New dependencies and documentation update

build/lemonldap-ng/debian/control

@@ -4,7 +4,7 @@ Priority: extra
 Maintainer: Xavier Guimard <x.guimard@free.fr>
 DM-Upload-Allowed: yes
 Build-Depends: debhelper (>= 4.1.16), po-debconf
-Build-Depends-Indep:libapache-session-perl, libnet-ldap-perl, libdbi-perl, libwww-perl, libcache-cache-perl, libxml-simple-perl, libcgi-session-perl, libcrypt-rijndael-perl, libxml-libxslt-perl, libio-string-perl, libregexp-assemble-perl, liburi-perl
+Build-Depends-Indep:libapache-session-perl, libnet-ldap-perl, libdbi-perl, libwww-perl, libcache-cache-perl, libxml-simple-perl, libcgi-session-perl, libcrypt-rijndael-perl, libxml-libxslt-perl, libio-string-perl, libregexp-assemble-perl, liburi-perl, libstring-random-perl
 Standards-Version: 3.8.0
 
 Package: lemonldap-ng
@@ -42,7 +42,7 @@ Package: liblemonldap-ng-conf-perl
 Architecture: all
 Depends: ${misc:Depends}, libdbi-perl, debconf, libcache-cache-perl, libregexp-assemble-perl, libcrypt-rijndael-perl
 Recommends: libsoap-lite-perl
-Description: Lemonldap::NG Apache administration interface part
+Description: Lemonldap::NG administration interface part
  Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
  or directly on application Apache servers.
  .
@@ -53,7 +53,7 @@ Package: liblemonldap-ng-manager-perl
 Architecture: all
 Depends: ${misc:Depends}, libxml-simple-perl, liblemonldap-ng-conf-perl (= ${binary:Version}), libjs-jquery, liblemonldap-ng-handler-perl (= ${binary:Version})
 Recommends: libcache-cache-perl, libapache-session-perl, libsoap-lite-perl
-Description: Lemonldap::NG Apache manager part
+Description: Lemonldap::NG manager part
  Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
  or directly on application Apache servers.
  .
@@ -61,9 +61,9 @@ Description: Lemonldap::NG Apache manager part
 
 Package: liblemonldap-ng-portal-perl
 Architecture: all
-Depends: ${misc:Depends}, libapache-session-perl, libnet-ldap-perl, liblemonldap-ng-conf-perl (= ${binary:Version}), libhtml-template-perl, libjs-jquery, liblemonldap-ng-handler-perl (= ${binary:Version}), libxml-libxml-perl, libxml-libxslt-perl
+Depends: ${misc:Depends}, libapache-session-perl, libnet-ldap-perl, liblemonldap-ng-conf-perl (= ${binary:Version}), libhtml-template-perl, libjs-jquery, liblemonldap-ng-handler-perl (= ${binary:Version}), libxml-libxml-perl, libxml-libxslt-perl, libstring-random-perl
 Suggests: liblasso-perl, libcgi-session-perl, slapd
-Description: Lemonldap::NG Apache authentication portal part
+Description: Lemonldap::NG authentication portal part
  Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
  or directly on application Apache servers.
  .

build/lemonldap-ng/doc/4.1-Configuration-parameter-list.html

@@ -730,16 +730,6 @@ level1Key => { level2Key => 'value' },
       </tr>
 
       <tr class="table-even">
-        <td>Groups base</td>
-
-        <td>ldapGroupBase</td>
-
-        <td>0</td>
-
-        <td>Yes</td>
-      </tr>
-
-      <tr class="table-odd">
         <td>Main search filter</td>
 
         <td>LDAPFilter</td>
@@ -749,7 +739,7 @@ level1Key =&gt; { level2Key =&gt; 'value' },
         <td>No</td>
       </tr>
 
-      <tr class="table-even">
+      <tr class="table-odd">
         <td>Authentication search filter</td>
 
         <td>AuthLDAPFilter</td>
@@ -759,7 +749,7 @@ level1Key =&gt; { level2Key =&gt; 'value' },
         <td>No</td>
       </tr>
 
-      <tr class="table-odd">
+      <tr class="table-even">
         <td>Mail search filter</td>
 
         <td>mailLDAPFilter</td>
@@ -769,7 +759,7 @@ level1Key =&gt; { level2Key =&gt; 'value' },
         <td>No</td>
       </tr>
 
-      <tr class="table-even">
+      <tr class="table-odd">
         <td>Password policy control</td>
 
         <td>ldapPpolicyControl</td>
@@ -779,7 +769,7 @@ level1Key =&gt; { level2Key =&gt; 'value' },
         <td>No</td>
       </tr>
 
-      <tr class="table-odd">
+      <tr class="table-even">
         <td>Extended SetPassword modify</td>
 
         <td>ldapSetPassword</td>
@@ -788,6 +778,56 @@ level1Key =&gt; { level2Key =&gt; 'value' },
 
         <td>No</td>
       </tr>
+
+      <tr class="table-odd">
+        <td>Groups base</td>
+
+        <td>ldapGroupBase</td>
+
+        <td>0.8</td>
+
+        <td>No</td>
+      </tr>
+
+      <tr class="table-even">
+        <td>Groups objectClass</td>
+
+        <td>ldapGroupObjectClass</td>
+
+        <td>0.9.4</td>
+
+        <td>No</td>
+      </tr>
+
+      <tr class="table-odd">
+        <td>Groups member attribute</td>
+
+        <td>ldapGroupAttributeName</td>
+
+        <td>0.9.4</td>
+
+        <td>No</td>
+      </tr>
+
+      <tr class="table-even">
+        <td>Groups member link value</td>
+
+        <td>ldapGroupAttributeNameUser</td>
+
+        <td>0.9.4</td>
+
+        <td>No</td>
+      </tr>
+
+      <tr class="table-odd">
+        <td>Groups name attribute</td>
+
+        <td>ldapGroupAttributeNameSearch</td>
+
+        <td>0.9.4</td>
+
+        <td>No</td>
+      </tr>
     </table>
 
     <h4 class="heading-1-1-1"><span id="HSSL">SSL</span></h4><br />

build/lemonldap-ng/doc/4.3-SOAP-configuration-backend.html

@@ -59,6 +59,10 @@
     <h2 class="heading-1"><span id="HSOAPconfigurationbackend">SOAP
     configuration backend</span></h2>
 
+    <p class="paragraph"></p>This documentation is available only for version
+    0.9.4 and later. For earlier versions, see the documentation in the source
+    tree.
+
     <p class="paragraph"></p>
 
     <ul>
@@ -127,14 +131,14 @@ SOAP =&gt; 1,
     <div class="code">
       <pre>
 type = SOAP
+proxy = <span class="nobr"><a href=
+"http://auth.example.com/index.pl/config">http://auth.example.com/index.pl/config</a></span>
 </pre>
-    </div><br />
-    <br />
-    It will automatically send SOAP request to portal URL, for example
-    <span class="nobr"><a href=
-    "http://auth.example.com/index.pl/config">http://auth.example.com/index.pl/config</a></span><br />
+    </div>
 
-    <br />
+    <p class="paragraph"></p>It will send SOAP request to proxy URL.
+
+    <p class="paragraph"></p>
   </div>
 
   <p class="footer"><a href="index.html">Index</a></p>

build/lemonldap-ng/doc/4.4-SOAP-session-backend.html

@@ -58,6 +58,10 @@
     <h2 class="heading-1"><span id="HSOAPSessionbackend">SOAP Session
     backend</span></h2>
 
+    <p class="paragraph"></p>This documentation is available only for version
+    0.9.4 and later. For earlier versions, see the documentation in the source
+    tree.
+
     <p class="paragraph"></p>
 
     <ul>
@@ -140,9 +144,16 @@ Lemonldap::NG::Common::Apache::Session::SOAP
 </pre>
     </div><br />
     <br />
-    No other parameters needed. It will automatically send SOAP request to
-    portal URL, for example <span class="nobr"><a href=
-    "http://auth.example.com/index.pl/sessions">http://auth.example.com/index.pl/sessions</a></span>
+    Set also this Session Storage option:
+
+    <div class="code">
+      <pre>
+proxy =&gt; 'http://auth.example.com/index.pl/sessions'
+</pre>
+    </div><br />
+    <br />
+    No other parameters needed. It will send SOAP request to configured proxy
+    URL.
   </div>
 
   <p class="footer"><a href="index.html">Index</a></p>

build/lemonldap-ng/doc/4.6-LDAP-user-backend.html

@@ -101,35 +101,57 @@ userDB => LDAP,
 
     <h3 class="heading-1-1"><span id="HGroups">Groups</span></h3><br />
     <br />
-    You can set the search base of your groups branch. LemonLDAP::NG will find
-    all groups containing the authenticated user as a member. The filter used
-    is:
-
-    <div class="code">
-      <pre>
-(|(member=<span class=
-"java-quote">" . $self-&gt;{dn} . "</span>)(uniqueMember=<span class=
-"java-quote">" . $self-&gt;{dn} . "</span>))
-</pre>
-    </div><br />
+    LemonLDAP::NG can browse the directory and find the groups containing the
+    authenticated user as a member.<br />
     <br />
-    Just set the ldapGroupBase parameter:
+    Parameters are:
+
+    <ul class="star">
+      <li>ldapGroupBase: DN of groups branch (can be the suffix)</li>
+
+      <li>ldapGroupObjectClass: objectClass of the groups</li>
+
+      <li>ldapGroupAttributeName: name of the attribute in the groups storing
+      the link to the user</li>
+
+      <li>ldapGroupAttributeNameUser: name of the attribute in users entries
+      used in the link</li>
+
+      <li>ldapGroupAttributeNameSearch: name(s) of the attribute storing the
+      name of the group (this should be a list reference)</li>
+    </ul>You can edit portal/index.pl to modify the values, for example:
 
     <div class="code">
       <pre>
 ldapGroupBase =&gt; 'ou=groups,dc=example,dc=com',
+ldapGroupObjectClass =&gt; 'groupOfUniqueNames',
+ldapGroupAttributeName =&gt; 'uniqueMember',
+ldapGroupAttributeNameUser =&gt; 'dn',
+ldapGroupAttributeNameSearch =&gt; '[<span class="java-quote">"cn"</span>]',
 </pre>
     </div>
 
     <h3 class="heading-1-1"><span id="HActiveDirectory">Active
-    Directory</span></h3><br />
-    <br />
-    As for LDAP authentication, just modify LDAPfitler:<br />
-    <br />
+    Directory</span></h3>
+
+    <p class="paragraph"></p>As for LDAP authentication, just modify
+    LDAPfitler:
 
     <div class="code">
       <pre>
-LDAPFilter =&gt; '(&amp;(sAMAccountName=$user)(ojectClass=person))',
+LDAPFilter =&gt; '(&amp;(sAMAccountName=$user)(objectClass=user))',
+</pre>
+    </div><br />
+    <br />
+    And for groups:
+
+    <div class="code">
+      <pre>
+ldapGroupBase =&gt; 'ou=groups,dc=example,dc=com',
+ldapGroupObjectClass =&gt; 'group',
+ldapGroupAttributeName =&gt; 'member',
+ldapGroupAttributeNameUser =&gt; 'dn',
+ldapGroupAttributeNameSearch =&gt; '[<span class="java-quote">"cn"</span>]',
 </pre>
     </div>