diff --git a/Makefile b/Makefile index 2accba4ad..d02948cea 100644 --- a/Makefile +++ b/Makefile @@ -418,12 +418,12 @@ install_conf_dir: install_sessions_dir install_notif_dir install_captcha_dir cp -f $(SRCCOMMONDIR)/$(CONFFILENAME) $(RCONFDIR); \ $(PERL) -i -pe 's#^dirName\s*=\s*.*#dirName = $(FILECONFIGDIR)#g' $(RCONFDIR)/$(CONFFILENAME); \ fi - @cp _example/conf/lmConf-1 $(RFILECONFIGDIR) - @$(PERL) -000 -i -pe "s#^(globalStorageOptions\\n\\s+)'[^\\n]*?'\$$#\$${1}\'\\\$$data1 = {&39;Directory&39; => &39;$(APACHESESSIONFILEDIR)&39;,&39;LockDirectory&39; => &39;$(APACHESESSIONFILELOCKDIR)&39;};'#m" $(RFILECONFIGDIR)/lmConf-1 - @$(PERL) -000 -i -pe "s#^(persistentStorageOptions\\n\\s+)'[^\\n]*?'\$$#\$${1}\'\\\$$data1 = {&39;Directory&39; => &39;$(APACHEPSESSIONFILEDIR)&39;,&39;LockDirectory&39; => &39;$(APACHEPSESSIONFILELOCKDIR)&39;};'#m" $(RFILECONFIGDIR)/lmConf-1 + @cp _example/conf/lmConf-1.js $(RFILECONFIGDIR) + @$(PERL) -000 -i -pe "s#^(globalStorageOptions\\n\\s+)'[^\\n]*?'\$$#\$${1}\'\\\$$data1 = {&39;Directory&39; => &39;$(APACHESESSIONFILEDIR)&39;,&39;LockDirectory&39; => &39;$(APACHESESSIONFILELOCKDIR)&39;};'#m" $(RFILECONFIGDIR)/lmConf-1.js + @$(PERL) -000 -i -pe "s#^(persistentStorageOptions\\n\\s+)'[^\\n]*?'\$$#\$${1}\'\\\$$data1 = {&39;Directory&39; => &39;$(APACHEPSESSIONFILEDIR)&39;,&39;LockDirectory&39; => &39;$(APACHEPSESSIONFILELOCKDIR)&39;};'#m" $(RFILECONFIGDIR)/lmConf-1.js @$(PERL) -i -pe 's/__DNSDOMAIN__/$(DNSDOMAIN)/g;\ s#__SESSIONDIR__#$(APACHESESSIONFILEDIR)#g;\ - s#__NOTIFICATIONDIR__#$(APACHEFILENOTIFDIR)#g;' $(RFILECONFIGDIR)/lmConf-1 + s#__NOTIFICATIONDIR__#$(APACHEFILENOTIFDIR)#g;' $(RFILECONFIGDIR)/lmConf-1.js @if [ "$(APACHEUSER)" != "" ]; then \ chown $(APACHEUSER) $(RFILECONFIGDIR) || exit 1; \ if [ "$(APACHEGROUP)" != "" ]; then \ diff --git a/_example/conf/lmConf-1 b/_example/conf/lmConf-1 deleted file mode 100644 index bb444def0..000000000 --- a/_example/conf/lmConf-1 +++ /dev/null @@ -1,93 +0,0 @@ -applicationList - '$data1 = {'1sample' => { catname => 'Sample applications',type => 'category', 'test1' => { type => 'application', options => { name => 'Application Test 1', uri => 'http://test1.__DNSDOMAIN__/', description => 'A simple application displaying authenticated user', logo => 'demo.png', display => 'auto', }, },'test2' => { type => 'application', options => { name => 'Application Test 2', uri => 'http://test2.__DNSDOMAIN__/', description => 'The same simple application displaying authenticated user', logo => 'thumbnail.png', display => 'auto', }, }, },'2administration' => { catname => 'Administration', type => 'category', 'manager' => { type => 'application', options => { name => 'WebSSO Manager', uri => 'http://manager.__DNSDOMAIN__/manager.html', description => 'Configure LemonLDAP::NG WebSSO', logo => 'configure.png', display => 'auto', }, },'sessions' => { type => 'application', options => { name => 'Sessions explorer', uri => 'http://manager.__DNSDOMAIN__/sessions.html', description => 'Explore WebSSO sessions', logo => 'database.png', display => 'auto', }, }, 'notifications' => { type => 'application', options => { name => 'Notifications explorer', uri => 'http://manager.__DNSDOMAIN__/notifications.html', description => 'Explore WebSSO notifications', logo => 'database.png', display => 'auto', }, }, }, '3documentation' => { catname => 'Documentation', type => 'category', 'localdoc' => { type => 'application', options => { name => 'Local documentation', uri => 'http://manager.__DNSDOMAIN__/doc/', description => 'Documentation supplied with LemonLDAP::NG', logo => 'help.png', display => 'on', }, },'officialwebsite' => { type => 'application', options => { name => 'Offical Website', uri => 'http://lemonldap-ng.org/', description => 'Official LemonLDAP::NG Website', logo => 'network.png', display => 'on', }, }, }, }' - -globalStorage - 'Apache::Session::File' - -persistentStorage - 'Apache::Session::File' - -cookieName - 'lemonldap' - -demoExportedVars - '$data1 = {'uid' => 'uid','cn' => 'cn','mail' => 'mail'};' - -exportedVars - '$data1 = {'UA' => 'HTTP_USER_AGENT'};' - -authentication - 'Demo' - -userDB - 'Demo' - -passwordDB - 'Demo' - -locationRules - '$data1 = {'test2.__DNSDOMAIN__' => {'default' => 'accept','^/logout' => 'logout_sso'},'test1.__DNSDOMAIN__' => {'default' => 'accept','^/logout' => 'logout_sso'},'manager.__DNSDOMAIN__' => {'default' => '$uid eq "dwho"'}};' - -domain - '__DNSDOMAIN__' - -timeout - 72000 - -groups - '$data1 = {};' - -portal - 'http://auth.__DNSDOMAIN__/' - -portalSkinBackground - '1280px-Cedar_Breaks_National_Monument_partially.jpg' - -mailUrl - 'http://auth.__DNSDOMAIN__/mail.pl' - -registerUrl - 'http://auth.__DNSDOMAIN__/register.pl' - -exportedHeaders - '$data1 = {'test2.__DNSDOMAIN__' => {'Auth-User' => '$uid'},'test1.__DNSDOMAIN__' => {'Auth-User' => '$uid'}};' - -globalStorageOptions - '$data1 = {'Directory' => '__SESSIONDIR__','generateModule' => 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256'};' - -persistentStorageOptions - '$data1 = {'Directory' => '__PSESSIONDIR__'};' - -cfgNum - 1 - -cfgAuthor - 'The LemonLDAP::NG team' - -securedCookie - 0 - -macros - '$data1 = {'_whatToTrace' => '$_auth eq \'SAML\' ? "$_user\\@$_idpConfKey" : "$_user"'};' - -whatToTrace - '_whatToTrace' - -loginHistoryEnabled - 1 - -sessionDataToRemember - '$data1 = {};' - -reloadUrls - '$data1 = {'reload.__DNSDOMAIN__' => 'http://reload.__DNSDOMAIN__/reload'};' - -notification - 1 - -notificationStorage - 'File' - -notificationStorageOptions - '$data1 = {'dirName' => '__NOTIFICATIONDIR__'};' - diff --git a/_example/conf/lmConf-1.js b/_example/conf/lmConf-1.js new file mode 100644 index 000000000..75c48c050 --- /dev/null +++ b/_example/conf/lmConf-1.js @@ -0,0 +1,154 @@ +{ + "portal" : "http://auth.__DNSDOMAIN__/", + "persistentStorage" : "Apache::Session::File", + "portalSkinBackground" : "1280px-Cedar_Breaks_National_Monument_partially.jpg", + "globalStorageOptions" : { + "LockDirectory" : "__SESSIONDIR__/lock", + "Directory" : "__SESSIONDIR__", + "generateModule" : "Lemonldap::NG::Common::Apache::Session::Generate::SHA256" + }, + "passwordDB" : "Demo", + "locationRules" : { + "test2.__DNSDOMAIN__" : { + "default" : "accept", + "^/logout" : "logout_sso" + }, + "manager.__DNSDOMAIN__" : { + "default" : "$uid eq \"dwho\"" + }, + "test1.__DNSDOMAIN__" : { + "^/logout" : "logout_sso", + "default" : "accept" + } + }, + "cfgNum" : "1", + "exportedVars" : { + "UA" : "HTTP_USER_AGENT" + }, + "authentication" : "Demo", + "mailUrl" : "http://auth.__DNSDOMAIN__/mail.pl", + "applicationList" : { + "1sample" : { + "catname" : "Sample applications", + "test2" : { + "options" : { + "uri" : "http://test2.__DNSDOMAIN__/", + "display" : "auto", + "name" : "Application Test 2", + "description" : "The same simple application displaying authenticated user", + "logo" : "thumbnail.png" + }, + "type" : "application" + }, + "test1" : { + "options" : { + "logo" : "demo.png", + "description" : "A simple application displaying authenticated user", + "name" : "Application Test 1", + "uri" : "http://test1.__DNSDOMAIN__/", + "display" : "auto" + }, + "type" : "application" + }, + "type" : "category" + }, + "3documentation" : { + "officialwebsite" : { + "type" : "application", + "options" : { + "logo" : "network.png", + "display" : "on", + "uri" : "http://lemonldap-ng.org/", + "description" : "Official LemonLDAP::NG Website", + "name" : "Offical Website" + } + }, + "localdoc" : { + "options" : { + "logo" : "help.png", + "uri" : "http://manager.__DNSDOMAIN__/doc/", + "display" : "on", + "name" : "Local documentation", + "description" : "Documentation supplied with LemonLDAP::NG" + }, + "type" : "application" + }, + "type" : "category", + "catname" : "Documentation" + }, + "2administration" : { + "type" : "category", + "manager" : { + "options" : { + "logo" : "configure.png", + "uri" : "http://manager.__DNSDOMAIN__/manager.html", + "display" : "auto", + "name" : "WebSSO Manager", + "description" : "Configure LemonLDAP::NG WebSSO" + }, + "type" : "application" + }, + "sessions" : { + "type" : "application", + "options" : { + "logo" : "database.png", + "uri" : "http://manager.__DNSDOMAIN__/sessions.html", + "display" : "auto", + "description" : "Explore WebSSO sessions", + "name" : "Sessions explorer" + } + }, + "catname" : "Administration", + "notifications" : { + "type" : "application", + "options" : { + "logo" : "database.png", + "uri" : "http://manager.__DNSDOMAIN__/notifications.html", + "display" : "auto", + "description" : "Explore WebSSO notifications", + "name" : "Notifications explorer" + } + } + } + }, + "notificationStorage" : "File", + "cfgAuthor" : "The LemonLDAP::NG team", + "sessionDataToRemember" : {}, + "notification" : 1, + "persistentStorageOptions" : { + "Directory" : "__PSESSIONDIR__", + "LockDirectory" : "__PSESSIONDIR__/lock" + }, + "domain" : "__DNSDOMAIN__", + "notificationStorageOptions" : { + "dirName" : "__NOTIFICATIONDIR__" + }, + "reloadUrls" : { + "reload.__DNSDOMAIN__" : "http://reload.__DNSDOMAIN__/reload" + }, + "cookieName" : "lemonldap", + "securedCookie" : 0, + "whatToTrace" : "_whatToTrace", + "groups" : {}, + "macros" : { + "_whatToTrace" : "$_auth eq 'SAML' ? \"$_user\\@$_idpConfKey\" : \"$_user\"" + }, + "timeout" : 72000, + "demoExportedVars" : { + "uid" : "uid", + "cn" : "cn", + "mail" : "mail" + }, + "userDB" : "Demo", + "exportedHeaders" : { + "test1.__DNSDOMAIN__" : { + "Auth-User" : "$uid" + }, + "test2.__DNSDOMAIN__" : { + "Auth-User" : "$uid" + } + }, + "loginHistoryEnabled" : 1, + "registerUrl" : "http://auth.__DNSDOMAIN__/register.pl", + "globalStorage" : "Apache::Session::File" +} diff --git a/debian/README.Debian b/debian/README.Debian index ea004ab16..0503701be 100644 --- a/debian/README.Debian +++ b/debian/README.Debian @@ -7,7 +7,7 @@ By default, DNS domain is example.com. You can change using dpkg-reconfigure or with a quick sed command. For example, we change it to ow2.org: sed -i 's/example\.com/ow2.org/g' /etc/lemonldap-ng/* \ - /var/lib/lemonldap-ng/conf/lmConf-1 /var/lib/lemonldap-ng/test/index.pl + /var/lib/lemonldap-ng/conf/lmConf-1.js /var/lib/lemonldap-ng/test/index.pl 2 - Enable LL::NG sites in Apache --------------------------------- diff --git a/debian/liblemonldap-ng-common-perl.lintian-overrides b/debian/liblemonldap-ng-common-perl.lintian-overrides index 196cd02c6..042f46fc2 100644 --- a/debian/liblemonldap-ng-common-perl.lintian-overrides +++ b/debian/liblemonldap-ng-common-perl.lintian-overrides @@ -6,7 +6,7 @@ liblemonldap-ng-common-perl: non-standard-file-perm etc/lemonldap-ng/lemonldap-n liblemonldap-ng-common-perl: non-standard-dir-perm var/lib/lemonldap-ng/conf/ 0750 != 0755 # If file storage is used for configuration, later configuration files will be # in 0640 mode. So the first is adjusted so -liblemonldap-ng-common-perl: non-standard-file-perm var/lib/lemonldap-ng/conf/lmConf-1 0640 != 0644 +liblemonldap-ng-common-perl: non-standard-file-perm var/lib/lemonldap-ng/conf/lmConf-1.js 0640 != 0644 # If file storage is used for sessions, user passord may be stored in this # directory, so it must not be readable by all but must be writable by www-data liblemonldap-ng-common-perl: non-standard-dir-perm var/lib/lemonldap-ng/sessions/ 0770 != 0755 diff --git a/debian/liblemonldap-ng-common-perl.postinst b/debian/liblemonldap-ng-common-perl.postinst index ce3d10215..b4755f782 100755 --- a/debian/liblemonldap-ng-common-perl.postinst +++ b/debian/liblemonldap-ng-common-perl.postinst @@ -7,7 +7,7 @@ set -e CONFDIR=/etc/lemonldap-ng SESSIONSDIR=/var/lib/lemonldap-ng/sessions CONFSTORAGEDIR=/var/lib/lemonldap-ng/conf -FIRSTCONFFILE=$CONFSTORAGEDIR/lmConf-1 +FIRSTCONFFILE=$CONFSTORAGEDIR/lmConf-1.js LMINIFILE=/etc/lemonldap-ng/lemonldap-ng.ini MIGRATION=/usr/share/lemonldap-ng/bin/lmMigrateConfFiles2ini diff --git a/debian/rules b/debian/rules index 7eb846c44..63cfa5967 100755 --- a/debian/rules +++ b/debian/rules @@ -12,7 +12,7 @@ SESSIONSDIR=$(LMVARDIR)/sessions PSESSIONSDIR=$(LMVARDIR)/psessions NOTIFICATIONSDIR=$(LMVARDIR)/notifications CONFSTORAGEDIR=$(LMVARDIR)/conf -FIRSTCONFFILE=$(CONFSTORAGEDIR)/lmConf-1 +FIRSTCONFFILE=$(CONFSTORAGEDIR)/lmConf-1.js LMINIFILE=$(CONFDIR)/lemonldap-ng.ini CAPTCHADIR=$(LMVARDIR)/captcha diff --git a/rpm/lemonldap-ng.spec b/rpm/lemonldap-ng.spec index 37c4f26ed..d373dba4f 100644 --- a/rpm/lemonldap-ng.spec +++ b/rpm/lemonldap-ng.spec @@ -489,7 +489,7 @@ rm -rf %{buildroot} %dir %{lm_vardir}/psessions/lock %dir %{lm_vardir}/notifications %defattr(640,%{lm_apacheuser},%{lm_apachegroup},-) -%config(noreplace) %{lm_vardir}/conf/lmConf-1 +%config(noreplace) %{lm_vardir}/conf/lmConf-1.js %files -n lemonldap-ng-doc %defattr(-,root,root,-)