Documentation for upgrade process

build/lemonldap-ng/changelog

@@ -17,7 +17,17 @@ lemonldap-ng (1.0-rc1) unstable; urgency=low
   * Portal index.pl use lemonldap-ng.ini to get parameters
   * CSS and Javascript minification capability
   * Apache configuration splitted into portal/manager/handler
-  * XML Menu deprecated
+  * XML Menu is deprecated
+  * LDAP recursive groups
+  * unprotect target in rules
+  * Force authentication parameter
+  * Store in user session Auth/UserDB/PasswordDB/IssuerDB used module
+  * Use a confirmation token for password reset by mail
+  * SOAP: isAuthorizedUri Web Service
+  * Confirm and Info stages in Portal
+  * Possibility to define a rule to grant session
+  * Configuration parameters for portal customization (skin, ...)
+  * Possibility to set cookie expiration
 
  -- Xavier Guimard <x.guimard@free.fr>  Thu, 31 Dec 2009 14:09:13 +0100
 

build/lemonldap-ng/doc/3-Table-of-contents-fr.html

@@ -156,6 +156,10 @@
       <li><span class="wikilink"><a href=
       "3.3-Install-from-suse-packages.html">Installation sous SLES/OpenSuSE
       &agrave; partir des paquets</a></span> (en)</li>
+
+      <li><span class="wikilink"><a href=
+      "3.4-Upgrade-from-0.9.4-to-1.0.html">Mise &agrave; jour depuis 0.9.4
+      vers 1.0</a></span> (en)</li>
     </ul>
 
     <h3 class="heading-1-1"><span id=

build/lemonldap-ng/doc/3-Table-of-contents.html

@@ -150,6 +150,10 @@
       <li><span class="wikilink"><a href=
       "3.3-Install-from-suse-packages.html">Installation on SLES/OpenSuSE with
       packages</a></span> (en)</li>
+
+      <li><span class="wikilink"><a href=
+      "3.4-Upgrade-from-0.9.4-to-1.0.html">Upgrade from 0.9.4 to
+      1.0</a></span> (en)</li>
     </ul>
 
     <h3 class="heading-1-1"><span id=

build/lemonldap-ng/doc/3.4-Upgrade-from-0.9.4-to-1.0.html

@@ -0,0 +1,194 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr">
+<head>
+  <meta name="generator" content=
+  "HTML Tidy for Linux/x86 (vers 7 December 2008), see www.w3.org" />
+
+  <title>Lemonldap::NG documentation:
+  3.4-Upgrade-from-0.9.4-to-1.0.html</title>
+  <meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
+  <style type="text/css">
+/*<![CDATA[*/
+    body{
+      background: #ddd;
+      font-family: sans-serif;
+      font-size: 11pt;
+      padding: 0 50px;
+    }
+    div.main-content{
+      padding: 10px;
+      background: #fff;
+      border: 2px #ccc solid;
+    }
+    a{
+      text-decoration: none;
+    }
+    p.footer{
+      text-align: center;
+      margin: 5px 0 0 0;
+    }
+    .heading-1{
+      text-align: center;
+      color: orange;
+      font-variant: small-caps;
+      font-size: 20pt;
+    }
+    .heading-1-1{
+      color: orange;
+      font-size: 14pt;
+      border-bottom: 2px #ccc solid;
+    }
+    pre{
+      background: #eee;
+      border: 2px #ccc solid;
+      padding: 5px;
+      border-left: 10px #ccc solid;
+    }
+    ul.star li{
+      list-style-type: square;
+    }
+  /*]]>*/
+  </style>
+</head>
+
+<body>
+  <div class="main-content">
+    <h2 class="heading-1"><span id="HUpgradefrom094to10">Upgrade from 0.9.4 to
+    1.0</span></h2>
+
+    <p class="paragraph"></p>
+
+    <ul>
+      <li><a href="#HWhat27snew">What's new</a></li>
+
+      <li><a href="#HApacheconfiguration">Apache configuration</a></li>
+
+      <li><a href="#HLocalLemonLDAP3A3ANGsettings">Local LemonLDAP::NG
+      settings</a></li>
+
+      <li><a href="#HLibertyAllianceportal">Liberty Alliance portal</a></li>
+    </ul>
+
+    <h3 class="heading-1-1"><span id="HWhat27snew">What's new</span></h3>
+
+    <p class="paragraph"></p>LemonLDAP::NG 1.0 come with some brand new
+    features:
+
+    <ul class="star">
+      <li>More authentication backends (DBI, proxy, SAML, ...)</li>
+
+      <li>Manager with Ajax</li>
+
+      <li>Unified configuration in a central ini file</li>
+
+      <li>Split Apache configuration for Portal/Manager/Handler</li>
+
+      <li>...</li>
+    </ul>All these changes require to take a look at following paragraphs if
+    you want to migrate your LemonLDAP::NG 0.9.4 installation.
+
+    <h3 class="heading-1-1"><span id="HApacheconfiguration">Apache
+    configuration</span></h3>
+
+    <p class="paragraph"></p>Now LemonLDAP::NG is shipped with 3 Apache
+    configuration files:
+
+    <ul class="star">
+      <li><strong class="strong">portal-apache2.conf</strong>: portal virtual
+      host</li>
+
+      <li><strong class="strong">manager-apache2.conf</strong>: manager
+      virtual host</li>
+
+      <li><strong class="strong">handler-apache2.conf</strong>: handler
+      declaration and protected application virtual hosts</li>
+    </ul><strong class="strong">Note</strong>: If you are still using Apache
+    1, those files are named <strong class=
+    "strong">portal-apache.conf</strong>, *manager-apache.conf*,
+    <strong class="strong">handler-apache.conf</strong>.
+
+    <p class="paragraph"></p>With LemonLDAP::NG, you should only have on file
+    (<strong class="strong">apache2.conf</strong>). So you need to report all
+    your Apache customization in those 3 files, and include them in the main
+    Apache configuration file (<strong class="strong">httpd.conf</strong>).
+
+    <h3 class="heading-1-1"><span id="HLocalLemonLDAP3A3ANGsettings">Local
+    LemonLDAP::NG settings</span></h3>
+
+    <p class="paragraph"></p>LemonLDAP::NG 0.9.4 used local files for some
+    settings:
+
+    <ul class="star">
+      <li><strong class="strong">apply.conf</strong>: URI used by Manager to
+      apply changes</li>
+
+      <li><strong class="strong">storage.cong</strong>: Configuration location
+      and Cache settings</li>
+
+      <li><strong class="strong">apps-list.xml</strong>: Application menu</li>
+    </ul>Those file are not used anymore, and merged into <strong class=
+    "strong">lemonldap-ng.ini</strong>.
+
+    <p class="paragraph"></p>There is a script in the bin/ directory called
+    <strong class="strong">lmMigrateConfFiles2ini</strong> designed to parse
+    old configuration files and copy parameters in the new file.
+
+    <p class="paragraph"></p>Script options:
+
+    <ul class="star">
+      <li><strong class="strong">--dir,-d</strong>: path to main configuration
+      directory (default: /etc/lemonldap-ng)</li>
+
+      <li><strong class="strong">--storage,-s</strong>: path to storage.conf
+      (if not stored in conf dir)</li>
+
+      <li><strong class="strong">--apply,-a</strong>: path to apply.conf (if
+      not stored in conf dir)</li>
+
+      <li><strong class="strong">--menuxml,-m</strong>: path to apps-list.xml
+      (if not stored in conf dir)</li>
+
+      <li><strong class="strong">--ini,-i</strong>: path to lemonldap-ng.ini
+      (if not stored in conf dir)</li>
+
+      <li><strong class="strong">--preserve,-p</strong>: do not erase old
+      files after import</li>
+
+      <li><strong class="strong">--help,-h</strong>: show this message</li>
+
+      <li><strong class="strong">--verbose,-v</strong>: let me tell you my
+      life</li>
+    </ul>Here is how you can use it, if you installed LemonLDAP::NG from the
+    tarball in the /usr/local/lemonldap-ng directory:
+
+    <div class="code">
+      <pre>
+$ sudo /usr/local/lemonldap-ng/bin/lmMigrateConfFiles2ini -d /usr/local/lemonldap-ng/etc -v -p
+</pre>
+    </div><br />
+    <br />
+    Remove the <strong class="strong">-p</strong> options if you want to
+    delete old files.
+
+    <h3 class="heading-1-1"><span id="HLibertyAllianceportal">Liberty Alliance
+    portal</span></h3><br />
+    <br />
+    Liberty Alliance portal is no more installed by default. Indeed,
+    LemonLDAP::NG has now SAML2 authentication backend!<br />
+    <br />
+    If you still want the Liberty Alliance portal, use this in install
+    command:
+
+    <div class="code">
+      <pre>
+$ sudo make install WITHLA=1
+</pre>
+    </div>
+  </div>
+
+  <p class="footer"><a href="index.html">Index</a></p>
+</body>
+</html>

build/lemonldap-ng/doc/6-Roadmap.html

@@ -70,6 +70,12 @@
       <li><a href="#HVersion09428publishedinjuly200929">Version 0.9.4
       (published in july 2009)</a></li>
 
+      <li><a href="#HVersion10ReleaseCandidate128april201029">Version 1.0 -
+      Release Candidate 1 (april 2010)</a></li>
+
+      <li><a href="#HVersion1028september201029">Version 1.0 (september
+      2010)</a></li>
+
       <li><a href="#HNextversions28plannedwhenready29">Next versions
       (planned&hellip; when ready)</a></li>
     </ul><strong class="strong">Icons legend:</strong><br />
@@ -148,37 +154,46 @@
     <img src="ok.png" alt="ok.png" /> Mail (reset password)
     customization<br />
 
-    <h3 class="heading-1-1"><span id="HNextversions28plannedwhenready29">Next
-    versions (planned&hellip; when ready)</span></h3><img src="ok.png" alt=
-    "ok.png" /> Proxy authentication module (<span class="wikilink"><a href=
+    <h3 class="heading-1-1"><span id=
+    "HVersion10ReleaseCandidate128april201029">Version 1.0 - Release Candidate
+    1 (april 2010)</span></h3><img src="ok.png" alt="ok.png" /> Proxy
+    authentication module (<span class="wikilink"><a href=
     "/xwiki/bin/view/NG/AuthProxy">learn more</a></span>)<br />
-    <img src="warning_triangle.png" alt="warning_triangle.png" /> SAML2 IdP
-    and SP<br />
-    <img src="warning_triangle.png" alt="warning_triangle.png" /> OpenID IdP
-    and SP<br />
-    <img src="warning_triangle.png" alt="warning_triangle.png" /> OAuth IdP
-    and SP<br />
-    <img src="warning_triangle.png" alt="warning_triangle.png" /> Twitter
-    SP<br />
-    <img src="warning_triangle.png" alt="warning_triangle.png" /> Monitoring
-    scripts (MRTG, Cacti, Nagios)<br />
-    <img src="warning_triangle.png" alt="warning_triangle.png" /> Handler POST
-    functionnalities, to fill authentication forms with login/password<br />
+    <img src="ok.png" alt="ok.png" /> SAML2 SP<br />
+    <img src="ok.png" alt="ok.png" /> Split Apache configuration files
+    (Handler, Portal, Manager)<br />
+    <img src="ok.png" alt="ok.png" /> DBI auth, user and password
+    backend<br />
+    <img src="ok.png" alt="ok.png" /> Confirmation token for mail reset<br />
+    <img src="ok.png" alt="ok.png" /> LDAP recursive groups<br />
+    <img src="warning_triangle.png" alt="warning_triangle.png" /> Rewrite
+    Manager with JQuery and Ajax<br />
     <img src="warning_triangle.png" alt="warning_triangle.png" />
     Configuration update, to manage all new parameters (<span class=
     "wikilink"><a href="4.1-Configuration-parameter-list.html">learn
     more</a></span>)<br />
     <img src="warning_triangle.png" alt="warning_triangle.png" />
     Configuration migration scripts<br />
-    <img src="warning_triangle.png" alt="warning_triangle.png" /> Rewrite
-    Manager with JQuery and Ajax<br />
-    <img src="error.png" alt="error.png" /> Portal and Manager trigger system,
-    to execute code on specified action (apply, save, etc.)<br />
+
+    <h3 class="heading-1-1"><span id="HVersion1028september201029">Version 1.0
+    (september 2010)</span></h3><img src="warning_triangle.png" alt=
+    "warning_triangle.png" /> SAML2 IdP<br />
+    <img src="warning_triangle.png" alt="warning_triangle.png" /> OpenID IdP
+    and SP<br />
+    <img src="warning_triangle.png" alt="warning_triangle.png" /> OAuth IdP
+    and SP<br />
+    <img src="warning_triangle.png" alt="warning_triangle.png" /> Twitter
+    SP<br />
+    <img src="warning_triangle.png" alt="warning_triangle.png" /> Handler POST
+    functionnalities, to fill authentication forms with login/password<br />
     <img src="error.png" alt="error.png" /> Refactor Portal/Menu.pm and
     Portal/Simple.pm<br />
-    <img src="error.png" alt="error.png" /> Split Apache configuration files
-    (Handler, Portal, Manager)<br />
     <img src="error.png" alt="error.png" /> Use i18n in Session Explorer<br />
+
+    <h3 class="heading-1-1"><span id="HNextversions28plannedwhenready29">Next
+    versions (planned&hellip; when ready)</span></h3><img src=
+    "warning_triangle.png" alt="warning_triangle.png" /> Monitoring scripts
+    (MRTG, Cacti, Nagios)<br />
     <img src="error.png" alt="error.png" /> Change menu to be useable both in
     portal and auto-protected CGI<br />
     <img src="error.png" alt="error.png" /> Manage Apache virtualhost
@@ -193,7 +208,10 @@
     authentications<br />
     <img src="error.png" alt="error.png" /> Use <span class=
     "wikiexternallink"><a href=
-    "http://www.yaml.de/en/overview.html">YAML</a></span> in Portal templates
+    "http://www.yaml.de/en/overview.html">YAML</a></span> in Portal
+    templates<br />
+    <img src="error.png" alt="error.png" /> Portal and Manager trigger system,
+    to execute code on specified action (apply, save, etc.)<br />
   </div>
 
   <p class="footer"><a href="index.html">Index</a></p>

build/lemonldap-ng/doc/index.html

@@ -60,6 +60,7 @@
       <li><a href="3.3-Install-from-debian-packages.html">3.3 Install from debian packages</a></li>
       <li><a href="3.3-Install-from-redhat-packages.html">3.3 Install from redhat packages</a></li>
       <li><a href="3.3-Install-from-suse-packages.html">3.3 Install from suse packages</a></li>
+      <li><a href="3.4-Upgrade-from-0.9.4-to-1.0.html">3.4 Upgrade from 0.9.4 to 1.0</a></li>
       <li><a href="4.1-Configuration-overview.html">4.1 Configuration overview</a></li>
       <li><a href="4.1-Configuration-parameter-list.html">4.1 Configuration parameter list</a></li>
       <li><a href="4.1-RBAC-model.html">4.1 RBAC model</a></li>

build/lemonldap-ng/scripts/doc.pl

@@ -20,6 +20,7 @@ my $docs = {
     'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/DocInstallDebianPackages'      => '3.3-Install-from-debian-packages.html',
     'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/DocInstallRedHatPackages'      => '3.3-Install-from-redhat-packages.html',
     'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/DocInstallSuSEPackages'        => '3.3-Install-from-suse-packages.html',
+    'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/DocUpgrade094To10'             => '3.4-Upgrade-from-0.9.4-to-1.0.html',
     # Configuration overview
     'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/DocConfigOverwiew'             => '4.1-Configuration-overview.html',
     'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/RBAC'                          => '4.1-RBAC-model.html',
@@ -198,6 +199,7 @@ while ( my ( $url, $file ) = each %$docs ) {
 	s#/xwiki/bin/view/NG/DocInstallDebianPackages#3.3-Install-from-debian-packages.html#g;
 	s#/xwiki/bin/view/NG/DocInstallRedHatPackages#3.3-Install-from-redhat-packages.html#g;
 	s#/xwiki/bin/view/NG/DocInstallSuSEPackages#3.3-Install-from-suse-packages.html#g;
+	s#/xwiki/bin/view/NG/DocUpgrade094To10#3.4-Upgrade-from-0.9.4-to-1.0.html#g;
 	s#/xwiki/bin/view/NG/DocConfigOverwiew#4.1-Configuration-overview.html#g;
 	s#/xwiki/bin/view/NG/RBAC#4.1-RBAC-model.html#g;
 	s#/xwiki/bin/view/NG/ConfigParameterList#4.1-Configuration-parameter-list.html#g;

modules/lemonldap-ng-common/scripts/lmMigrateConfFiles2ini

@@ -27,6 +27,7 @@ if ( $opts{help} ) {
     print "\t--ini,-i: path to lemonldap-ng.ini (if not stored in conf dir)\n";
     print "\t--preserve,-p: do not erase old files after import\n";
     print "\t--help,-h: show this message\n";
+    print "\t--verbose,-v: let me tell you my life\n";
     exit 0;
 }
 
@@ -36,18 +37,19 @@ my $old = {
     storage => $opts{storage} || $opts{dir} . "/storage.conf",
     apply   => $opts{apply}   || $opts{dir} . "/apply.conf",
     menuxml => $opts{menuxml} || $opts{dir} . "/apps-list.xml",
+    menudtd => $opts{dir} . "/apps-list.dtd",
 };
 my $new = $opts{ini} || $opts{dir} . "/lemonldap-ng.ini";
 my $datas;
 
 if ( $opts{verbose} ) {
     print "Using values:\n";
-    print "\tdir: " . $opts{dir} . "\n";
-    print "\tstorage: " . $opts{storage} . "\n";
-    print "\tapply: " . $opts{apply} . "\n";
-    print "\tstorage: " . $opts{menuxml} . "\n";
-    print "\tini: " . $opts{ini} . "\n";
-    print "\tpreserve: " . $opts{preserve} . "\n\n";
+    print "\tMain configuration dir: " . $opts{dir} . "\n";
+    print "\tFile storage: " . $old->{storage} . "\n";
+    print "\tFile apply: " . $old->{apply} . "\n";
+    print "\tFile menu: " . $old->{menuxml} . "\n";
+    print "\tNew ini file: " . $new . "\n";
+    print "\tPreserve: " . ($opts{preserve}?"yes":"no") . "\n\n";
 }
 
 # Convert storage.conf
@@ -65,14 +67,14 @@ if ( -r $old->{storage} ) {
     print "\n" if $opts{verbose};
 }
 elsif ( $opts{die} ) {
-    quit( 2, $old->{storage} . " is not readeable" );
+    quit( 2, $old->{storage} . " is not readable" );
 }
 else {
-    print STDERR $old->{storage} . " is not readeable\n";
+    print STDERR $old->{storage} . " is not readable\n";
 }
 
 # Convert apply.conf
-if ( -e $old->{apply} ) {
+if ( -r $old->{apply} ) {
     print "Parsing " . $old->{apply} . "\n" if $opts{verbose};
     open F, $old->{apply};
     while (<F>) {
@@ -85,9 +87,15 @@ if ( -e $old->{apply} ) {
     close F;
     print "\n" if $opts{verbose};
 }
+elsif ( $opts{die} ) {
+    quit( 2, $old->{apply} . " is not readable" );
+}
+else {
+    print STDERR $old->{apply} . " is not readable\n";
+}
 
 # Convert apps-list.xml
-if ( -e $old->{menuxml} ) {
+if ( -r $old->{menuxml} ) {
 
     print "Parsing " . $old->{menuxml} . "\n" if $opts{verbose};
 
@@ -107,6 +115,12 @@ if ( -e $old->{menuxml} ) {
     $datas->{ +PORTALSECTION }->{applicationList} = $value;
     print "\tapplicationList: $value\n\n" if $opts{verbose};
 }
+elsif ( $opts{die} ) {
+    quit( 2, $old->{menuxml} . " is not readable" );
+}
+else {
+    print STDERR $old->{menuxml} . " is not readable\n";
+}
 
 # Open ini configuration file
 my $conf;
@@ -145,7 +159,7 @@ else {
         "Unable to create $new:\n\t"
           . join( "\n\t", @Config::IniFiles::errors ) );
     unless ( $opts{preserve} ) {
-        unlink $old->{storage}, $old->{apply}, $old->{menuxml};
+        unlink $old->{storage}, $old->{apply}, $old->{menuxml}, $old->{menudtd};
     }
 }