Documentation for upgrade process
This commit is contained in:
parent
a8865ee094
commit
d8ef0bef30
|
@ -17,7 +17,17 @@ lemonldap-ng (1.0-rc1) unstable; urgency=low
|
|||
* Portal index.pl use lemonldap-ng.ini to get parameters
|
||||
* CSS and Javascript minification capability
|
||||
* Apache configuration splitted into portal/manager/handler
|
||||
* XML Menu deprecated
|
||||
* XML Menu is deprecated
|
||||
* LDAP recursive groups
|
||||
* unprotect target in rules
|
||||
* Force authentication parameter
|
||||
* Store in user session Auth/UserDB/PasswordDB/IssuerDB used module
|
||||
* Use a confirmation token for password reset by mail
|
||||
* SOAP: isAuthorizedUri Web Service
|
||||
* Confirm and Info stages in Portal
|
||||
* Possibility to define a rule to grant session
|
||||
* Configuration parameters for portal customization (skin, ...)
|
||||
* Possibility to set cookie expiration
|
||||
|
||||
-- Xavier Guimard <x.guimard@free.fr> Thu, 31 Dec 2009 14:09:13 +0100
|
||||
|
||||
|
|
|
@ -156,6 +156,10 @@
|
|||
<li><span class="wikilink"><a href=
|
||||
"3.3-Install-from-suse-packages.html">Installation sous SLES/OpenSuSE
|
||||
à partir des paquets</a></span> (en)</li>
|
||||
|
||||
<li><span class="wikilink"><a href=
|
||||
"3.4-Upgrade-from-0.9.4-to-1.0.html">Mise à jour depuis 0.9.4
|
||||
vers 1.0</a></span> (en)</li>
|
||||
</ul>
|
||||
|
||||
<h3 class="heading-1-1"><span id=
|
||||
|
|
|
@ -150,6 +150,10 @@
|
|||
<li><span class="wikilink"><a href=
|
||||
"3.3-Install-from-suse-packages.html">Installation on SLES/OpenSuSE with
|
||||
packages</a></span> (en)</li>
|
||||
|
||||
<li><span class="wikilink"><a href=
|
||||
"3.4-Upgrade-from-0.9.4-to-1.0.html">Upgrade from 0.9.4 to
|
||||
1.0</a></span> (en)</li>
|
||||
</ul>
|
||||
|
||||
<h3 class="heading-1-1"><span id=
|
||||
|
|
|
@ -0,0 +1,194 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
|
||||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr">
|
||||
<head>
|
||||
<meta name="generator" content=
|
||||
"HTML Tidy for Linux/x86 (vers 7 December 2008), see www.w3.org" />
|
||||
|
||||
<title>Lemonldap::NG documentation:
|
||||
3.4-Upgrade-from-0.9.4-to-1.0.html</title>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
|
||||
<style type="text/css">
|
||||
/*<![CDATA[*/
|
||||
body{
|
||||
background: #ddd;
|
||||
font-family: sans-serif;
|
||||
font-size: 11pt;
|
||||
padding: 0 50px;
|
||||
}
|
||||
div.main-content{
|
||||
padding: 10px;
|
||||
background: #fff;
|
||||
border: 2px #ccc solid;
|
||||
}
|
||||
a{
|
||||
text-decoration: none;
|
||||
}
|
||||
p.footer{
|
||||
text-align: center;
|
||||
margin: 5px 0 0 0;
|
||||
}
|
||||
.heading-1{
|
||||
text-align: center;
|
||||
color: orange;
|
||||
font-variant: small-caps;
|
||||
font-size: 20pt;
|
||||
}
|
||||
.heading-1-1{
|
||||
color: orange;
|
||||
font-size: 14pt;
|
||||
border-bottom: 2px #ccc solid;
|
||||
}
|
||||
pre{
|
||||
background: #eee;
|
||||
border: 2px #ccc solid;
|
||||
padding: 5px;
|
||||
border-left: 10px #ccc solid;
|
||||
}
|
||||
ul.star li{
|
||||
list-style-type: square;
|
||||
}
|
||||
/*]]>*/
|
||||
</style>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div class="main-content">
|
||||
<h2 class="heading-1"><span id="HUpgradefrom094to10">Upgrade from 0.9.4 to
|
||||
1.0</span></h2>
|
||||
|
||||
<p class="paragraph"></p>
|
||||
|
||||
<ul>
|
||||
<li><a href="#HWhat27snew">What's new</a></li>
|
||||
|
||||
<li><a href="#HApacheconfiguration">Apache configuration</a></li>
|
||||
|
||||
<li><a href="#HLocalLemonLDAP3A3ANGsettings">Local LemonLDAP::NG
|
||||
settings</a></li>
|
||||
|
||||
<li><a href="#HLibertyAllianceportal">Liberty Alliance portal</a></li>
|
||||
</ul>
|
||||
|
||||
<h3 class="heading-1-1"><span id="HWhat27snew">What's new</span></h3>
|
||||
|
||||
<p class="paragraph"></p>LemonLDAP::NG 1.0 come with some brand new
|
||||
features:
|
||||
|
||||
<ul class="star">
|
||||
<li>More authentication backends (DBI, proxy, SAML, ...)</li>
|
||||
|
||||
<li>Manager with Ajax</li>
|
||||
|
||||
<li>Unified configuration in a central ini file</li>
|
||||
|
||||
<li>Split Apache configuration for Portal/Manager/Handler</li>
|
||||
|
||||
<li>...</li>
|
||||
</ul>All these changes require to take a look at following paragraphs if
|
||||
you want to migrate your LemonLDAP::NG 0.9.4 installation.
|
||||
|
||||
<h3 class="heading-1-1"><span id="HApacheconfiguration">Apache
|
||||
configuration</span></h3>
|
||||
|
||||
<p class="paragraph"></p>Now LemonLDAP::NG is shipped with 3 Apache
|
||||
configuration files:
|
||||
|
||||
<ul class="star">
|
||||
<li><strong class="strong">portal-apache2.conf</strong>: portal virtual
|
||||
host</li>
|
||||
|
||||
<li><strong class="strong">manager-apache2.conf</strong>: manager
|
||||
virtual host</li>
|
||||
|
||||
<li><strong class="strong">handler-apache2.conf</strong>: handler
|
||||
declaration and protected application virtual hosts</li>
|
||||
</ul><strong class="strong">Note</strong>: If you are still using Apache
|
||||
1, those files are named <strong class=
|
||||
"strong">portal-apache.conf</strong>, *manager-apache.conf*,
|
||||
<strong class="strong">handler-apache.conf</strong>.
|
||||
|
||||
<p class="paragraph"></p>With LemonLDAP::NG, you should only have on file
|
||||
(<strong class="strong">apache2.conf</strong>). So you need to report all
|
||||
your Apache customization in those 3 files, and include them in the main
|
||||
Apache configuration file (<strong class="strong">httpd.conf</strong>).
|
||||
|
||||
<h3 class="heading-1-1"><span id="HLocalLemonLDAP3A3ANGsettings">Local
|
||||
LemonLDAP::NG settings</span></h3>
|
||||
|
||||
<p class="paragraph"></p>LemonLDAP::NG 0.9.4 used local files for some
|
||||
settings:
|
||||
|
||||
<ul class="star">
|
||||
<li><strong class="strong">apply.conf</strong>: URI used by Manager to
|
||||
apply changes</li>
|
||||
|
||||
<li><strong class="strong">storage.cong</strong>: Configuration location
|
||||
and Cache settings</li>
|
||||
|
||||
<li><strong class="strong">apps-list.xml</strong>: Application menu</li>
|
||||
</ul>Those file are not used anymore, and merged into <strong class=
|
||||
"strong">lemonldap-ng.ini</strong>.
|
||||
|
||||
<p class="paragraph"></p>There is a script in the bin/ directory called
|
||||
<strong class="strong">lmMigrateConfFiles2ini</strong> designed to parse
|
||||
old configuration files and copy parameters in the new file.
|
||||
|
||||
<p class="paragraph"></p>Script options:
|
||||
|
||||
<ul class="star">
|
||||
<li><strong class="strong">--dir,-d</strong>: path to main configuration
|
||||
directory (default: /etc/lemonldap-ng)</li>
|
||||
|
||||
<li><strong class="strong">--storage,-s</strong>: path to storage.conf
|
||||
(if not stored in conf dir)</li>
|
||||
|
||||
<li><strong class="strong">--apply,-a</strong>: path to apply.conf (if
|
||||
not stored in conf dir)</li>
|
||||
|
||||
<li><strong class="strong">--menuxml,-m</strong>: path to apps-list.xml
|
||||
(if not stored in conf dir)</li>
|
||||
|
||||
<li><strong class="strong">--ini,-i</strong>: path to lemonldap-ng.ini
|
||||
(if not stored in conf dir)</li>
|
||||
|
||||
<li><strong class="strong">--preserve,-p</strong>: do not erase old
|
||||
files after import</li>
|
||||
|
||||
<li><strong class="strong">--help,-h</strong>: show this message</li>
|
||||
|
||||
<li><strong class="strong">--verbose,-v</strong>: let me tell you my
|
||||
life</li>
|
||||
</ul>Here is how you can use it, if you installed LemonLDAP::NG from the
|
||||
tarball in the /usr/local/lemonldap-ng directory:
|
||||
|
||||
<div class="code">
|
||||
<pre>
|
||||
$ sudo /usr/local/lemonldap-ng/bin/lmMigrateConfFiles2ini -d /usr/local/lemonldap-ng/etc -v -p
|
||||
</pre>
|
||||
</div><br />
|
||||
<br />
|
||||
Remove the <strong class="strong">-p</strong> options if you want to
|
||||
delete old files.
|
||||
|
||||
<h3 class="heading-1-1"><span id="HLibertyAllianceportal">Liberty Alliance
|
||||
portal</span></h3><br />
|
||||
<br />
|
||||
Liberty Alliance portal is no more installed by default. Indeed,
|
||||
LemonLDAP::NG has now SAML2 authentication backend!<br />
|
||||
<br />
|
||||
If you still want the Liberty Alliance portal, use this in install
|
||||
command:
|
||||
|
||||
<div class="code">
|
||||
<pre>
|
||||
$ sudo make install WITHLA=1
|
||||
</pre>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<p class="footer"><a href="index.html">Index</a></p>
|
||||
</body>
|
||||
</html>
|
|
@ -70,6 +70,12 @@
|
|||
<li><a href="#HVersion09428publishedinjuly200929">Version 0.9.4
|
||||
(published in july 2009)</a></li>
|
||||
|
||||
<li><a href="#HVersion10ReleaseCandidate128april201029">Version 1.0 -
|
||||
Release Candidate 1 (april 2010)</a></li>
|
||||
|
||||
<li><a href="#HVersion1028september201029">Version 1.0 (september
|
||||
2010)</a></li>
|
||||
|
||||
<li><a href="#HNextversions28plannedwhenready29">Next versions
|
||||
(planned… when ready)</a></li>
|
||||
</ul><strong class="strong">Icons legend:</strong><br />
|
||||
|
@ -148,37 +154,46 @@
|
|||
<img src="ok.png" alt="ok.png" /> Mail (reset password)
|
||||
customization<br />
|
||||
|
||||
<h3 class="heading-1-1"><span id="HNextversions28plannedwhenready29">Next
|
||||
versions (planned… when ready)</span></h3><img src="ok.png" alt=
|
||||
"ok.png" /> Proxy authentication module (<span class="wikilink"><a href=
|
||||
<h3 class="heading-1-1"><span id=
|
||||
"HVersion10ReleaseCandidate128april201029">Version 1.0 - Release Candidate
|
||||
1 (april 2010)</span></h3><img src="ok.png" alt="ok.png" /> Proxy
|
||||
authentication module (<span class="wikilink"><a href=
|
||||
"/xwiki/bin/view/NG/AuthProxy">learn more</a></span>)<br />
|
||||
<img src="warning_triangle.png" alt="warning_triangle.png" /> SAML2 IdP
|
||||
and SP<br />
|
||||
<img src="warning_triangle.png" alt="warning_triangle.png" /> OpenID IdP
|
||||
and SP<br />
|
||||
<img src="warning_triangle.png" alt="warning_triangle.png" /> OAuth IdP
|
||||
and SP<br />
|
||||
<img src="warning_triangle.png" alt="warning_triangle.png" /> Twitter
|
||||
SP<br />
|
||||
<img src="warning_triangle.png" alt="warning_triangle.png" /> Monitoring
|
||||
scripts (MRTG, Cacti, Nagios)<br />
|
||||
<img src="warning_triangle.png" alt="warning_triangle.png" /> Handler POST
|
||||
functionnalities, to fill authentication forms with login/password<br />
|
||||
<img src="ok.png" alt="ok.png" /> SAML2 SP<br />
|
||||
<img src="ok.png" alt="ok.png" /> Split Apache configuration files
|
||||
(Handler, Portal, Manager)<br />
|
||||
<img src="ok.png" alt="ok.png" /> DBI auth, user and password
|
||||
backend<br />
|
||||
<img src="ok.png" alt="ok.png" /> Confirmation token for mail reset<br />
|
||||
<img src="ok.png" alt="ok.png" /> LDAP recursive groups<br />
|
||||
<img src="warning_triangle.png" alt="warning_triangle.png" /> Rewrite
|
||||
Manager with JQuery and Ajax<br />
|
||||
<img src="warning_triangle.png" alt="warning_triangle.png" />
|
||||
Configuration update, to manage all new parameters (<span class=
|
||||
"wikilink"><a href="4.1-Configuration-parameter-list.html">learn
|
||||
more</a></span>)<br />
|
||||
<img src="warning_triangle.png" alt="warning_triangle.png" />
|
||||
Configuration migration scripts<br />
|
||||
<img src="warning_triangle.png" alt="warning_triangle.png" /> Rewrite
|
||||
Manager with JQuery and Ajax<br />
|
||||
<img src="error.png" alt="error.png" /> Portal and Manager trigger system,
|
||||
to execute code on specified action (apply, save, etc.)<br />
|
||||
|
||||
<h3 class="heading-1-1"><span id="HVersion1028september201029">Version 1.0
|
||||
(september 2010)</span></h3><img src="warning_triangle.png" alt=
|
||||
"warning_triangle.png" /> SAML2 IdP<br />
|
||||
<img src="warning_triangle.png" alt="warning_triangle.png" /> OpenID IdP
|
||||
and SP<br />
|
||||
<img src="warning_triangle.png" alt="warning_triangle.png" /> OAuth IdP
|
||||
and SP<br />
|
||||
<img src="warning_triangle.png" alt="warning_triangle.png" /> Twitter
|
||||
SP<br />
|
||||
<img src="warning_triangle.png" alt="warning_triangle.png" /> Handler POST
|
||||
functionnalities, to fill authentication forms with login/password<br />
|
||||
<img src="error.png" alt="error.png" /> Refactor Portal/Menu.pm and
|
||||
Portal/Simple.pm<br />
|
||||
<img src="error.png" alt="error.png" /> Split Apache configuration files
|
||||
(Handler, Portal, Manager)<br />
|
||||
<img src="error.png" alt="error.png" /> Use i18n in Session Explorer<br />
|
||||
|
||||
<h3 class="heading-1-1"><span id="HNextversions28plannedwhenready29">Next
|
||||
versions (planned… when ready)</span></h3><img src=
|
||||
"warning_triangle.png" alt="warning_triangle.png" /> Monitoring scripts
|
||||
(MRTG, Cacti, Nagios)<br />
|
||||
<img src="error.png" alt="error.png" /> Change menu to be useable both in
|
||||
portal and auto-protected CGI<br />
|
||||
<img src="error.png" alt="error.png" /> Manage Apache virtualhost
|
||||
|
@ -193,7 +208,10 @@
|
|||
authentications<br />
|
||||
<img src="error.png" alt="error.png" /> Use <span class=
|
||||
"wikiexternallink"><a href=
|
||||
"http://www.yaml.de/en/overview.html">YAML</a></span> in Portal templates
|
||||
"http://www.yaml.de/en/overview.html">YAML</a></span> in Portal
|
||||
templates<br />
|
||||
<img src="error.png" alt="error.png" /> Portal and Manager trigger system,
|
||||
to execute code on specified action (apply, save, etc.)<br />
|
||||
</div>
|
||||
|
||||
<p class="footer"><a href="index.html">Index</a></p>
|
||||
|
|
|
@ -60,6 +60,7 @@
|
|||
<li><a href="3.3-Install-from-debian-packages.html">3.3 Install from debian packages</a></li>
|
||||
<li><a href="3.3-Install-from-redhat-packages.html">3.3 Install from redhat packages</a></li>
|
||||
<li><a href="3.3-Install-from-suse-packages.html">3.3 Install from suse packages</a></li>
|
||||
<li><a href="3.4-Upgrade-from-0.9.4-to-1.0.html">3.4 Upgrade from 0.9.4 to 1.0</a></li>
|
||||
<li><a href="4.1-Configuration-overview.html">4.1 Configuration overview</a></li>
|
||||
<li><a href="4.1-Configuration-parameter-list.html">4.1 Configuration parameter list</a></li>
|
||||
<li><a href="4.1-RBAC-model.html">4.1 RBAC model</a></li>
|
||||
|
|
|
@ -20,6 +20,7 @@ my $docs = {
|
|||
'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/DocInstallDebianPackages' => '3.3-Install-from-debian-packages.html',
|
||||
'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/DocInstallRedHatPackages' => '3.3-Install-from-redhat-packages.html',
|
||||
'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/DocInstallSuSEPackages' => '3.3-Install-from-suse-packages.html',
|
||||
'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/DocUpgrade094To10' => '3.4-Upgrade-from-0.9.4-to-1.0.html',
|
||||
# Configuration overview
|
||||
'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/DocConfigOverwiew' => '4.1-Configuration-overview.html',
|
||||
'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/RBAC' => '4.1-RBAC-model.html',
|
||||
|
@ -198,6 +199,7 @@ while ( my ( $url, $file ) = each %$docs ) {
|
|||
s#/xwiki/bin/view/NG/DocInstallDebianPackages#3.3-Install-from-debian-packages.html#g;
|
||||
s#/xwiki/bin/view/NG/DocInstallRedHatPackages#3.3-Install-from-redhat-packages.html#g;
|
||||
s#/xwiki/bin/view/NG/DocInstallSuSEPackages#3.3-Install-from-suse-packages.html#g;
|
||||
s#/xwiki/bin/view/NG/DocUpgrade094To10#3.4-Upgrade-from-0.9.4-to-1.0.html#g;
|
||||
s#/xwiki/bin/view/NG/DocConfigOverwiew#4.1-Configuration-overview.html#g;
|
||||
s#/xwiki/bin/view/NG/RBAC#4.1-RBAC-model.html#g;
|
||||
s#/xwiki/bin/view/NG/ConfigParameterList#4.1-Configuration-parameter-list.html#g;
|
||||
|
|
|
@ -27,6 +27,7 @@ if ( $opts{help} ) {
|
|||
print "\t--ini,-i: path to lemonldap-ng.ini (if not stored in conf dir)\n";
|
||||
print "\t--preserve,-p: do not erase old files after import\n";
|
||||
print "\t--help,-h: show this message\n";
|
||||
print "\t--verbose,-v: let me tell you my life\n";
|
||||
exit 0;
|
||||
}
|
||||
|
||||
|
@ -36,18 +37,19 @@ my $old = {
|
|||
storage => $opts{storage} || $opts{dir} . "/storage.conf",
|
||||
apply => $opts{apply} || $opts{dir} . "/apply.conf",
|
||||
menuxml => $opts{menuxml} || $opts{dir} . "/apps-list.xml",
|
||||
menudtd => $opts{dir} . "/apps-list.dtd",
|
||||
};
|
||||
my $new = $opts{ini} || $opts{dir} . "/lemonldap-ng.ini";
|
||||
my $datas;
|
||||
|
||||
if ( $opts{verbose} ) {
|
||||
print "Using values:\n";
|
||||
print "\tdir: " . $opts{dir} . "\n";
|
||||
print "\tstorage: " . $opts{storage} . "\n";
|
||||
print "\tapply: " . $opts{apply} . "\n";
|
||||
print "\tstorage: " . $opts{menuxml} . "\n";
|
||||
print "\tini: " . $opts{ini} . "\n";
|
||||
print "\tpreserve: " . $opts{preserve} . "\n\n";
|
||||
print "\tMain configuration dir: " . $opts{dir} . "\n";
|
||||
print "\tFile storage: " . $old->{storage} . "\n";
|
||||
print "\tFile apply: " . $old->{apply} . "\n";
|
||||
print "\tFile menu: " . $old->{menuxml} . "\n";
|
||||
print "\tNew ini file: " . $new . "\n";
|
||||
print "\tPreserve: " . ($opts{preserve}?"yes":"no") . "\n\n";
|
||||
}
|
||||
|
||||
# Convert storage.conf
|
||||
|
@ -65,14 +67,14 @@ if ( -r $old->{storage} ) {
|
|||
print "\n" if $opts{verbose};
|
||||
}
|
||||
elsif ( $opts{die} ) {
|
||||
quit( 2, $old->{storage} . " is not readeable" );
|
||||
quit( 2, $old->{storage} . " is not readable" );
|
||||
}
|
||||
else {
|
||||
print STDERR $old->{storage} . " is not readeable\n";
|
||||
print STDERR $old->{storage} . " is not readable\n";
|
||||
}
|
||||
|
||||
# Convert apply.conf
|
||||
if ( -e $old->{apply} ) {
|
||||
if ( -r $old->{apply} ) {
|
||||
print "Parsing " . $old->{apply} . "\n" if $opts{verbose};
|
||||
open F, $old->{apply};
|
||||
while (<F>) {
|
||||
|
@ -85,9 +87,15 @@ if ( -e $old->{apply} ) {
|
|||
close F;
|
||||
print "\n" if $opts{verbose};
|
||||
}
|
||||
elsif ( $opts{die} ) {
|
||||
quit( 2, $old->{apply} . " is not readable" );
|
||||
}
|
||||
else {
|
||||
print STDERR $old->{apply} . " is not readable\n";
|
||||
}
|
||||
|
||||
# Convert apps-list.xml
|
||||
if ( -e $old->{menuxml} ) {
|
||||
if ( -r $old->{menuxml} ) {
|
||||
|
||||
print "Parsing " . $old->{menuxml} . "\n" if $opts{verbose};
|
||||
|
||||
|
@ -107,6 +115,12 @@ if ( -e $old->{menuxml} ) {
|
|||
$datas->{ +PORTALSECTION }->{applicationList} = $value;
|
||||
print "\tapplicationList: $value\n\n" if $opts{verbose};
|
||||
}
|
||||
elsif ( $opts{die} ) {
|
||||
quit( 2, $old->{menuxml} . " is not readable" );
|
||||
}
|
||||
else {
|
||||
print STDERR $old->{menuxml} . " is not readable\n";
|
||||
}
|
||||
|
||||
# Open ini configuration file
|
||||
my $conf;
|
||||
|
@ -145,7 +159,7 @@ else {
|
|||
"Unable to create $new:\n\t"
|
||||
. join( "\n\t", @Config::IniFiles::errors ) );
|
||||
unless ( $opts{preserve} ) {
|
||||
unlink $old->{storage}, $old->{apply}, $old->{menuxml};
|
||||
unlink $old->{storage}, $old->{apply}, $old->{menuxml}, $old->{menudtd};
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue