New dependencies and documentation update
This commit is contained in:
parent
81950e0b52
commit
f6a645352b
|
@ -4,7 +4,7 @@ Priority: extra
|
|||
Maintainer: Xavier Guimard <x.guimard@free.fr>
|
||||
DM-Upload-Allowed: yes
|
||||
Build-Depends: debhelper (>= 4.1.16), po-debconf
|
||||
Build-Depends-Indep:libapache-session-perl, libnet-ldap-perl, libdbi-perl, libwww-perl, libcache-cache-perl, libxml-simple-perl, libcgi-session-perl, libcrypt-rijndael-perl, libxml-libxslt-perl, libio-string-perl, libregexp-assemble-perl, liburi-perl
|
||||
Build-Depends-Indep:libapache-session-perl, libnet-ldap-perl, libdbi-perl, libwww-perl, libcache-cache-perl, libxml-simple-perl, libcgi-session-perl, libcrypt-rijndael-perl, libxml-libxslt-perl, libio-string-perl, libregexp-assemble-perl, liburi-perl, libstring-random-perl
|
||||
Standards-Version: 3.8.0
|
||||
|
||||
Package: lemonldap-ng
|
||||
|
@ -42,7 +42,7 @@ Package: liblemonldap-ng-conf-perl
|
|||
Architecture: all
|
||||
Depends: ${misc:Depends}, libdbi-perl, debconf, libcache-cache-perl, libregexp-assemble-perl, libcrypt-rijndael-perl
|
||||
Recommends: libsoap-lite-perl
|
||||
Description: Lemonldap::NG Apache administration interface part
|
||||
Description: Lemonldap::NG administration interface part
|
||||
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
|
||||
or directly on application Apache servers.
|
||||
.
|
||||
|
@ -53,7 +53,7 @@ Package: liblemonldap-ng-manager-perl
|
|||
Architecture: all
|
||||
Depends: ${misc:Depends}, libxml-simple-perl, liblemonldap-ng-conf-perl (= ${binary:Version}), libjs-jquery, liblemonldap-ng-handler-perl (= ${binary:Version})
|
||||
Recommends: libcache-cache-perl, libapache-session-perl, libsoap-lite-perl
|
||||
Description: Lemonldap::NG Apache manager part
|
||||
Description: Lemonldap::NG manager part
|
||||
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
|
||||
or directly on application Apache servers.
|
||||
.
|
||||
|
@ -61,9 +61,9 @@ Description: Lemonldap::NG Apache manager part
|
|||
|
||||
Package: liblemonldap-ng-portal-perl
|
||||
Architecture: all
|
||||
Depends: ${misc:Depends}, libapache-session-perl, libnet-ldap-perl, liblemonldap-ng-conf-perl (= ${binary:Version}), libhtml-template-perl, libjs-jquery, liblemonldap-ng-handler-perl (= ${binary:Version}), libxml-libxml-perl, libxml-libxslt-perl
|
||||
Depends: ${misc:Depends}, libapache-session-perl, libnet-ldap-perl, liblemonldap-ng-conf-perl (= ${binary:Version}), libhtml-template-perl, libjs-jquery, liblemonldap-ng-handler-perl (= ${binary:Version}), libxml-libxml-perl, libxml-libxslt-perl, libstring-random-perl
|
||||
Suggests: liblasso-perl, libcgi-session-perl, slapd
|
||||
Description: Lemonldap::NG Apache authentication portal part
|
||||
Description: Lemonldap::NG authentication portal part
|
||||
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
|
||||
or directly on application Apache servers.
|
||||
.
|
||||
|
|
|
@ -730,16 +730,6 @@ level1Key => { level2Key => 'value' },
|
|||
</tr>
|
||||
|
||||
<tr class="table-even">
|
||||
<td>Groups base</td>
|
||||
|
||||
<td>ldapGroupBase</td>
|
||||
|
||||
<td>0</td>
|
||||
|
||||
<td>Yes</td>
|
||||
</tr>
|
||||
|
||||
<tr class="table-odd">
|
||||
<td>Main search filter</td>
|
||||
|
||||
<td>LDAPFilter</td>
|
||||
|
@ -749,7 +739,7 @@ level1Key => { level2Key => 'value' },
|
|||
<td>No</td>
|
||||
</tr>
|
||||
|
||||
<tr class="table-even">
|
||||
<tr class="table-odd">
|
||||
<td>Authentication search filter</td>
|
||||
|
||||
<td>AuthLDAPFilter</td>
|
||||
|
@ -759,7 +749,7 @@ level1Key => { level2Key => 'value' },
|
|||
<td>No</td>
|
||||
</tr>
|
||||
|
||||
<tr class="table-odd">
|
||||
<tr class="table-even">
|
||||
<td>Mail search filter</td>
|
||||
|
||||
<td>mailLDAPFilter</td>
|
||||
|
@ -769,7 +759,7 @@ level1Key => { level2Key => 'value' },
|
|||
<td>No</td>
|
||||
</tr>
|
||||
|
||||
<tr class="table-even">
|
||||
<tr class="table-odd">
|
||||
<td>Password policy control</td>
|
||||
|
||||
<td>ldapPpolicyControl</td>
|
||||
|
@ -779,7 +769,7 @@ level1Key => { level2Key => 'value' },
|
|||
<td>No</td>
|
||||
</tr>
|
||||
|
||||
<tr class="table-odd">
|
||||
<tr class="table-even">
|
||||
<td>Extended SetPassword modify</td>
|
||||
|
||||
<td>ldapSetPassword</td>
|
||||
|
@ -788,6 +778,56 @@ level1Key => { level2Key => 'value' },
|
|||
|
||||
<td>No</td>
|
||||
</tr>
|
||||
|
||||
<tr class="table-odd">
|
||||
<td>Groups base</td>
|
||||
|
||||
<td>ldapGroupBase</td>
|
||||
|
||||
<td>0.8</td>
|
||||
|
||||
<td>No</td>
|
||||
</tr>
|
||||
|
||||
<tr class="table-even">
|
||||
<td>Groups objectClass</td>
|
||||
|
||||
<td>ldapGroupObjectClass</td>
|
||||
|
||||
<td>0.9.4</td>
|
||||
|
||||
<td>No</td>
|
||||
</tr>
|
||||
|
||||
<tr class="table-odd">
|
||||
<td>Groups member attribute</td>
|
||||
|
||||
<td>ldapGroupAttributeName</td>
|
||||
|
||||
<td>0.9.4</td>
|
||||
|
||||
<td>No</td>
|
||||
</tr>
|
||||
|
||||
<tr class="table-even">
|
||||
<td>Groups member link value</td>
|
||||
|
||||
<td>ldapGroupAttributeNameUser</td>
|
||||
|
||||
<td>0.9.4</td>
|
||||
|
||||
<td>No</td>
|
||||
</tr>
|
||||
|
||||
<tr class="table-odd">
|
||||
<td>Groups name attribute</td>
|
||||
|
||||
<td>ldapGroupAttributeNameSearch</td>
|
||||
|
||||
<td>0.9.4</td>
|
||||
|
||||
<td>No</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
<h4 class="heading-1-1-1"><span id="HSSL">SSL</span></h4><br />
|
||||
|
|
|
@ -59,6 +59,10 @@
|
|||
<h2 class="heading-1"><span id="HSOAPconfigurationbackend">SOAP
|
||||
configuration backend</span></h2>
|
||||
|
||||
<p class="paragraph"></p>This documentation is available only for version
|
||||
0.9.4 and later. For earlier versions, see the documentation in the source
|
||||
tree.
|
||||
|
||||
<p class="paragraph"></p>
|
||||
|
||||
<ul>
|
||||
|
@ -127,14 +131,14 @@ SOAP => 1,
|
|||
<div class="code">
|
||||
<pre>
|
||||
type = SOAP
|
||||
proxy = <span class="nobr"><a href=
|
||||
"http://auth.example.com/index.pl/config">http://auth.example.com/index.pl/config</a></span>
|
||||
</pre>
|
||||
</div><br />
|
||||
<br />
|
||||
It will automatically send SOAP request to portal URL, for example
|
||||
<span class="nobr"><a href=
|
||||
"http://auth.example.com/index.pl/config">http://auth.example.com/index.pl/config</a></span><br />
|
||||
</div>
|
||||
|
||||
<br />
|
||||
<p class="paragraph"></p>It will send SOAP request to proxy URL.
|
||||
|
||||
<p class="paragraph"></p>
|
||||
</div>
|
||||
|
||||
<p class="footer"><a href="index.html">Index</a></p>
|
||||
|
|
|
@ -58,6 +58,10 @@
|
|||
<h2 class="heading-1"><span id="HSOAPSessionbackend">SOAP Session
|
||||
backend</span></h2>
|
||||
|
||||
<p class="paragraph"></p>This documentation is available only for version
|
||||
0.9.4 and later. For earlier versions, see the documentation in the source
|
||||
tree.
|
||||
|
||||
<p class="paragraph"></p>
|
||||
|
||||
<ul>
|
||||
|
@ -140,9 +144,16 @@ Lemonldap::NG::Common::Apache::Session::SOAP
|
|||
</pre>
|
||||
</div><br />
|
||||
<br />
|
||||
No other parameters needed. It will automatically send SOAP request to
|
||||
portal URL, for example <span class="nobr"><a href=
|
||||
"http://auth.example.com/index.pl/sessions">http://auth.example.com/index.pl/sessions</a></span>
|
||||
Set also this Session Storage option:
|
||||
|
||||
<div class="code">
|
||||
<pre>
|
||||
proxy => 'http://auth.example.com/index.pl/sessions'
|
||||
</pre>
|
||||
</div><br />
|
||||
<br />
|
||||
No other parameters needed. It will send SOAP request to configured proxy
|
||||
URL.
|
||||
</div>
|
||||
|
||||
<p class="footer"><a href="index.html">Index</a></p>
|
||||
|
|
|
@ -101,35 +101,57 @@ userDB => LDAP,
|
|||
|
||||
<h3 class="heading-1-1"><span id="HGroups">Groups</span></h3><br />
|
||||
<br />
|
||||
You can set the search base of your groups branch. LemonLDAP::NG will find
|
||||
all groups containing the authenticated user as a member. The filter used
|
||||
is:
|
||||
|
||||
<div class="code">
|
||||
<pre>
|
||||
(|(member=<span class=
|
||||
"java-quote">" . $self->{dn} . "</span>)(uniqueMember=<span class=
|
||||
"java-quote">" . $self->{dn} . "</span>))
|
||||
</pre>
|
||||
</div><br />
|
||||
LemonLDAP::NG can browse the directory and find the groups containing the
|
||||
authenticated user as a member.<br />
|
||||
<br />
|
||||
Just set the ldapGroupBase parameter:
|
||||
Parameters are:
|
||||
|
||||
<ul class="star">
|
||||
<li>ldapGroupBase: DN of groups branch (can be the suffix)</li>
|
||||
|
||||
<li>ldapGroupObjectClass: objectClass of the groups</li>
|
||||
|
||||
<li>ldapGroupAttributeName: name of the attribute in the groups storing
|
||||
the link to the user</li>
|
||||
|
||||
<li>ldapGroupAttributeNameUser: name of the attribute in users entries
|
||||
used in the link</li>
|
||||
|
||||
<li>ldapGroupAttributeNameSearch: name(s) of the attribute storing the
|
||||
name of the group (this should be a list reference)</li>
|
||||
</ul>You can edit portal/index.pl to modify the values, for example:
|
||||
|
||||
<div class="code">
|
||||
<pre>
|
||||
ldapGroupBase => 'ou=groups,dc=example,dc=com',
|
||||
ldapGroupObjectClass => 'groupOfUniqueNames',
|
||||
ldapGroupAttributeName => 'uniqueMember',
|
||||
ldapGroupAttributeNameUser => 'dn',
|
||||
ldapGroupAttributeNameSearch => '[<span class="java-quote">"cn"</span>]',
|
||||
</pre>
|
||||
</div>
|
||||
|
||||
<h3 class="heading-1-1"><span id="HActiveDirectory">Active
|
||||
Directory</span></h3><br />
|
||||
<br />
|
||||
As for LDAP authentication, just modify LDAPfitler:<br />
|
||||
<br />
|
||||
Directory</span></h3>
|
||||
|
||||
<p class="paragraph"></p>As for LDAP authentication, just modify
|
||||
LDAPfitler:
|
||||
|
||||
<div class="code">
|
||||
<pre>
|
||||
LDAPFilter => '(&(sAMAccountName=$user)(ojectClass=person))',
|
||||
LDAPFilter => '(&(sAMAccountName=$user)(objectClass=user))',
|
||||
</pre>
|
||||
</div><br />
|
||||
<br />
|
||||
And for groups:
|
||||
|
||||
<div class="code">
|
||||
<pre>
|
||||
ldapGroupBase => 'ou=groups,dc=example,dc=com',
|
||||
ldapGroupObjectClass => 'group',
|
||||
ldapGroupAttributeName => 'member',
|
||||
ldapGroupAttributeNameUser => 'dn',
|
||||
ldapGroupAttributeNameSearch => '[<span class="java-quote">"cn"</span>]',
|
||||
</pre>
|
||||
</div>
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user