Typos
This commit is contained in:
parent
788450d502
commit
d4b5608886
|
@ -14,7 +14,7 @@ with a quick sed command. For example, we change it to ow2.org:
|
|||
|
||||
2.1 - Apache
|
||||
|
||||
Enable the components you've installed:
|
||||
Enable installed components:
|
||||
|
||||
# Portal
|
||||
a2ensite portal-apache2.conf
|
||||
|
@ -37,7 +37,7 @@ Then restart Apache:
|
|||
|
||||
2.2 - Nginx
|
||||
|
||||
Enable the components you've installed:
|
||||
Enable installed components:
|
||||
|
||||
cd /etc/nginx/sites-enabled
|
||||
|
||||
|
@ -57,16 +57,16 @@ Enable the components you've installed:
|
|||
# Test site
|
||||
ln -s ../site-available/test-nginx.conf
|
||||
|
||||
Customize then, then reload nginx
|
||||
Customize them, then reload nginx
|
||||
|
||||
service nginx reload
|
||||
nginx -s reload
|
||||
|
||||
3 - Check your DNS
|
||||
------------------
|
||||
|
||||
Be sure that your browser can join (adapt it with your domain):
|
||||
- auth.example.com : the authentication portal
|
||||
- manager.example.com: the configuration interface
|
||||
Be sure that your browser can reach (adapt it with your domain):
|
||||
- auth.example.com : Authentication portal
|
||||
- manager.example.com : Configuration interface
|
||||
|
||||
4 - Connect to the manager
|
||||
--------------------------
|
||||
|
@ -88,9 +88,9 @@ following accounts:
|
|||
6 - Base configuration file
|
||||
---------------------------
|
||||
|
||||
The configuration is managed by the manager with the exception of some basic
|
||||
parameters such as the storage type configuration. These parameters are defined
|
||||
in the file /etc/lemonldap-ng/lemonldap-ng.ini.
|
||||
Configuration is managed by the Manager except some basic parameters
|
||||
such as storage type configuration. These parameters are defined
|
||||
in /etc/lemonldap-ng/lemonldap-ng.ini file.
|
||||
|
||||
This file can also be used to override the global configuration locally
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ using SAML 2.0 protocol.
|
|||
|
||||
You can find the Official AWX documentation about this topic here :
|
||||
https://docs.ansible.com/ansible-tower/latest/html/administration/ent_auth.html#saml-authentication-settings
|
||||
Please read it before the LLNG doc.
|
||||
Please read it before the LL::NG doc.
|
||||
|
||||
Configuration
|
||||
-------------
|
||||
|
@ -34,8 +34,8 @@ saml in AWX, you can do it with your pki or with openssl on your machine
|
|||
|
||||
openssl req -x509 -newkey rsa:4096 -keyout saml-awx.key -out saml-awx.crt -days 3650 -nodes
|
||||
|
||||
LLNG SAML Certificate
|
||||
~~~~~~~~~~~~~~~~~~~~~
|
||||
LL::NG SAML Certificate
|
||||
~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
AWX need a certificate for the IDP signature, a public key won't work.
|
||||
You can either just generate a certificate from the private key and put
|
||||
|
@ -55,7 +55,7 @@ certificate with this command :
|
|||
openssl req -new -x509 -days 3650 -key lemonldap.key > lemonldap.crt
|
||||
|
||||
After that, if you want, you can replace your SAML public key with this
|
||||
certificate in LLNG configuration, this is not mandatory.
|
||||
certificate in LL::NG configuration, this is not mandatory.
|
||||
|
||||
AWX
|
||||
~~~
|
||||
|
@ -153,7 +153,7 @@ This is the configuration of the IdP :
|
|||
|
||||
- "attr_last_name": "sn" SAML Attribute for the user last name
|
||||
- "x509cert": "SOXGp....." the content of ``lemonldap.crt`` generated
|
||||
in the "LLNG SAML Certificate" section
|
||||
in the "LL::NG SAML Certificate" section
|
||||
- "attr_username": "uid" SAML Attribute for the user username
|
||||
- "entity_id": "https://auth.example.com/saml/metadata" entityID of the
|
||||
IdP
|
||||
|
|
|
@ -69,7 +69,7 @@ Configure Bugzilla virtual host like other
|
|||
fastcgi_param CONTENT_LENGTH "";
|
||||
# Keep original hostname
|
||||
fastcgi_param HOST $http_host;
|
||||
# Keep original request (LLNG server will received /llauth)
|
||||
# Keep original request (LL::NG server will receive /lmauth)
|
||||
fastcgi_param X_ORIGINAL_URI $original_uri;
|
||||
}
|
||||
|
||||
|
|
|
@ -74,7 +74,7 @@ Configure Dokuwiki virtual host like other
|
|||
fastcgi_param CONTENT_LENGTH "";
|
||||
# Keep original hostname
|
||||
fastcgi_param HOST $http_host;
|
||||
# Keep original request (LLNG server will received /llauth)
|
||||
# Keep original request (LL::NG server will receive /lmauth)
|
||||
fastcgi_param X_ORIGINAL_URI $original_uri;
|
||||
}
|
||||
|
||||
|
|
|
@ -71,7 +71,7 @@ Configure Drupal virtual host like other
|
|||
fastcgi_param CONTENT_LENGTH "";
|
||||
# Keep original hostname
|
||||
fastcgi_param HOST $http_host;
|
||||
# Keep original request (LLNG server will received /llauth)
|
||||
# Keep original request (LL::NG server will receive /lmauth)
|
||||
fastcgi_param X_ORIGINAL_URI $original_uri;
|
||||
}
|
||||
|
||||
|
|
|
@ -17,8 +17,7 @@ conference rooms.
|
|||
The official documentation provides instructions on `how to configure
|
||||
Jitsi Meet to use
|
||||
Shibboleth <https://github.com/jitsi/jicofo/blob/master/doc/shibboleth.md>`__,
|
||||
but with a little adaptation, it can work just as fine with
|
||||
LemonLDAP::NG.
|
||||
but with a little adaptation, it can work just as fine with LemonLDAP::NG.
|
||||
|
||||
Configuration
|
||||
-------------
|
||||
|
@ -60,7 +59,7 @@ configuration file:
|
|||
::
|
||||
|
||||
|
||||
# This block lets Nginx know how to contact the local LLNG handler
|
||||
# This block lets Nginx know how to contact the local LL::NG handler
|
||||
# for authentication
|
||||
location = /lmauth {
|
||||
internal;
|
||||
|
@ -76,7 +75,7 @@ configuration file:
|
|||
# You may want to change this is your goal is to make the whole Jitsi Meet instance private
|
||||
location /login/ {
|
||||
|
||||
# Protect the current path with LLNG
|
||||
# Protect the current path with LL::NG
|
||||
auth_request /lmauth;
|
||||
set $original_uri $uri$is_args$args;
|
||||
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
|
||||
|
|
|
@ -129,7 +129,7 @@ Configure Liferay virtual host like other
|
|||
fastcgi_param CONTENT_LENGTH "";
|
||||
# Keep original hostname
|
||||
fastcgi_param HOST $http_host;
|
||||
# Keep original request (LLNG server will received /llauth)
|
||||
# Keep original request (LL::NG server will receive /lmauth)
|
||||
fastcgi_param X_ORIGINAL_URI $original_uri;
|
||||
}
|
||||
|
||||
|
|
|
@ -158,7 +158,7 @@ Configure MediaWiki virtual host like other
|
|||
fastcgi_param CONTENT_LENGTH "";
|
||||
# Keep original hostname
|
||||
fastcgi_param HOST $http_host;
|
||||
# Keep original request (LLNG server will received /llauth)
|
||||
# Keep original request (LL::NG server will receive /lmauth)
|
||||
fastcgi_param X_ORIGINAL_URI $original_uri;
|
||||
}
|
||||
|
||||
|
|
|
@ -151,7 +151,7 @@ Edit also OBM configuration to enable LL::NG Handler:
|
|||
fastcgi_param CONTENT_LENGTH "";
|
||||
# Keep original hostname
|
||||
fastcgi_param HOST $http_host;
|
||||
# Keep original request (LLNG server will received /llauth)
|
||||
# Keep original request (LL::NG server will receive /lmauth)
|
||||
fastcgi_param X_ORIGINAL_URI $original_uri;
|
||||
}
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ Make sure you have :doc:`set up LemonLDAP::NG a SAML IDP <../samlservice>`
|
|||
a certificate<samlservice-convert-certificate>`)
|
||||
|
||||
.. warning::
|
||||
Odoo requires LemonLDAP::NG 2.0.14 in order to handle RelayState correctly
|
||||
Odoo requires LL::NG 2.0.14 in order to handle RelayState correctly
|
||||
|
||||
Configuring Odoo
|
||||
----------------
|
||||
|
@ -60,7 +60,7 @@ To generate a key/certificate pair, you can run the following command::
|
|||
openssl req -x509 -newkey rsa:4096 -keyout odoo-key.pem -out odoo-cert.pem -sha256 -days 3650 -nodes
|
||||
|
||||
* Select a signature method in the *Signature Algorithm*, such as *SIG_RSA_SHA256*
|
||||
* If you do not want to use the email address to match between LLNG and Odoo accounts, set the *Identity Provider matching attribute* to a different value
|
||||
* If you do not want to use the email address to match between LL::NG and Odoo accounts, set the *Identity Provider matching attribute* to a different value
|
||||
* All other fields may be left to default values
|
||||
|
||||
Configuring users
|
||||
|
|
|
@ -73,7 +73,7 @@ Configure phpLDAPadmin virtual host like other
|
|||
fastcgi_param CONTENT_LENGTH "";
|
||||
# Keep original hostname
|
||||
fastcgi_param HOST $http_host;
|
||||
# Keep original request (LLNG server will received /llauth)
|
||||
# Keep original request (LL::NG server will receive /lmauth)
|
||||
fastcgi_param X_ORIGINAL_URI $original_uri;
|
||||
}
|
||||
|
||||
|
|
|
@ -15,7 +15,7 @@ wants to use this feature.
|
|||
|
||||
.. tip::
|
||||
|
||||
Since version 1.9 of LLNG, old Auto-Login feature has been
|
||||
Since LL::NG 1.9, old Auto-Login feature has been
|
||||
removed since it works only with Sympa-5 which has been deprecated
|
||||
|
||||
|
||||
|
@ -101,7 +101,7 @@ authentication URL.
|
|||
fastcgi_param CONTENT_LENGTH "";
|
||||
# Keep original hostname
|
||||
fastcgi_param HOST $http_host;
|
||||
# Keep original request (LLNG server will received /llauth)
|
||||
# Keep original request (LL::NG server will receive /lmauth)
|
||||
fastcgi_param X_ORIGINAL_URI $original_uri;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,19 +1,19 @@
|
|||
LemonLDAP::NG FastCGI server
|
||||
============================
|
||||
|
||||
Since 1.9, Lemonldap::NG provides a FastCGI server usable to protect
|
||||
Since 1.9, LL::NG provides a FastCGI server that can be used for protecting
|
||||
applications with Nginx (See
|
||||
:doc:`Manage virtual hosts<configvhost>` page to
|
||||
configure virtual hosts).
|
||||
:doc:`Manage virtual hosts<configvhost>` page to configure virtual hosts)
|
||||
or the DevOps Handler (See :doc:`SSO as a Service<ssoaas>`).
|
||||
|
||||
This FastCGI server can be used for all LLNG components. It compiles
|
||||
enabled components on-the-fly.
|
||||
This FastCGI server can be implemented for all LL::NG components.
|
||||
It compiles enabled components just-in-time.
|
||||
|
||||
Start
|
||||
-----
|
||||
|
||||
Using packages
|
||||
~~~~~~~~~~~~~~
|
||||
Using package
|
||||
~~~~~~~~~~~~~
|
||||
|
||||
You just have to install lemonldap-ng-fastcgi-server package, it will be
|
||||
started automatically.
|
||||
|
|
|
@ -7,7 +7,7 @@ SOCKET=__FASTCGISOCKDIR__/llng-fastcgi.sock
|
|||
# Pid file
|
||||
PID=__FASTCGISOCKDIR__/llng-fastcgi-server.pid
|
||||
|
||||
# User and GROUP
|
||||
# USER and GROUP
|
||||
USER=__USER__
|
||||
GROUP=__GROUP__
|
||||
|
||||
|
|
|
@ -133,29 +133,29 @@
|
|||
.\" ========================================================================
|
||||
.\"
|
||||
.IX Title "llng-fastcgi-server 8"
|
||||
.TH llng-fastcgi-server 8 "2021-08-10" "perl v5.32.1" "User Contributed Perl Documentation"
|
||||
.TH llng-fastcgi-server 8 "2022-04-01" "perl v5.32.1" "User Contributed Perl Documentation"
|
||||
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
|
||||
.\" way too many mistakes in technical documents.
|
||||
.if n .ad l
|
||||
.nh
|
||||
.SH "NAME"
|
||||
llng\-fastcgi\-server \- FastCGI server used to provide Lemonldap::NG services to
|
||||
Nginx
|
||||
llng\-fastcgi\-server \- FastCGI server used for providing LemonLDAP::NG services.
|
||||
.SH "SYNOPSIS"
|
||||
.IX Header "SYNOPSIS"
|
||||
.Vb 2
|
||||
\& # Start server listening to /run/llng.sock with 10 process
|
||||
\& # Start server listening to /run/llng.sock with 10 workers
|
||||
\& llng\-fastcgi\-server \-u nobody \-g nobody \-s /run/llng.sock \-n 10
|
||||
.Ve
|
||||
.SH "DESCRIPTION"
|
||||
.IX Header "DESCRIPTION"
|
||||
llng-fastcgi-server has been designed provides Lemonldap::NG services to Nginx.
|
||||
Portal, manager and handler will be compiled only is used. So this FastCGI
|
||||
server can be used on every Lemonldap::NG server even if it needs only some
|
||||
llng-fastcgi-server has been designed to provide LemonLDAP::NG services to Nginx
|
||||
or DevOps Handler.
|
||||
Portal, Manager and Handler will be compiled just-in-time. So this FastCGI
|
||||
server can be used on every LemonLDAP::NG server even if it needs only some
|
||||
parts (isolated handlers, portal,...).
|
||||
.SH "PARAMETERS"
|
||||
.IX Header "PARAMETERS"
|
||||
Each parameter can be set by an option or a environment variable.
|
||||
Each parameter can be set by using options or environment variables.
|
||||
.IP "\-\-pid \-p ($ENV{\s-1PID\s0}):" 4
|
||||
.IX Item "--pid -p ($ENV{PID}):"
|
||||
pid file
|
||||
|
@ -182,14 +182,14 @@ file to load for custom functions
|
|||
Plack::Handler engine, default to \s-1FCGI\s0 (see below)
|
||||
.IP "\-\-plackOptions:" 4
|
||||
.IX Item "--plackOptions:"
|
||||
other options to pass to the Plack handler. This multi-valued parameter must
|
||||
To pass other options to the Plack handler. This multi-valued parameter must
|
||||
have \*(L"key=value\*(R" values.
|
||||
.Sp
|
||||
See Plack::Handler::FCGI for a list of options for the default \s-1FCGI\s0 engine
|
||||
See Plack::Handler::FCGI to find out list of available options for default \s-1FCGI\s0 engine
|
||||
.SH "ENGINES"
|
||||
.IX Header "ENGINES"
|
||||
By default, llng-fastcgi-server uses \s-1FCGI\s0 (= Plack::Handler::FCGI). Some
|
||||
other engines can be used:
|
||||
By default, llng-fastcgi-server uses \s-1FCGI\s0 (= Plack::Handler::FCGI).
|
||||
Some other engines can be used:
|
||||
.SS "\s-1FCGI\s0 (default)"
|
||||
.IX Subsection "FCGI (default)"
|
||||
It uses FCGI::ProcManager as manager. Other managers:
|
||||
|
@ -231,7 +231,7 @@ Use \s-1OW2\s0 system to report bug or ask for features:
|
|||
.SH "DOWNLOAD"
|
||||
.IX Header "DOWNLOAD"
|
||||
Lemonldap::NG is available at
|
||||
<https://lemonldap-ng.org/download>
|
||||
<https://lemonldap\-ng.org/download>
|
||||
.SH "COPYRIGHT AND LICENSE"
|
||||
.IX Header "COPYRIGHT AND LICENSE"
|
||||
.IP "Copyright (C) 2008\-2016 by Xavier Guimard, <x.guimard@free.fr>" 4
|
||||
|
|
|
@ -7,7 +7,7 @@ use POSIX;
|
|||
use Getopt::Long;
|
||||
use Lemonldap::NG::Handler::Main::Reload;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.0.15';
|
||||
|
||||
our (
|
||||
$foreground, $engine, $nproc, $pidFile,
|
||||
|
@ -168,24 +168,24 @@ __END__
|
|||
|
||||
=encoding utf8
|
||||
|
||||
llng-fastcgi-server - FastCGI server used to provide Lemonldap::NG services to
|
||||
Nginx
|
||||
llng-fastcgi-server - FastCGI server used for providing LemonLDAP::NG services.
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
# Start server listening to /run/llng.sock with 10 process
|
||||
# Start server listening to /run/llng.sock with 10 workers
|
||||
llng-fastcgi-server -u nobody -g nobody -s /run/llng.sock -n 10
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
llng-fastcgi-server has been designed provides Lemonldap::NG services to Nginx.
|
||||
Portal, manager and handler will be compiled only is used. So this FastCGI
|
||||
server can be used on every Lemonldap::NG server even if it needs only some
|
||||
llng-fastcgi-server has been designed to provide LemonLDAP::NG services to Nginx
|
||||
or DevOps Handler.
|
||||
Portal, Manager and Handler will be compiled just-in-time. So this FastCGI
|
||||
server can be used on every LemonLDAP::NG server even if it needs only some
|
||||
parts (isolated handlers, portal,...).
|
||||
|
||||
=head1 PARAMETERS
|
||||
|
||||
Each parameter can be set by an option or a environment variable.
|
||||
Each parameter can be set by using options or environment variables.
|
||||
|
||||
=over
|
||||
|
||||
|
@ -223,17 +223,17 @@ Plack::Handler engine, default to FCGI (see below)
|
|||
|
||||
=item --plackOptions:
|
||||
|
||||
other options to pass to the Plack handler. This multi-valued parameter must
|
||||
To pass other options to the Plack handler. This multi-valued parameter must
|
||||
have "key=value" values.
|
||||
|
||||
See Plack::Handler::FCGI for a list of options for the default FCGI engine
|
||||
See Plack::Handler::FCGI to find out list of available options for default FCGI engine
|
||||
|
||||
=back
|
||||
|
||||
=head1 ENGINES
|
||||
|
||||
By default, llng-fastcgi-server uses FCGI (= L<Plack::Handler::FCGI>). Some
|
||||
other engines can be used:
|
||||
By default, llng-fastcgi-server uses FCGI (= L<Plack::Handler::FCGI>).
|
||||
Some other engines can be used:
|
||||
|
||||
=head2 FCGI (default)
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
LemonLDAP::NG
|
||||
====================
|
||||
=============
|
||||
|
||||
LemonLDAP::NG is a modular Web-SSO based on Apache::Session modules.
|
||||
This is the common part of it. You can find documentation here:
|
||||
|
|
|
@ -3,8 +3,8 @@
|
|||
# LemonLDAP::NG session conversion tool
|
||||
#
|
||||
# This script lets an administrator migrate existing sessions from one backend
|
||||
# to another. It is mostly useful when run on persistant sessions, but it can be
|
||||
# useful in some other cases too, such as OIDC Offline sessions
|
||||
# to another. It is mostly useful when run on persistant sessions, but it can
|
||||
# be useful in some other cases too, such as OIDC Offline sessions
|
||||
#
|
||||
# This is part of LemonLDAP::NG product, released under GPL
|
||||
#=============================================================================
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
#=============================================================================
|
||||
# Rotation of OpenID Connect keys
|
||||
#
|
||||
# This module is written to be used by cron to rotate keys.
|
||||
# This script is written to be used by cron to rotate keys.
|
||||
#
|
||||
# This is part of LemonLDAP::NG product, released under GPL
|
||||
#=============================================================================
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
#!/usr/bin/perl
|
||||
#=============================================================================
|
||||
# Cleaner for LemonLDAP::NG: removes old sessions from Apache::Session
|
||||
# Cleaner for LemonLDAP::NG:
|
||||
#
|
||||
# This module is written to be used by cron to clean old sessions from
|
||||
# Apache::Session. It does not works with Apache::Session::Memcached
|
||||
# It removes old sessions from Apache::Session
|
||||
# This script is written to be used by cron to clean old sessions from
|
||||
# Apache::Session. It does not work with Apache::Session::Memcached
|
||||
#
|
||||
# This is part of LemonLDAP::NG product, released under GPL
|
||||
#=============================================================================
|
||||
|
|
Loading…
Reference in New Issue