wikilink"><a href=
"3.3-Install-from-redhat-packages.html">Installation on RHEL/CentOS with
packages</a></span> (en)</li>
<li><span class="wikilink"><a href=
"3.4-Install-of-MySQL-storage.html">Use of MySQL for sessions and/or
configuration storage</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocLDAPStorage">Use of LDAP for configuration
storage</a></span> (en)</li>
<li><span class="wikilink"><a href=
"3.5-Install-of-example.html">Provided example
installation</a></span></li>
</ul>
<h3 class="heading-1-1"><span id=
@ -154,22 +157,120 @@
"4.1-Configuration-overview.html">Configuration overview</a></span>
(en)</li>
<li><span class="wikilink"><a href="4.1-RBAC-model.html">RBAC
model</a></span> (en)</li>
<li><span class="wikilink"><a href=
"4.1-Configuration-parameter-list.html">Configuration parameters
list</a></span> (en)</li>
</ul>
<h4 class="heading-1-1-1"><span id="HPortal">Portal</span></h4>
<ul class="star">
<li><span class="wikilink"><a href=
"4.1-Configure-portal-menu.html">Portal menu</a></span> (en)</li>
<li><span class="wikilink"><a href=
"4.1-HTML-templates-customization.html">HTML templates
customization</a></span> (en)</li>
<li><span class="wikilink"><a href="4.1-RBAC-model.html">RBAC
model</a></span> (en)</li>
</ul>
<h4 class="heading-1-1-1"><span id="HLDAP">LDAP</span></h4>
<h4 class="heading-1-1-1"><span id="HConfigurationbackends">Configuration
backends</span></h4>
<ul class="star">
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocFileStorage">File</a></span> (en)</li>
<li><span class="wikilink"><a href=
"3.4-Install-of-MySQL-storage.html">MySQL</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocLDAPStorage">LDAP</a></span> (en)</li>
<li><span class="wikilink"><a href=
"4.3-Configure-SOAP-fr.htmlStorage">SOAP</a></span> (en)</li>
</ul>
<h4 class="heading-1-1-1"><span id="HSessionbackends">Session
backends</span></h4>
<ul class="star">
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocFileSessionStorage">File</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocMySQLSessionStorage">MySQL</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocLDAPSessionStorage">LDAP</a></span> (en)</li>
<li><span class="wikilink"><a href=
"4.3-Configure-SOAP-fr.htmlSessionStorage">SOAP</a></span> (en)</li>
</ul>
<h4 class="heading-1-1-1"><span id=
"HAuthenticationbackends">Authentication backends</span></h4>
<ul class="star">
<li><span class="wikilink"><a href="/xwiki/bin/view/NG/AuthLDAP">LDAP,
Active Directory</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/SSL">SSL</a></span> (en)</li>
<li><span class="wikilink"><a href="/xwiki/bin/view/NG/Kerberos">Apache,
Kerberos</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/CAS">CAS</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/AuthRemote">Remote</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/AuthMulti">Multiple</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/AuthSAML">SAML</a></span> (en)</li>
<li><span class="wikilink"><a href=
"4.3-Configure-Liberty-Alliance-fr.html">Liberty Alliance (FederID
project)</a></span> (fr)</li>
</ul>
<h4 class="heading-1-1-1"><span id="HUserdatabasebackends">User database
backends</span></h4>
<ul class="star">
<li><span class="wikilink"><a href="/xwiki/bin/view/NG/UserDBLDAP">LDAP,
Active Directory</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/UserDBNull">Null</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/AuthRemote">Remote</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/UserDBMulti">Multiple</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/UserDBSAML">SAML</a></span> (en)</li>
</ul>
<h4 class="heading-1-1-1"><span id="HPassworddatabasebackends">Password
database backends</span></h4>
<ul class="star">
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/PasswordDBLDAP">LDAP, Active Directory</a></span>
(en)</li>
</ul>
<h4 class="heading-1-1-1"><span id="HLDAPspecificities">LDAP
specificities</span></h4>
<ul class="star">
<li><span class="wikilink"><a href=
@ -180,27 +281,24 @@
schema extension</a></span> (en)</li>
</ul>
<h4 class="heading-1-1-1"><span id="HExtendedfeatures">Extended
<h4 class="heading-1-1-1"><span id="HAdvancedfeatures">Advanced
features</span></h4>
<ul class="star">
<li><span class="wikilink"><a href="4.3-Configure-SOAP-fr.html">Web
Services (SOAP)</a></span> (fr)</li>
<li><span class="wikilink"><a href=
"4.3-Configure-Liberty-Alliance-fr.html">Liberty Alliance (FederID
project)</a></span> (fr)</li>
<li><span class="wikilink"><a href="/xwiki/bin/view/NG/SSL">SSL
authentication</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/Kerberos">Kerberos authentication</a></span>
(en)</li>
<li><span class="wikilink"><a href="/xwiki/bin/view/NG/CDA">Cross-Domain
Authentication</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/Notifications">Notifications system</a></span>
(en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/SeveralIndependantPortals">Management of several
independant portals</a></span> (en)</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/ResetPassword">Reset password by mail</a></span>
(en)</li>
</ul>
<h3 class="heading-1-1"><span id="HApplicationprotection">Application
@ -283,6 +381,19 @@
<span class="wikiexternallink"><a href=
"http://www.sympa.org/">Official website</a></span></td>
</tr>
<tr class="table-even">
<td><strong class="strong">Bugzilla</strong><br />
<img src="/xwiki/bin/download/NG/Documentation/bugzilla_logo.png" alt=
"bugzilla_logo.png" /></td>
<td>Bugtracker<br />
<br />
<span class="wikilink"><a href="/xwiki/bin/view/NG/DocAppBugzilla">SSO
procedure</a></span> (en)<br />
<span class="wikiexternallink"><a href=
"http://www.bugzilla.org/">Official website</a></span></td>
</tr>
</table>
<h4 class="heading-1-1-1"><span id="HConnectors">Connectors</span></h4>
@ -326,7 +437,9 @@
<h4 class="heading-1-1-1"><span id="HSelfmade">Self-made</span></h4>
<ul class="star">
<li>How to modify my application?</li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/DocAppSelfMade">How to modify my
application?</a></span></li>
</ul>
<h3 class="heading-1-1"><span id="HOthers">Others</span></h3><img src=
@ -343,26 +456,32 @@
<h4 class="heading-1-1-1"><span id="HDevelopersdocumentation">Developers
documentation</span></h4>
<p class="paragraph"></p>See <span class="wikiexternallink"><a href=
"http://lemonldap.objectweb.org/NG/devel-doc/">Doxygen
documentation</a></span>
<ul class="star">
<li>See <span class="wikiexternallink"><a href=
"http://lemonldap.objectweb.org/NG/devel-doc/">Doxygen
documentation</a></span></li>
</ul>
<h4 class="heading-1-1-1"><span id="HFAQ">FAQ</span></h4>
<p class="paragraph"></p>See <span class="wikilink"><a href=
"2-FAQ.html">FAQ</a></span> page.
<ul class="star">
<li>See <span class="wikilink"><a href="2-FAQ.html">FAQ</a></span>
page.</li>
</ul>
<h4 class="heading-1-1-1"><span id="HErrors">Errors</span></h4>
<p class="paragraph"></p>See <span class="wikilink"><a href=
"6-Errors.html">errors</a></span> page.
<ul class="star">
<li>See <span class="wikilink"><a href="6-Errors.html">errors</a></span>
page.</li>
</ul>
<h4 class="heading-1-1-1"><span id="HTraining">Training</span></h4>
<ul class="star">
<li><span class="wikiexternallink"><a href=
"http://www.linagora.org/article166.html">The WebSSO LemonLDAP::NG
(LINAGORA)</a></span> (fr)</li>
"http://linagora.org/contrib/annuaires/formations/websso_lemonldap_ng">The
WebSSO LemonLDAP::NG (LINAGORA)</a></span> (fr)</li>
</ul>
</div>

73
build/lemonldap-ng/doc/3.1-Install-prerequesites.html
View File

@ -69,6 +69,8 @@
<ul>
<li><a href="#HMandatory">Mandatory</a></li>
<li><a href="#HResetPasswordbyMail">Reset Password by Mail</a></li>
<li><a href="#HExtras">Extras</a></li>
</ul>
</li>
@ -85,6 +87,10 @@
<li><a href="#HYUM">YUM</a></li>
</ul>
</li>
<li><a href=
"#HLinkbetweenLemonLDAP3A3ANGversionsandCPANmodulesversions">Link
between LemonLDAP::NG versions and CPAN modules versions</a></li>
</ul>
<h3 class="heading-1-1"><span id="HApache">Apache</span></h3>
@ -142,12 +148,25 @@
<li>XML::LibXSLT</li>
</ul>
<h4 class="heading-1-1-1"><span id="HResetPasswordbyMail">Reset Password
by Mail</span></h4>
<ul class="star">
<li>String::Random</li>
<li>MIME::Lite</li>
<li>Email::Date::Format</li>
</ul>
<h4 class="heading-1-1-1"><span id="HExtras">Extras</span></h4>
<ul class="star">
<li>Lasso</li>
<li>CAS</li>
<li>Test::POD</li>
</ul>
<h3 class="heading-1-1"><span id="HOther">Other</span></h3>
@ -161,12 +180,14 @@
"HInstalldependenciesonyoursystem">Install dependencies on your
system</span></h3>
<h4 class="heading-1-1-1"><span id="HAPTGET">APT-GET</span></h4><br />
<br />
<h4 class="heading-1-1-1"><span id="HAPTGET">APT-GET</span></h4>
<p class="paragraph"></p>
<div class="code">
<pre>
# apt-get install apache2 libapache2-mod-perl2 libapache-session-perl libnet-ldap-perl libcache-cache-perl libdbi-perl perl-modules libwww-perl libcache-cache-perl libxml-simple-perl libsoap-lite-perl libhtml-template-perl libregexp-assemble-perl libjs-jquery libxml-libxml-perl libcrypt-rijndael-perl libio-string-perl libxml-libxslt-perl
# apt-get install libstring-random-perl libemail-date-format-perl libmime-lite-perl
</pre>
</div>
@ -185,6 +206,54 @@
# yum install httpd mod_perl perl-Apache-Session perl-LDAP perl-XML-SAX perl-XML-NamespaceSupport perl-HTML-Template perl-Regexp-Assemble perl-Error perl-IPC-ShareLite perl-Cache-Cache perl-FreezeThaw perl-XML-Simple perl-version perl-CGI-Session perl-DBD-Pg perl-XML-LibXML-Common perl-BSD-Resource perl-XML-LibXML perl-Crypt-Rijndael perl-IO-<span class="java-object">String</span> perl-XML-LibXSLT
</pre>
</div>
<h3 class="heading-1-1"><span id=
"HLinkbetweenLemonLDAP3A3ANGversionsandCPANmodulesversions">Link between
LemonLDAP::NG versions and CPAN modules versions</span></h3><br />
<br />
All lemonLDAP::NG Perl modules are published on <span class=
"wikiexternallink"><a href=
"http://search.cpan.org/~guimard/">CPAN</a></span>. Here is the
correspondance between LemonLDAP::NG version and CPAN versions:<br />
<br />
<table class="wiki-table" cellpadding="0" cellspacing="0" border="0">
<tr>
<th>LemonLDAP::NG</th>
<th>Common</th>
<th>Handler</th>
<th>Manager</th>
<th>Portal</th>
</tr>
<tr class="table-odd">
<td>0.9.3</td>
<td>0.91</td>
<td>0.90</td>
<td>0.87</td>
<td>0.86</td>
</tr>
<tr class="table-even">
<td>0.9.4</td>
<td>0.92</td>
<td>0.91</td>
<td>0.88</td>
<td>0.87</td>
</tr>
</table>
</div>
<p class="footer"><a href="index.html">Index</a></p>

95
build/lemonldap-ng/doc/3.2-Install-from-tarball.html
View File

@ -132,21 +132,9 @@ $ tar zxvf lemonldap-ng-*.tar.gz
First check and install the <span class="wikilink"><a href=
"3.1-Install-prerequesites.html">prerequisites</a></span>.<br />
<br />
If you just want to install a handler or a portal or a manager:<br />
For full install:<br />
<br />
<div class="code">
<pre>
$ cd lemonldap-ng-*/Lemonldap-NG-(Portal|Handler|Manager|Common)
$ perl Makefile.PL &amp;&amp; make &amp;&amp; make test
$ sudo make install
</pre>
</div>
<p class="paragraph"></p>Else for full modules install:
<p class="paragraph"></p>
<div class="code">
<pre>
$ cd lemonldap-ng-*
@ -154,6 +142,87 @@ $ make &amp;&amp; make test
$ sudo make install
</pre>
</div>
<p class="paragraph"></p>You can choose other Makefile targets:
<ul class="star">
<li>Perl libraries install :
<ul class="star">
<li>install_libs (all Perl libraries)</li>
<li>install_portal_libs</li>
<li>install_manager_libs</li>
<li>install_handler_libs</li>
</ul>
</li>
<li>Binaries install :
<ul class="star">
<li>install_bin (/usr/local/lemonldap-ng/bin)</li>
</ul>
</li>
<li>Web sites install :
<ul class="star">
<li>install_site (all sites including install_doc_site)</li>
<li>install_portal_site (/usr/local/lemonldap-ng/htdocs/portal)</li>
<li>install_manager_site
(/usr/local/lemonldap-ng/htdocs/manager)</li>
<li>install_handler_site (/usr/local/lemonldap-ng/handler)</li>
</ul>
</li>
<li>Documentation install :
<ul class="star">
<li>install_doc_site (/usr/local/lemonldap-ng/htdocs/doc)</li>
<li>install_examples_site (/usr/local/lemonldap-ng/examples)</li>
</ul>
</li>
</ul>You can also pass parameters to the make install command, with this
syntax:
<div class="code">
<pre>
$ sudo make install PARAM=VALUE PARAM=VALUE ...
</pre>
</div><br />
<br />
Available parameters are:
<ul class="star">
<li>ERASECONFIG: set to 0 if you want to keep your configuration files
(default: 1)</li>
<li>DESTDIR: only for packaging, install the product in a jailroot
(default: "")</li>
<li>PREFIX: installation directory (default: /usr/local)</li>
<li>CRONDIR: Cronfile directory (default:
$PREFIX/etc/lemonldap-ng/cron.d)</li>
<li>APACHEUSER: user running Apache</li>
<li>APACHEGROUP: group running Apache</li>
<li>DNSDOMAIN: Main DNS domain (default: example.com)</li>
<li>LDAPHOST: LDAP server (default: localhost)</li>
<li>LDAPPORT: LDAP port (default: 389)</li>
<li>LDAPSUFFIX: LDAP suffix (default: dc=example,dc=com)</li>
</ul>
</div>
<p class="footer"><a href="index.html">Index</a></p>

2
build/lemonldap-ng/doc/3.3-Install-from-redhat-packages.html
View File

@ -98,7 +98,7 @@
<li>lemonldap-ng-conf: contains default configuration (DNS domain:
example.com)</li>
<li>lemonldap-ng-test: containts sampel CGI test page</li>
<li>lemonldap-ng-test: contains sample CGI test page</li>
<li>lemonldap-ng-handler: contains Apache Handler implementation
(agent)</li>

108
build/lemonldap-ng/doc/3.4-Install-of-MySQL-storage.html
View File

@ -56,9 +56,8 @@
<body>
<div class="main-content">
<h2 class="heading-1"><span id=
"HUseofMySQLforsessionsand2Forconfigurationstorage">Use of MySQL for
sessions and/or configuration storage</span></h2>
<h2 class="heading-1"><span id="HUseofMySQLforconfigurationstorage">Use of
MySQL for configuration storage</span></h2>
<p class="paragraph"></p>
@ -70,8 +69,6 @@
<li><a href="#HDatabasecreation">Database creation</a></li>
<li><a href="#HConfigurationtable">Configuration table</a></li>
<li><a href="#HSessiontable">Session table</a></li>
</ul>
</li>
@ -80,11 +77,11 @@
configuration</a>
<ul>
<li><a href="#HSetconfigStorageforLemonLDAP3A3ANGmodules">Set
configStorage for LemonLDAP::NG modules</a></li>
<li><a href="#HDefaultconfiguration">Default configuration</a></li>
<li><a href="#HSetApache3A3ASessionbackend">Set Apache::Session
backend</a></li>
<li><a href=
"#HOverrideconfigStorageforLemonLDAP3A3ANGmodules">Override
configStorage for LemonLDAP::NG modules</a></li>
</ul>
</li>
</ul>
@ -99,12 +96,12 @@
<h4 class="heading-1-1-1"><span id="HDatabasecreation">Database
creation</span></h4><br />
<br />
For example, create the database "lemonldapng" :<br />
For example, create the database "lemonldap-ng" :<br />
<br />
<div class="code">
<pre>
# mysqladmin create lemonldapng
# mysqladmin create lemonldap-ng
</pre>
</div>
@ -142,48 +139,34 @@ CREATE TABLE lmConfig (
</pre>
</div>
<h4 class="heading-1-1-1"><span id="HSessiontable">Session
table</span></h4>
<h3 class="heading-1-1"><span id=
"HLemonLDAP3A3ANGconfiguration">LemonLDAP::NG configuration</span></h3>
<p class="paragraph"></p>The choice of Apache::Session::* module is free.
See Apache::Session::Store::* or Apache::Session::* to know how to
configure the module.
<h4 class="heading-1-1-1"><span id="HDefaultconfiguration">Default
configuration</span></h4>
<p class="paragraph"></p>If you want to use Apache::Session::MySQL, you
can create the database like this:
<p class="paragraph"></p>You can set this directly in <strong class=
"strong">storage.conf</strong>:
<p class="paragraph"></p>
<div class="code">
<pre>
CREATE TABLE sessions (
id <span class="java-object">char</span>(32),
a_session text
);
type = DBI
dbiChain = DBI:mysql:database=lemonldap-ng;host=1.2.3.4
dbiUser = lemonldap
dbiPassword = password
dbiTable = lmConfig
</pre>
</div>
<h3 class="heading-1-1"><span id=
"HLemonLDAP3A3ANGconfiguration">LemonLDAP::NG configuration</span></h3>
<h4 class="heading-1-1-1"><span id=
"HSetconfigStorageforLemonLDAP3A3ANGmodules">Set configStorage for
LemonLDAP::NG modules</span></h4>
"HOverrideconfigStorageforLemonLDAP3A3ANGmodules">Override configStorage
for LemonLDAP::NG modules</span></h4>
<p class="paragraph"></p>By default, configStorage use the "File" backend,
like:
<div class="code">
<pre>
configStorage =&gt; {
type =&gt; <span class="java-quote">"File"</span>,
dirName =&gt; <span class="java-quote">"/etc/lemonldap-ng/conf/"</span>,
},
</pre>
</div>
<p class="paragraph"></p>You have to replace it with MySQL parameters, for
example:
<p class="paragraph"></p>Edit for example <strong class=
"strong">portal/index.pl</strong> or <strong class=
"strong">handler/MyHandler.pm</strong>:
<div class="code">
<pre>
@ -197,48 +180,7 @@ configStorage =&gt; {
</pre>
</div>
<h4 class="heading-1-1-1"><span id="HSetApache3A3ASessionbackend">Set
Apache::Session backend</span></h4>
<p class="paragraph"></p>Go to the Manager and go in <strong class=
"strong">General Parameters &gt; Session Storage</strong>. Then change
<strong class="strong">Apache::Session module</strong> to
"Apache::Session::MySQL" and in <strong class="strong">Apache::Session
parameters</strong> configure the following options:
<ul class="star">
<li>DataSource (for example:
DBI:mysql:database=lemonldapng;host=127.0.0.1)</li>
<li>UserName</li>
<li>Password</li>
<li>TableName</li>
<li>LockDataSource</li>
<li>LockUserName</li>
<li>LockPassword</li>
</ul>You can also set the session module in perl scripts:
<div class="code">
<pre>
globalStorage =&gt; <span class="java-quote">"Apache::Session::MySQL"</span>,
globalStorageOptions =&gt; {
DataSource =&gt; <span class=
"java-quote">"dbi:mysql:database=lemonldapng;host=127.0.0.1"</span>,
UserName =&gt; <span class="java-quote">"db_user"</span>,
Password =&gt; <span class="java-quote">"db_password"</span>,
TableName =&gt; <span class="java-quote">"sessions"</span>,
LockDataSource =&gt; <span class=
"java-quote">"dbi:mysql:database=lemonldapng;host=127.0.0.1"</span>,
LockUserName =&gt; <span class="java-quote">"db_user"</span>,
LockPassword =&gt; <span class="java-quote">"db_password"</span>,
},
</pre>
</div>
<p class="paragraph"></p>
</div>
<p class="footer"><a href="index.html">Index</a></p>

88
build/lemonldap-ng/doc/4.1-Configuration-overview.html
View File

@ -66,61 +66,70 @@
<li><a href="#HUsergroups">User groups</a></li>
<li><a href="#HVirtualhosts">Virtual hosts</a></li>
<li><a href="#HTogofurther">To go further</a></li>
</ul>Connect to the manager with your browser (for example <span class=
"nobr"><a href=
"http://manager.example.com">http://manager.example.com</a></span>) to
start configure your WebSSO.
<p class="paragraph"></p>You have to set at least some parameters:
<p class="paragraph"></p>You can now configure a default installation,
with an LDAP directory.
<h3 class="heading-1-1"><span id="HGeneralparameters">General
parameters</span></h3>
<ul class="star">
<li>Authentication parameters -&gt; portal URL to access to the
authentication portal.</li>
<li>Authentication parameters:
<li>Domain: the cookie domain. All protected VirtualHosts have to be
under it.</li>
<ul class="star">
<li>portal: URL to access to the authentication portal.</li>
<li>LDAP parameters -&gt; LDAP Server.</li>
<li>domain: the cookie domain. All protected VirtualHosts have to be
under it (or you have to use <span class="wikilink"><a href=
"/xwiki/bin/view/NG/CDA">Cross Domain
Authentication</a></span>).</li>
</ul>
</li>
<li>LDAP parameters -&gt; LDAP Accout and password: required only if
anonymous binds are not accepted.</li>
<li>LDAP parameters:
<li>Session Storage -&gt; Apache::Session module: how to store user
sessions. You can use all module that inherit from Apache::Session like
Apache::Session::MySQL.</li>
<ul class="star">
<li>ldapServer: LDAP Server.</li>
<li>Session Storage -&gt; Apache::Session Module parameters: see
Apache::Session::&lt;Choosen module&gt;.</li>
<li>managerDn and managerPassword: required only if anonymous binds
are not accepted.</li>
</ul>
</li>
</ul>
<h3 class="heading-1-1"><span id="HUsergroups">User groups</span></h3>
<p class="paragraph"></p>Use the "New Group" button to add your first
group. On the left, set the keyword which will be used later and set on
the right the corresponding rule. You can use :
the right the corresponding rule. You can use a Perl condition enclosed
with {}. All variables declared in "General parameters -&gt; exported
attributes" can be used with a "$".
<ul class="star">
<li>an LDAP filter (it will be tested with the user uid)</li>
</ul>or
<p class="paragraph"></p>For example:
<ul class="star">
<li>a Perl condition enclosed with {}. All variables declared in
"General parameters -&gt; LDAP attributes" can be used with a "$". For
example: MyGroup / { $uid eq "foo" or $uid eq "bar" }</li>
</ul>
<div class="code">
<pre>
MyGroup =&gt; { $uid eq <span class=
"java-quote">"foo"</span> or $uid eq <span class="java-quote">"bar"</span> }
</pre>
</div>
<h3 class="heading-1-1"><span id="HVirtualhosts">Virtual hosts</span></h3>
<p class="paragraph"></p>You have to create a virtual host for each Apache
host (virtual or real) protected by Lemonldap::NG even if just a
sub-directory is protected. Else, user who want to access to the protected
area will be rejected with a "500 Internal Server Error" message and the
apache logs will explain the problem.
<p class="paragraph"></p>Each virtual host has 2 groups of parameters:
<h3 class="heading-1-1"><span id="HVirtualhosts">Virtual
hosts</span></h3><br />
<br />
You have to create a virtual host for each Apache host (virtual or real)
protected by LemonLDAP::NG even if just a sub-directory is protected.
Else, user who want to access to the protected area will be rejected with
a "500 Internal Server Error" message and the apache logs will explain the
problem.<br />
<br />
Each virtual host has 2 groups of parameters:
<ul class="star">
<li>Headers: the headers added to the apache request. Default: Auth-User
@ -132,11 +141,22 @@
<li>default: the default rule</li>
<li>personalized rules: association of a Perl regular expression and
a condition. For example: ^/restricted.*$ / $groups =~
/bMyGroupb/</li>
a condition.</li>
</ul>
</li>
</ul>
</ul>For example:
<div class="code">
<pre>
^/restricted.*$ =&gt; $groups =~ /\bMyGroup\b/
</pre>
</div>
<h3 class="heading-1-1"><span id="HTogofurther">To go
further</span></h3><br />
<br />
See the <span class="wikilink"><a href=
"4.1-Configuration-parameter-list.html">full parameters list</a></span>.
</div>
<p class="footer"><a href="index.html">Index</a></p>

1092
build/lemonldap-ng/doc/4.1-Configuration-parameter-list.html
View File

File diff suppressed because it is too large Load Diff

28
build/lemonldap-ng/doc/4.1-Configure-portal-menu.html
View File

@ -128,21 +128,25 @@
},
modules =&gt; {
appslist =&gt; 1,
password =&gt; 1,
logout =&gt; 1,
password =&gt; USER_CAN_CHANGE_PASSWORD,
logout =&gt; DISPLAY_LOGOUT,
},
# CUSTOM FUNCTION : <span class=
"java-keyword">if</span> you want to create customFunctions in rules, declare them here
#customFunctions =&gt; 'function1 function2',
}
);<br /><br /> $template-&gt;param( AUTH_ERROR =&gt; $menu-&gt;error );
$template-&gt;param( AUTH_ERROR_TYPE =&gt; $menu-&gt;error_type );
$template-&gt;param( DISPLAY_APPSLIST =&gt; $menu-&gt;displayModule(<span class="java-quote">"appslist"</span>) );
$template-&gt;param( DISPLAY_PASSWORD =&gt; $menu-&gt;displayModule(<span class="java-quote">"password"</span>) );
$template-&gt;param( DISPLAY_LOGOUT =&gt; $menu-&gt;displayModule(<span class="java-quote">"logout"</span>) );
$template-&gt;param( DISPLAY_TAB =&gt; $menu-&gt;displayTab );
$template-&gt;param( LOGOUT_URL =&gt; <span class=
);<br /><br /> $template-&gt;param( AUTH_USER =&gt; $portal-&gt;{sessionInfo}-&gt;{$user_attr} );
$template-&gt;param( AUTOCOMPLETE =&gt; AUTOCOMPLETE );
$template-&gt;param( SKIN =&gt; $skin )
$template-&gt;param( AUTH_ERROR =&gt; $menu-&gt;error );
$template-&gt;param( AUTH_ERROR_TYPE =&gt; $menu-&gt;error_type );
$template-&gt;param( DISPLAY_APPSLIST =&gt; $menu-&gt;displayModule(<span class="java-quote">"appslist"</span>) );
$template-&gt;param( DISPLAY_PASSWORD =&gt; $menu-&gt;displayModule(<span class="java-quote">"password"</span>) );
$template-&gt;param( DISPLAY_LOGOUT =&gt; $menu-&gt;displayModule(<span class="java-quote">"logout"</span>) );
$template-&gt;param( DISPLAY_TAB =&gt; $menu-&gt;displayTab );
$template-&gt;param( LOGOUT_URL =&gt; <span class=
"java-quote">"$ENV{SCRIPT_NAME}?logout=1"</span> );
$template-&gt;param( REQUIRE_OLDPASSWORD =&gt; REQUIRE_OLDPASSWORD );
<span class=
"java-keyword">if</span> ( $menu-&gt;displayModule(<span class="java-quote">"appslist"</span>) ) {
$template-&gt;param( APPSLIST_MENU =&gt; $menu-&gt;appslistMenu );
@ -164,8 +168,8 @@
<pre>
modules =&gt; {
appslist =&gt; 1,
password =&gt; 1,
logout =&gt; 1,
password =&gt; USER_CAN_CHANGE_PASSWORD,
logout =&gt; DISPLAY_LOGOUT,
},
</pre>
</div>
@ -182,7 +186,7 @@ modules =&gt; {
modules =&gt; {
appslist =&gt; 1,
password =&gt; '$employeeType =~ /binternalb/',
logout =&gt; 1,
logout =&gt; DISPLAY_LOGOUT,
},
</pre>
</div>

83
build/lemonldap-ng/doc/4.1-HTML-templates-customization.html
View File

@ -66,6 +66,8 @@
"#HLemonLDAP3A3ANGskinsandHTML3A3ATemplatePerlmodule">LemonLDAP::NG
skins and HTML::Template Perl module</a></li>
<li><a href="#HTemplatesconfiguration">Templates configuration</a></li>
<li>
<a href="#HTemplatesvariablesprovidedbyportal2Findexpl">Templates
variables provided by portal/index.pl</a>
@ -78,6 +80,9 @@
<li><a href="#Hmenutplspecificvariables">menu.tpl specific
variables</a></li>
<li><a href="#Hnotificationtplspecificvariables">notification.tpl
specific variables</a></li>
</ul>
</li>
@ -109,7 +114,7 @@
<p class="paragraph"></p>LemonLDAP::NG portal use "skins", located in the
skins/ directory of the portal. Each skin is a particular directory, for
example skins/default/ for the default skin.
example skins/pastel/ for the provided skin.
<p class="paragraph"></p>Here is the list of required template files:
@ -118,19 +123,59 @@
<li>menu.tpl: template for the menu page.</li>
<li>error.tpl: tempalte for the error page.</li>
<li>error.tpl: template for the error page.</li>
<li>header.tpl: common header (included in above templates).</li>
<li>footer.tpl: common footer (included in above templates).</li>
<li>notification.tpl: template to display notifications.</li>
<li>password.tpl: template for the password modification tab.</li>
</ul>Each template include a CSS file, named "styles.css".
<p class="paragraph"></p>Icons and javascripts are in skins/common/.
<p class="paragraph"></p>To create your own skin, just copy the default
skin to another directory (eg.: skins/myskin/) and edit templates and CSS
files. Advanced customization can be done by editing the portal/index.pl.
<h3 class="heading-1-1"><span id="HTemplatesconfiguration">Templates
configuration</span></h3>
<p class="paragraph"></p>In portal/index.pl, you can find some
configuration variables:
<ul class="star">
<li>XWiki.MySkin: name of the skin (ex: "pastel")</li>
<li>$skin_dir: full system path to skins</li>
<li>$appsxmlfile: application XML file (<span class="wikilink"><a href=
"4.1-Configure-portal-menu.html">learn more</a></span>)</li>
<li>$appsimgpath: web path to application logos</li>
<li>$user_attr: session attribute to display as connected user (ex:
"uid")</li>
<li>USER_CAN_CHANGE_PASSWORD: constant to enable the password
modification tab</li>
<li>REQUIRE_OLDPASSWORD: constant to display the "old password"
field</li>
<li>DISPLAY_LOGOUT: constant to display the logout tab</li>
<li>AUTOCOMPLETE: constant to set the autocomplete tag in forms (default
to "on").</li>
<li>DISPLAY_RESETPASSWORD: constant to display the "reset password"
form.</li>
</ul>And in Menu constructor, you can use condition for tab display
(<span class="wikilink"><a href="4.1-Configure-portal-menu.html">learn
more</a></span>)
<h3 class="heading-1-1"><span id=
"HTemplatesvariablesprovidedbyportal2Findexpl">Templates variables
provided by portal/index.pl</span></h3>
@ -155,27 +200,39 @@
<li>warning: not a fatal error, need user action.</li>
</ul>
</li>
<li>REQUIRE_OLDPASSWORD: boolean to display "old password" field</li>
<li>DISPLAY_PASSWORD: boolean to display the password tab</li>
<li>AUTOCOMPLETE: "on" or "off" to enable/disable autocomplete in
forms</li>
<li>SKIN: name of the skin</li>
</ul>
<h4 class="heading-1-1-1"><span id="Hlogintplspecificvariables">login.tpl
specific variables</span></h4>
<ul class="star">
<li>AUTH_URL: URL submitted for redirection.</li>
<li>AUTH_URL: URL submitted for redirection</li>
<li>DISPLAY_FORM: set to 1 if a form can be displayed.</li>
<li>DISPLAY_FORM: set to 1 if a form can be displayed</li>
<li>LOGIN: submitted login</li>
<li>DISPLAY_RESETPASSWORD: boolean to display the "reset password"
form</li>
</ul>
<h4 class="heading-1-1-1"><span id="Hmenutplspecificvariables">menu.tpl
specific variables</span></h4>
<ul class="star">
<li>LOGOUT_URL: URL for logout.</li>
<li>LOGOUT_URL: URL for logout</li>
<li>DISPLAY_APPSLIST: boolean to display the appslist tab</li>
<li>DISPLAY_PASSWORD: boolean to display the password tab</li>
<li>DISPLAY_LOGOUT: boolean to display the logout tab</li>
<li>DISPLAY_TAB: name of the pre-selected tab</li>
@ -183,6 +240,16 @@
<li>APPSLIST_MENU: html code of appslist menu div</li>
<li>APPSLIST_DESC: html code of appslist description divs</li>
<li>AUTH_USER: identity of connected user</li>
</ul>
<h4 class="heading-1-1-1"><span id=
"Hnotificationtplspecificvariables">notification.tpl specific
variables</span></h4>
<ul class="star">
<li>NOTIFICATION: content of notifications (HTML code)</li>
</ul>
<h3 class="heading-1-1"><span id="HTemplatestructure">Template
@ -203,8 +270,6 @@
<ul class="star">
<li>div id=header</li>
<li>div class=message</li>
<li>(html content)</li>
<li>div id=footer</li>

23
build/lemonldap-ng/doc/4.2-Configure-password-policy.html
View File

@ -77,6 +77,8 @@
<li><a href="#HPasswordPolicyinLemonLDAP3A3ANG">Password Policy in
LemonLDAP::NG</a></li>
<li><a href="#HSeealso">See also</a></li>
</ul><strong class="strong">Documentation applicable for LemonLDAP::NG
&gt;= 0.9.1</strong>
@ -101,7 +103,8 @@
<p class="paragraph"></p>Documentation on how to set ppolicy in OpenLDAP
can be found here: <span class="wikiexternallink"><a href=
"http://www.linagora.org/article165.html">http://www.linagora.org/article165.html</a></span>
"http://www.linagora.org/contrib/annuaires/documentations/overlay_ppolicy_openldap">
http://www.linagora.org/contrib/annuaires/documentations/overlay_ppolicy_openldap</a></span>
(fr).
<h4 class="heading-1-1-1"><span id="HPerlNet3A3ALDAPmodule">Perl Net::LDAP
@ -141,8 +144,12 @@
<li>Password expiration time</li>
<li>Password graces used</li>
</ul>To activate Password Policy, you have to set a new parameter inside
you portal perl script (e.g. portal/index.pl), like:
</ul>Since LemonLDAP:NG 0.9.4, password policy can be used to force
password change is the password was reset (attribute pwdReset: TRUE in
user entry).
<p class="paragraph"></p>To activate Password Policy, you have to set a
new parameter inside you portal perl script (e.g. portal/index.pl), like:
<p class="paragraph"></p>
@ -159,6 +166,16 @@
);
</pre>
</div>
<h3 class="heading-1-1"><span id="HSeealso">See also</span></h3>
<ul class="star">
<li><span class="wikilink"><a href="/xwiki/bin/view/NG/AuthLDAP">Auth
LDAP</a></span></li>
<li><span class="wikilink"><a href=
"/xwiki/bin/view/NG/PasswordDBLDAP">Password DBLDAP</a></span></li>
</ul>
</div>
<p class="footer"><a href="index.html">Index</a></p>

531
build/lemonldap-ng/doc/4.3-Configure-SOAP-fr.html
View File

@ -54,537 +54,6 @@
</head>
<body>
<div class="main-content">
<h2 class="heading-1"><span id=
"HUtilisationdesWebServices28modulesSOAP29">Utilisation des Web Services
(modules SOAP)</span></h2>
<p class="paragraph"></p>
<ul>
<li><a href="#HPrC3A9requis">Pr&eacute;-requis</a></li>
<li><a href="#HWebServicepourl27authentification">Web Service pour
l'authentification</a></li>
<li>
<a href="#HWebServicepourl27accC3A8sauxsessions">Web Service pour
l'acc&egrave;s aux sessions</a>
<ul>
<li><a href="#HPrC3A9sentation">Pr&eacute;sentation</a></li>
<li><a href="#HInstallationduscriptserveurSOAP">Installation du
script serveur SOAP</a></li>
<li><a href="#HConfigurationApache">Configuration Apache</a></li>
<li><a href="#HConfigurationd27unhandler">Configuration d'un
handler</a></li>
<li><a href="#HConfigurationd27unportail">Configuration d'un
portail</a></li>
<li><a href="#HConfigurationC3A0traversleManager">Configuration
&agrave; travers le Manager</a></li>
</ul>
</li>
<li>
<a href="#HWebServicepourl27accC3A8sC3A0laconfiguration">Web Service
pour l'acc&egrave;s &agrave; la configuration</a>
<ul>
<li><a href="#HPrC3A9sentation-1">Pr&eacute;sentation</a></li>
<li><a href="#HInstallationduscriptserveurSOAP-1">Installation du
script serveur SOAP</a></li>
<li><a href="#HConfigurationApache-1">Configuration Apache</a></li>
<li><a href=
"#HConfigurationd27unhandler2Cd27unportailoud27unmanager">Configuration
d'un handler, d'un portail ou d'un manager</a></li>
</ul>
</li>
<li>
<a href="#HSC3A9curisationdesWebServices">S&eacute;curisation des Web
Services</a>
<ul>
<li><a href="#HHTTPBASIC">HTTP-BASIC</a></li>
<li><a href="#HSSL2FTLS">SSL/TLS</a></li>
</ul>
</li>
</ul>
<h3 class="heading-1-1"><span id=
"HPrC3A9requis">Pr&eacute;-requis</span></h3>
<p class="paragraph"></p>Le module Perl SOAP::Lite doit &ecirc;tre
install&eacute; sur le syst&egrave;me.
<ul class="star">
<li>Pour un environnement Debian :</li>
</ul>
<div class="code">
<pre>
# apt-get install libsoap-lite-perl
</pre>
</div>
<ul class="star">
<li>Pour un environnement Red Hat :</li>
</ul>
<div class="code">
<pre>
# yum install perl-SOAP-Lite
</pre>
</div>
<h3 class="heading-1-1"><span id="HWebServicepourl27authentification">Web
Service pour l'authentification</span></h3><br />
<br />
&Agrave; partie de la version 0.9.3, les fonctionnalit&eacute;s SOAP sont
incluse dans le portail. Il suffit de les activer avec l'option
<strong class="strong">"<tt>Soap =&gt; 1</tt>"</strong>.<br />
<br />
Le portail est alors capable de r&eacute;pondre aux sollicitations web
classiques et aux requ&ecirc;tes SOAP. Il propose 2 fonctions SOAP:
<ul class="star">
<li>getCookies(user,password) : retourne le ou les cookies
g&eacute;n&eacute;r&eacute;s par le portail et un code d'erreur (0 si
tout va bien)</li>
<li>error(language,code) : retourne le texte correspondant &agrave;
l'erreur.</li>
</ul>Exemple de script client :<br />
<br />
<div class="code">
<pre>
#!/usr/bin/perl -l
use SOAP::Lite;
use Data::Dumper;<br /><br />my $soap = SOAP::Lite-&gt;proxy('http://auth.example.com/')
-&gt;uri('urn:/Lemonldap/NG/Common/CGI/SOAPService');<br /><br />my $r = $soap-&gt;getCookies( 'user', 'password' );<br /><br /># Catch SOAP errors
<span class="java-keyword">if</span> ( $r-&gt;fault ) {
print STDERR <span class=
"java-quote">"SOAP Error: "</span> . $r-&gt;fault-&gt;{faultstring};
}
<span class="java-keyword">else</span> {
my $res = $r-&gt;result();<br /><br /> # If authentication failed, display error
<span class="java-keyword">if</span> ( $res-&gt;{error} ) {
print STDERR <span class="java-quote">"Error: "</span>
. $soap-&gt;error( 'fr', $res-&gt;{error} )-&gt;result();
}<br /><br /> # print session-ID
<span class="java-keyword">else</span> {
print <span class=
"java-quote">"Cookie: lemonldap="</span> . $res-&gt;{cookies}-&gt;{lemonldap};
}
}
</pre>
</div>
<h3 class="heading-1-1"><span id=
"HWebServicepourl27accC3A8sauxsessions">Web Service pour l'acc&egrave;s
aux sessions</span></h3>
<h4 class="heading-1-1-1"><span id=
"HPrC3A9sentation">Pr&eacute;sentation</span></h4>
<p class="paragraph"></p>Ce Web Service permet au portail
(Lemonldap::NG::Portal) et au handler (Lemonldap::NG::Handler)
d'acc&eacute;der en lecture et en &eacute;criture aux sessions WebSSO.
Cela permet par exemple &agrave; un handler d'aller
r&eacute;cup&eacute;rer les sessions &agrave; distance avec une simple
requ&ecirc;te SOAP (sur HTTP). Pour des architectures plus complexes, cela
permet &eacute;galement de disposer de plusieurs portails qui enregistrent
les sessions &agrave; distance.
<p class="paragraph"></p><img src=
"/xwiki/bin/download/NG/DocSOAP/DIA-Fonctionnement_LemonLDAP%3A%3ANG_SOAP_Sessions-1.png"
alt="DIA-Fonctionnement_LemonLDAP::NG_SOAP_Sessions-1.png" />
<h4 class="heading-1-1-1"><span id=
"HInstallationduscriptserveurSOAP">Installation du script serveur
SOAP</span></h4>
<p class="paragraph"></p>Au niveau du serveur principal,
c'est-&agrave;-dire celui qui stocke les sessions, le script suivant doit
&ecirc;tre install&eacute;, par exemple dans
/var/www/lemonldapng/soap/sessions.pl :
<p class="paragraph"></p>
<div class="code">
<pre>
#! /usr/bin/perl<br /><br />use Lemonldap::NG::Manager::SOAPServer;<br /><br />Lemonldap::NG::Manager::SOAPServer-&gt;start (
realSessionStorage =&gt; <span class=
"java-quote">"Apache::Session::File"</span>,
realSessionStorageOptions =&gt; { Directory =&gt; <span class=
"java-quote">"/tmp"</span>, },
type =&gt; <span class="java-quote">"sessions"</span>,
AuthorizedFunctions =&gt; <span class=
"java-quote">"<span class="java-keyword">new</span> get set delete"</span>,
);
</pre>
</div>
<p class="paragraph"></p>Les param&egrave;tres de l'objet SOAPServer sont
les suivants :
<ul class="star">
<li>realSessionStorage : Module Apache::Session &agrave; utiliser</li>
<li>realSessionStorageOptions : Options du module Apache::Session</li>
<li>type : "sessions" ou "config"</li>
<li>AuthorizedFunctions : Fonctions SOAP autoris&eacute;es :
<ul class="star">
<li>new : cr&eacute;er une nouvelle session (et donc un nouveau
session_id)</li>
<li>get : lire une session</li>
<li>set : &eacute;crire une session</li>
<li>delete : supprimer une session</li>
</ul>
</li>
</ul>Un handler n'a besoin que de lire des sessions (fonction "get"), par
contre un portail devra les &eacute;crire (fonctions "new", "set" et
"delete").
<p class="paragraph"></p>On peut donc utiliser toutes les m&eacute;thodes
de stockage de sessions, comme par exemple MySQL :
<p class="paragraph"></p>
<div class="code">
<pre>
#! /usr/bin/perl<br /><br />use Lemonldap::NG::Manager::SOAPServer;<br /><br />Lemonldap::NG::Manager::SOAPServer-&gt;start (
realSessionStorage =&gt; <span class=
"java-quote">"Apache::Session::MySQL"</span>,
realSessionStorageOptions =&gt; {
DataSource =&gt; <span class=
"java-quote">"DBI:mysql:database=lemonldapng;host=127.0.0.1"</span>,
UserName =&gt; <span class=
"java-quote">"ssoadmin"</span>,
Password =&gt; <span class=
"java-quote">"ssopasswd"</span>,
LockDataSource =&gt; <span class=
"java-quote">"DBI:mysql:database=lemonldapng;host=127.0.0.1"</span>,
LockUserName =&gt; <span class=
"java-quote">"ssoadmin"</span>,
LockPassword =&gt; <span class=
"java-quote">"ssopasswd"</span>,
},
type =&gt; <span class="java-quote">"sessions"</span>,
AuthorizedFunctions =&gt; <span class=
"java-quote">"<span class="java-keyword">new</span> get set delete"</span>,
);
</pre>
</div>
<h4 class="heading-1-1-1"><span id="HConfigurationApache">Configuration
Apache</span></h4>
<p class="paragraph"></p>L'acc&egrave;s au script SOAP doit &ecirc;tre
autoris&eacute; par Apache, par exemple :
<p class="paragraph"></p>
<div class="code">
<pre>
Alias /soap /<span class=
"java-keyword">var</span>/www/lemonldapng/soap<br /><br />&lt;Files ~ <span class="java-quote">".(pl)$"</span>&gt;
SetHandler perl-script
PerlHandler ModPerl::Registry
PerlSendHeader On
&lt;/Files&gt;<br /><br />&lt;Directory /<span class=
"java-keyword">var</span>/www/lemonldapng/soap&gt;
AllowOverride None
Options +ExecCGI +FollowSymLinks -Indexes
&lt;/Directory&gt;
</pre>
</div>
<p class="paragraph"></p>Cette configuration est
g&eacute;n&eacute;ralement ajout&eacute;e au fichier de configuration
Apache du portail et du manager.
<p class="paragraph"></p>L'acc&egrave;s au script SOAP peut &ecirc;tre
prot&eacute;g&eacute; des diff&eacute;rentes mani&egrave;res :
<ul class="star">
<li>HTTP-BASIC : un identifiant et un mot de passe doivent &ecirc;tre
fournis par le client SOAP</li>
<li>SSL/TLS : un certificat client doit &ecirc;tre fourni par le client
SOAP</li>
</ul>Voir les documentations des modules SOAP::Lite et SOAP::Transport
pour plus d'informations sur ces sujets.
<h4 class="heading-1-1-1"><span id=
"HConfigurationd27unhandler">Configuration d'un handler</span></h4>
<p class="paragraph"></p>Le handler effectue une requ&ecirc;te SOAP pour
lire les informations de sessions, en fournissant l'identifiant de
sessions retrouv&eacute; dans le cookie fourni par le navigateur de
l'utilisateur.
<p class="paragraph"></p>La configuration SOAP est effectu&eacute; au
niveau de la fonction init() du module, en surchargeant les
param&egrave;tres de configuration globalStorage et globalStorageOptions :
<p class="paragraph"></p>
<div class="code">
<pre>
<span class="java-keyword">package</span> Handler;<br /><br />use strict ;
use Lemonldap::NG::Handler::SharedConf qw(:all) ;<br /><br />our $VERSION = '0.01' ;
our @ISA = qw(Lemonldap::NG::Handler::SharedConf) ;<br /><br />*EXPORT_TAGS = *Lemonldap::NG::Handler::SharedConf::EXPORT_TAGS ;
*EXPORT_OK = *Lemonldap::NG::Handler::SharedConf::EXPORT_OK ;
*EXPORT = *Lemonldap::NG::Handler::SharedConf::EXPORT ;<br /><br /><b class="bold">PACKAGE</b>-&gt;init ({
globalStorage =&gt; <span class=
"java-quote">"Lemonldap::NG::Manager::Apache::Session::SOAP"</span>,
globalStorageOptions =&gt; {
proxy =&gt; <span class=
"java-quote">"http://websso.mydomain.com/soap/sessions.pl"</span>,
proxyOptions =&gt; {
timeout =&gt; <span class=
"java-quote">"5"</span>,
},
},
configStorage =&gt; {
type =&gt; <span class="java-quote">"DBI"</span>,
dbiChain =&gt; <span class=
"java-quote">"DBI:mysql:database=lemonldapng;host=127.0.0.1"</span>,
dbiUser =&gt; <span class=
"java-quote">"ssoadmin"</span>,
dbiPassword =&gt; <span class=
"java-quote">"ssopasswd"</span>,
dbiTable =&gt; <span class=
"java-quote">"lmConfig"</span>,
},<br /><br /> localStorage =&gt; <span class="java-quote">"Cache::FileCache"</span>,
localStorageOptions =&gt; {},
https =&gt; <span class="java-quote">"0"</span>,
}) ;<br /><br />1;
</pre>
</div>
<h4 class="heading-1-1-1"><span id=
"HConfigurationd27unportail">Configuration d'un portail</span></h4>
<p class="paragraph"></p>Pour le portail, on proc&egrave;de de la
m&ecirc;me mani&egrave;re :
<p class="paragraph"></p>
<div class="code">
<pre>
#!/usr/bin/perl<br /><br />use Lemonldap::NG::Portal::SharedConf;<br /><br />my $portal = Lemonldap::NG::Portal::SharedConf-&gt;<span class="java-keyword">new</span>(
globalStorage =&gt; <span class=
"java-quote">"Lemonldap::NG::Manager::Apache::Session::SOAP"</span>,
globalStorageOptions =&gt; {
proxy =&gt; <span class=
"java-quote">"http://websso.mydomain.com/soap/sessions.pl"</span>,
proxyOptions =&gt; {
timeout =&gt; <span class="java-quote">"5"</span>,
},
},
configStorage =&gt; {
type =&gt; <span class="java-quote">"DBI"</span>,
dbiChain =&gt; <span class=
"java-quote">"DBI:mysql:database=lemonldapng;host=127.0.0.1"</span>,
dbiUser =&gt; <span class=
"java-quote">"ssoadmin"</span>,
dbiPassword =&gt; <span class=
"java-quote">"ssopasswd"</span>,
dbiTable =&gt; <span class=
"java-quote">"lmConfig"</span>,},
);
...
</pre>
</div>
<h4 class="heading-1-1-1"><span id=
"HConfigurationC3A0traversleManager">Configuration &agrave; travers le
Manager</span></h4>
<p class="paragraph"></p>Il est possible d'&eacute;viter de surcharger les
param&egrave;tres de configuration dans le portail et le handler en
agissant directement sur la configuration des sessions au niveau du
Manager.
<p class="paragraph"></p>Pour cela, il suffit de se rendre dans la partie
"Stockage des Sessions" puis de remplir correctement les param&egrave;tres
:
<ul class="star">
<li>Module Apache::Session :
Lemonldap::NG::Manager::Apache::Session::SOAP</li>
<li>Param&egrave;tres du module Apache::Session :
<ul class="star">
<li>proxy : <span class="nobr"><a href=
"http://websso.mydomain.com/soap/sessions.pl">http://websso.mydomain.com/soap/sessions.pl</a></span></li>
</ul>
</li>
</ul>Attention cependant, en activant cette configuration, tous les
&eacute;l&eacute;ments du WebSSO passeront par SOAP pour lire et
&eacute;crire les sessions.
<h3 class="heading-1-1"><span id=
"HWebServicepourl27accC3A8sC3A0laconfiguration">Web Service pour
l'acc&egrave;s &agrave; la configuration</span></h3>
<h4 class="heading-1-1-1"><span id=
"HPrC3A9sentation">Pr&eacute;sentation</span></h4>
<p class="paragraph"></p>Ce Web Service permet au portail
(Lemonldap::NG::Portal), au manager (Lemonldap::NG::Manager) et au handler
(Lemonldap::NG::Handler) d'acc&eacute;der en lecture et en &eacute;criture
&agrave; la configuration du WebSSO.
<h4 class="heading-1-1-1"><span id=
"HInstallationduscriptserveurSOAP">Installation du script serveur
SOAP</span></h4>
<p class="paragraph"></p>Au niveau du serveur principal,
c'est-&agrave;-dire celui qui stocke les sessions, le script suivant doit
&ecirc;tre install&eacute;, par exemple dans
/var/www/lemonldapng/soap/config.pl :
<p class="paragraph"></p>
<div class="code">
<pre>
#!/usr/bin/perl<br /><br />use Lemonldap::NG::Manager::SOAPServer;<br /><br />Lemonldap::NG::Manager::SOAPServer-&gt;start(
configStorage =&gt; {
type =&gt; 'DBI',
dbiChain =&gt; <span class=
"java-quote">"DBI:mysql:database=lemonldapng;host=127.0.0.1"</span>,
dbiUser =&gt; <span class="java-quote">"ssoadmin"</span>,
dbiPassword =&gt; <span class="java-quote">"ssopasswd"</span>,
dbiTable =&gt; <span class="java-quote">"lmConfig"</span>,
}
);
</pre>
</div>
<p class="paragraph"></p>Tout comme pour le Web Service des sessions, il
est possible d'utiliser d'autres type que "DBI" (par exemple "File").
<h4 class="heading-1-1-1"><span id="HConfigurationApache">Configuration
Apache</span></h4><br />
<br />
Elle est identique &agrave; celle des sessions, si les scripts sessions.pl
et config.pl sont bien dans le m&ecirc;me r&eacute;pertoire :<br />
<br />
<div class="code">
<pre>
Alias /soap /<span class=
"java-keyword">var</span>/www/lemonldapng/soap<br /><br />&lt;Files ~ <span class="java-quote">".(pl)$"</span>&gt; SetHandler perl-script PerlHandler ModPerl::Registry PerlSendHeader On &lt;/Files&gt;<br /><br />&lt;Directory /<span class="java-keyword">var</span>/www/lemonldapng/soap&gt; AllowOverride None Options +ExecCGI +FollowSymLinks -Indexes &lt;/Directory&gt;
</pre>
</div>
<h4 class="heading-1-1-1"><span id=
"HConfigurationd27unhandler2Cd27unportailoud27unmanager">Configuration
d'un handler, d'un portail ou d'un manager</span></h4><br />
<br />
Pour tous ces &eacute;l&eacute;ments, il suffit de remplacer le
param&egrave;tre configStorage :<br />
<br />
<div class="code">
<pre>
&hellip;
configStorage =&gt; {
type =&gt; <span class="java-quote">"SOAP"</span>,
proxy =&gt; <span class=
"java-quote">"http://websso.mydomain.com/soap/config.pl"</span>,
},
...
</pre>
</div>
<p class="paragraph"></p>L'acc&egrave;s &agrave; la configuration se fera
alors par SOAP.
<h3 class="heading-1-1"><span id=
"HSC3A9curisationdesWebServices">S&eacute;curisation des Web
Services</span></h3>
<h4 class="heading-1-1-1"><span id="HHTTPBASIC">HTTP-BASIC</span></h4>
<p class="paragraph"></p>Si le serveur SOAP est prot&eacute;g&eacute; par
une authentification BASIC, le client (par exemple un handler) doit
&ecirc;tre param&eacute;tr&eacute; ainsi :
<p class="paragraph"></p>
<div class="code">
<pre>
<span class=
"java-keyword">package</span> My::Package;<br /><br /> use base Lemonldap::NG::Handler::SharedConf;<br /><br /> <b class="bold">PACKAGE</b>-&gt;init ( {
localStorage =&gt; <span class=
"java-quote">"Cache::FileCache"</span>,
localStorageOptions =&gt; {
'namespace' =&gt; 'MyNamespace',
'default_expires_in' =&gt; 600,
},
configStorage =&gt; {
type =&gt; 'SOAP',
proxy =&gt; 'http://manager.example.com/soapserver.pl',
User =&gt; 'http-user',
Password =&gt; 'pass',
},
https =&gt; 1,
} );
</pre>
</div>
<h4 class="heading-1-1-1"><span id="HSSL2FTLS">SSL/TLS</span></h4>
<p class="paragraph"></p>Si le serveur SOAP requiert un certificat client,
le client (par exemple un handler) doit &ecirc;tre param&eacute;tr&eacute;
ainsi :
<p class="paragraph"></p>
<div class="code">
<pre>
<span class=
"java-keyword">package</span> My::Package;<br /><br /> use base Lemonldap::NG::Handler::SharedConf;<br /><br /> $ENV{HTTPS_CERT_FILE} = 'client-cert.pem';
$ENV{HTTPS_KEY_FILE} = 'client-key.pem';<br /><br /> __PACKAGE__-&gt;init ( {
localStorage =&gt; <span class=
"java-quote">"Cache::FileCache"</span>,
localStorageOptions =&gt; {
'namespace' =&gt; 'MyNamespace',
'default_expires_in' =&gt; 600,
},
configStorage =&gt; {
type =&gt; 'SOAP',
proxy =&gt; 'http://manager.example.com/soapserver.pl',
},
https =&gt; 1,
} );
</pre>
</div>
<p class="paragraph"></p>
</div>
<p class="footer"><a href="index.html">Index</a></p>
</body>
</html>

5
build/lemonldap-ng/doc/4.5-Chain-portals.html
View File

@ -124,8 +124,9 @@
<li>Secondary portal check if remote session is available. It can be
done via direct access to the session database or using <span class=
"wikilink"><a href="4.3-Configure-SOAP-fr.html">SOAP access</a></span>.
Then it creates the session (with attribute filter)</li>
"wikilink"><a href="4.3-Configure-SOAP-fr.htmlSessionStorage">SOAP
access</a></span>. Then it creates the session (with attribute
filter)</li>
<li>User can now access to the protected application</li>
</ol>Note that if the user is already authenticated on the first portal,

98
build/lemonldap-ng/doc/5-Appli-Sympa.html
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr">
<head>
@ -51,6 +51,11 @@
}
/*]]>*/
</style>
<style type="text/css">
/*<![CDATA[*/
span.c1 {text-decoration: underline}
/*]]>*/
</style>
</head>
<body>
@ -75,6 +80,9 @@
<li><a href="#HLemonLDAP3A3ANGconfiguration">LemonLDAP::NG
configuration</a></li>
<li><a href="#HSympaautologin28version3E3D09429">Sympa auto-login
(version &gt;=0.9.4)</a></li>
</ul>
</li>
</ul>
@ -93,12 +101,16 @@
<h4 class="heading-1-1-1"><span id=
"HPresentation">Presentation</span></h4>
<p class="paragraph"></p>Sympa provide a magic authentication mecanism,
<p class="paragraph"></p>Sympa provides a magic authentication mecanism,
which display a special button on the interface. When the user click on
it, if he has already an SSO session, he is directly authenticated.
<p class="paragraph"></p>This works for CAS, Shibboleth and LemonLDAP::NG.
<p class="paragraph"></p>For Lemonldap::NG you an also add the "sympa
auto-login" feature (since 0.9.4) so users are automatically authenticated
into Sympa.
<h4 class="heading-1-1-1"><span id="HSympaconfiguration">Sympa
configuration</span></h4><br />
<br />
@ -118,25 +130,17 @@
generic_sso
service_name LemonLDAP::NG
service_id lemonldapng
http_header_prefix HTTP
email_http_header HTTP_EMAIL
netid_http_header HTTP_AUTH-USER
email_http_header HTTP_MAIL
netid_http_header HTTP_AUTH_USER
internal_email_by_netid 1
logout_url <span class="nobr"><a href=
"http://sympa.example.com/wws/logout">http://sympa.example.com/wws/logout</a></span><br /><br />ldap
host localhost:389
timeout 20
bind_dn cn=admin,dc=example,dc=com
bind_password secret
suffix dc=example,dc=com
get_dn_by_uid_filter (uid=[sender])
get_dn_by_email_filter (|(mail=[sender])(n2atraliasmail=[sender]))
alternative_email_attribute n2atrmaildrop
email_attribute mail
scope sub
authentication_info_url <span class="nobr"><a href=
"http://sympa.example.com">http://sympa.example.com</a></span>
"http://sympa.example.com/wws/logout">http://sympa.example.com/wws/logout</a></span>
</pre>
<ol>
<li>Additional authentication schemes can be set but they will be
ignored with Lemonldap::NG auto-login feature</li>
</ol>
</div>
<h4 class="heading-1-1-1"><span id="HApacheconfiguration">Apache
@ -153,7 +157,8 @@ generic_sso
<pre>
# The following lines must be set once <span class=
"java-keyword">for</span> all virtualhosts
NameVirtualHost *<br /><br />PerlRequire /opt/lemonldap-ng/handler/Handler.pm
NameVirtualHost *<br /><br />PerlRequire /<span class=
"java-keyword">var</span>/lib/lemonldap-ng/handler/MyHandler.pm
PerlOptions +GlobalRequest
&lt;Files ~ <span class="java-quote">".(pl)$"</span>&gt;
SetHandler perl-script
@ -162,14 +167,20 @@ PerlOptions +GlobalRequest
&lt;/Files&gt;<br /><br /># Define here all <span class=
"java-keyword">protected</span> virtualhosts
&lt;VirtualHost *&gt;
ServerName sympa.example.com<br /><br /> # WebSSO protection
&lt;Location /wws/sso_login/lemonldapng&gt;
PerlHeaderParserHandler Handler
&lt;/Location&gt;<br /><br /> &lt;Location /reload&gt;
PerlHeaderParserHandler Handler-&gt;reload
&lt;/Location&gt;<br /><br /> RedirectMatch ^/$ /wws
ServerName sympa.example.com<br /><br /> # WebSSO protection :<br /><br /> # * with auto-login
PerlHeaderParserHandler Handler<br /><br /> # * without auto-login
#&lt;Location /wws/sso_login/lemonldapng&gt;
# PerlHeaderParserHandler Handler
#&lt;/Location&gt;
#<br /><br /> # Optional : reload mechanism (see doc <span class=
"java-keyword">for</span> more)
&lt;Location /reload&gt;
PerlHeaderParserHandler Handler-&gt;reload
&lt;/Location&gt;<br /><br /> # Sympa normal configuration (example)
RedirectMatch ^/$ /wws
Alias /wwsicons /usr/share/sympa/icons
ScriptAlias /wws /usr/lib/cgi-bin/sympa/wwsympa.fcgi<br /><br /> LogLevel warn
ScriptAlias /wws /usr/lib/cgi-bin/sympa/wwsympa.fcgi<br /><br /> # Logging
LogLevel warn
ErrorLog /<span class=
"java-keyword">var</span>/log/apache2/sympa-error.log
CustomLog /<span class=
@ -185,11 +196,11 @@ PerlOptions +GlobalRequest
<div class="code">
<pre>
pla.example.com
sympa.example.com
</pre>
</div><br />
<br />
Then create the access rule:
Then create the access rule. Example:
<div class="code">
<pre>
@ -202,9 +213,36 @@ pla.example.com
<div class="code">
<pre>
Auth-User =&gt; $uid
email =&gt; $email
mail =&gt; $mail
</pre>
</div>
<h4 class="heading-1-1-1"><span id=
"HSympaautologin28version3E3D09429">Sympa auto-login (version
&gt;=0.9.4)</span></h4>
<p class="paragraph"></p>To avoid that users need to click on the
"authenticate" button, you can use Lemonldap::NG::Handler::SympaAutoLogin
instead of Lemonldap::NG::Handler::SharedConf :
<ul class="star">
<li>edit the file /var/lib/lemonldap-ng/handler/MyHandler.pm and replace
"SharedConf" by "SympaAutoLogin"</li>
<li>store the Sympa secret in /etc/lemonldap-ng/sympa.secret (parameter
"cookie" from sympa.conf)</li>
<li>change the rights of /etc/lemonldap-ng/sympa.secret to 600 (can be
owned by root because it's read at Apache startup only)</li>
<li>restart Apache</li>
</ul><strong class="strong">Warning</strong> : you must have and header
named "mail" and containing the good user's mail value (the one used by
Sympa).
<p class="paragraph"></p><strong class="strong">Note</strong> : this
configuration <span class="c1">enforces</span> your sympa security, as the
sympa auth cookie is neither visible nor editable by users.
</div>
<p class="footer"><a href="index.html">Index</a></p>

85
build/lemonldap-ng/doc/6-Contacts.html
View File

@ -57,50 +57,6 @@
<div class="main-content">
<h2 class="heading-1"><span id="HContacts">Contacts</span></h2>
<h3 class="heading-1-1"><span id="HLemonLDAP">LemonLDAP</span></h3>
<h4 class="heading-1-1-1"><span id="HMailinglists">Mailing
lists</span></h4>
<ul class="star">
<li>Devel: lemonldap-dev AT ow2.org (<span class=
"wikiexternallink"><a href=
"http://mail-archive.ow2.org/lemonldap-dev/index.html">Archives</a></span>)</li>
</ul>
<h4 class="heading-1-1-1"><span id="HCoreteam">Core team</span></h4>
<ul class="star">
<li>Eric German, germanlinux AT yahoo.com: Leader</li>
<li>Habib ZITOUNI zitouni.habib AT gmail.com (version 3)</li>
<li>Hamza AISSAT asthamza AT hotmail.fr (version 3)</li>
<li>Casimir ANTUNES (webmin)</li>
</ul>
<h4 class="heading-1-1-1"><span id=
"HContributors">Contributors</span></h4>
<ul class="star">
<li>Sebastien DIAZ: sebastien.diaz AT gmail.com module pour sympa
pluglemonsympa (liste de discussion)</li>
<li>Apache::Authenlemonldap: module CPAN &agrave; installer sur un
serveur apache qui permet de d&eacute;coder les en-t&ecirc;tes
envoy&eacute;es par lemonldap.</li>
<li>Lemonldap::Cluster::Status: module CPAN qui permet de superviser un
cluster de serveurs lemonldap de la m&ecirc;me mani&egrave;re qu'un
server-status individuel.</li>
<li>Valve lemonldap pour Tomcat: valve java a installer sur un serveur
Tomcat qui permet de d&eacute;coder les entetes envoy&eacute;es par
lemonldap. Auteurs : Itin avec : BOIREAU Oliver CHECCO Jean-Thomas GZADY
Mounir RIVIERE Daniel</li>
</ul>
<h3 class="heading-1-1"><span id=
"HLemonLDAP3A3ANG">LemonLDAP::NG</span></h3>
@ -120,23 +76,54 @@
<h4 class="heading-1-1-1"><span id="HCoreteam">Core team</span></h4>
<ul class="star">
<li>Xavier Guimard, x.guimard AT free.fr: Leader</li>
<li>Xavier GUIMARD: Leader</li>
<li>Thomas Chemineau: Developer</li>
<li>Thomas CHEMINEAU: Developer</li>
<li>Cl&eacute;ment Oudot: Graphics, documentation, tests</li>
<li>Cl&eacute;ment OUDOT: Developer, LDAP expert, graphics,
documentation, tests</li>
</ul>
<h4 class="heading-1-1-1"><span id=
"HContributors">Contributors</span></h4>
<ul class="star">
<li>Erwan Legall: <span class="wikilink"><a href=
<li>Erwan LEGALL: <span class="wikilink"><a href=
"5-Appli-Dokuwiki.html">Dokuwiki pugin</a></span></li>
<li>Pascal Pejac: <span class="wikilink"><a href=
<li>Pascal PEJAC: <span class="wikilink"><a href=
"5-Appli-Tomcat-Valve.html">Tomcat valve</a></span></li>
</ul>
<h3 class="heading-1-1"><span id="HOldLemonLDAPteam">Old LemonLDAP
team</span></h3>
<h4 class="heading-1-1-1"><span id="HCoreteam">Core team</span></h4>
<ul class="star">
<li>Eric GERMAN: Leader and founder</li>
<li>Habib ZITOUNI</li>
<li>Hamza AISSAT</li>
<li>Casimir ANTUNES</li>
</ul>
<h4 class="heading-1-1-1"><span id=
"HContributors">Contributors</span></h4>
<ul class="star">
<li>Sebastien DIAZ</li>
<li>Oliver BOIREAU</li>
<li>Jean-Thomas CHECCO</li>
<li>Mounir GZADY</li>
<li>Daniel RIVIERE</li>
</ul>
</div>
<p class="footer"><a href="index.html">Index</a></p>

85
build/lemonldap-ng/doc/6-Roadmap.html
View File

@ -61,33 +61,40 @@
<p class="paragraph"></p>
<ul>
<li><a href="#HVersion0928published29">Version 0.9 (published)</a></li>
<li><a href="#HVersion0928publishedin200829">Version 0.9 (published in
2008)</a></li>
<li><a href="#HVersion09328published29">Version 0.9.3
(published)</a></li>
<li><a href="#HVersion09328publishedinJanuary200929">Version 0.9.3
(published in January 2009)</a></li>
<li><a href="#HVersion09428200929">Version 0.9.4 (2009)</a></li>
<li><a href="#HVersion09428plannedforJune200929">Version 0.9.4 (planned
for June 2009)</a></li>
<li><a href="#HVersion1028200929">Version 1.0 (2009)</a></li>
<li><a href="#HVersion1028plannedfordecember200929">Version 1.0 (planned
for december 2009)</a></li>
<li><a href="#HVersion20">Version 2.0</a></li>
<li><a href="#HVersion2028notplanned29">Version 2.0 (not
planned)</a></li>
</ul><strong class="strong">Icons legend:</strong><br />
<img src="ok.png" alt="ok.png" /> Task finished<br />
<img src="warning_triangle.png" alt="warning_triangle.png" /> Work in
progress<br />
<img src="error.png" alt="error.png" /> To be done<br />
<h3 class="heading-1-1"><span id="HVersion0928published29">Version 0.9
(published)</span></h3><img src="ok.png" alt="ok.png" /> Liberty Alliance
authentication module (<span class="wikilink"><a href=
<h3 class="heading-1-1"><span id="HVersion0928publishedin200829">Version
0.9 (published in 2008)</span></h3><img src="ok.png" alt="ok.png" />
Liberty Alliance authentication module (<span class="wikilink"><a href=
"4.3-Configure-Liberty-Alliance-fr.html">learn more</a></span>)<br />
<img src="ok.png" alt="ok.png" /> Skins for Manager and Portal<br />
<img src="ok.png" alt="ok.png" /> SOAP access to configuration and
sessions (<span class="wikilink"><a href=
"4.3-Configure-SOAP-fr.html">learn more</a></span>)<br />
"4.3-Configure-SOAP-fr.htmlStorage">Configuration</a></span>, <span class=
"wikilink"><a href=
"4.3-Configure-SOAP-fr.htmlSessionStorage">Sessions</a></span>)<br />
<h3 class="heading-1-1"><span id="HVersion09328published29">Version 0.9.3
(published)</span></h3><img src="ok.png" alt="ok.png" /> Dissociate
<h3 class="heading-1-1"><span id=
"HVersion09328publishedinJanuary200929">Version 0.9.3 (published in
January 2009)</span></h3><img src="ok.png" alt="ok.png" /> Dissociate
authentication and user backend capabilities (for example, to choose LDAP
for authentication, and MySQL for reading user's information)<br />
<img src="ok.png" alt="ok.png" /> Add a Menu.pm to portal modules, to
@ -109,8 +116,9 @@
more</a></span>)<br />
<img src="ok.png" alt="ok.png" /> Packages for RedHat/CentOS<br />
<h3 class="heading-1-1"><span id="HVersion09428200929">Version 0.9.4
(2009)</span></h3><img src="ok.png" alt="ok.png" /> Notification
<h3 class="heading-1-1"><span id=
"HVersion09428plannedforJune200929">Version 0.9.4 (planned for June
2009)</span></h3><img src="ok.png" alt="ok.png" /> Notification
system<br />
<img src="ok.png" alt="ok.png" /> Chaining portals system (<span class=
"wikilink"><a href="/xwiki/bin/view/NG/AuthRemote">learn
@ -124,17 +132,28 @@
<img src="ok.png" alt="ok.png" /> LDAP backend for configuration
(<span class="wikilink"><a href="/xwiki/bin/view/NG/DocLDAPStorage">learn
more</a></span>)<br />
<img src="warning_triangle.png" alt="warning_triangle.png" /> Conditionnal
portal, to manage several indpendant portals with one LemonLDAP::NG
instance<br />
<img src="warning_triangle.png" alt="warning_triangle.png" /> Rewrite SOAP
documentation<br />
<img src="error.png" alt="error.png" /> Merge AuthSSL and AuthApache<br />
<img src="error.png" alt="error.png" /> Manage the "Password must change"
case with ppolicy in Portal<br />
<img src="ok.png" alt="ok.png" /> Conditionnal portal, to manage several
indpendant portals with one LemonLDAP::NG instance (<span class=
"wikilink"><a href="/xwiki/bin/view/NG/SeveralIndependantPortals">learn
more</a></span>)<br />
<img src="ok.png" alt="ok.png" /> Manage the "Password must change" case
with ppolicy in Portal<br />
<img src="ok.png" alt="ok.png" /> Display connected user in Menu
(<span class="wikilink"><a href=
"4.1-HTML-templates-customization.html">learn more</a></span>)<br />
<img src="ok.png" alt="ok.png" /> Rewrite SOAP documentation (<span class=
"wikilink"><a href=
"4.3-Configure-SOAP-fr.htmlStorage">Configuration</a></span>, <span class=
"wikilink"><a href=
"4.3-Configure-SOAP-fr.htmlSessionStorage">Sessions</a></span>)<br />
<img src="ok.png" alt="ok.png" /> Use PasswordDBLDAP in Menu.pm<br />
<img src="ok.png" alt="ok.png" /> Move group management in UserDB<br />
<img src="ok.png" alt="ok.png" /> Mail (reset password)
customization<br />
<h3 class="heading-1-1"><span id="HVersion1028200929">Version 1.0
(2009)</span></h3><img src="warning_triangle.png" alt=
<h3 class="heading-1-1"><span id=
"HVersion1028plannedfordecember200929">Version 1.0 (planned for december
2009)</span></h3><img src="warning_triangle.png" alt=
"warning_triangle.png" /> Monitoring scripts (MRTG, Cacti, Nagios)<br />
<img src="warning_triangle.png" alt="warning_triangle.png" /> Handler POST
functionnalities, to fill authentication forms with login/password<br />
@ -145,12 +164,15 @@
"4.1-Configuration-parameter-list.html">learn more</a></span>)<br />
<img src="error.png" alt="error.png" /> Configuration migration
scripts<br />
<img src="error.png" alt="error.png" /> Change configuration storage to
XML<br />
<img src="error.png" alt="error.png" /> Refactor Portal/Menu.pm and
Portal/Simple.pm<br />
<img src="error.png" alt="error.png" /> Split Apache configuration files
(Handler, Portal, Manager)<br />
<img src="error.png" alt="error.png" /> Use i18n in Session Explorer<br />
<h3 class="heading-1-1"><span id="HVersion20">Version
2.0</span></h3><img src="error.png" alt="error.png" /> Rewrite Manager
with JQuery and Ajax<br />
<h3 class="heading-1-1"><span id="HVersion2028notplanned29">Version 2.0
(not planned)</span></h3><img src="error.png" alt="error.png" /> Rewrite
Manager with JQuery and Ajax<br />
<img src="error.png" alt="error.png" /> Manage Apache virtualhost
configuration through LDAP backend<br />
<img src="error.png" alt="error.png" /> SAML2 authentication and user
@ -161,6 +183,11 @@
<img src="error.png" alt="error.png" /> LQL parser (LDAP Query
Language)<br />
<img src="error.png" alt="error.png" /> Shared "grant" function<br />
<img src="error.png" alt="error.png" /> User keystore for POST
authentications<br />
<img src="error.png" alt="error.png" /> Use <span class=
"wikiexternallink"><a href=
"http://www.yaml.de/en/overview.html">YAML</a></span> in Portal templates
</div>
<p class="footer"><a href="index.html">Index</a></p>