LL::NG portal provides SOAP end points for sessions management:
This session backend can be used to share sessions stored in a non-network backend (like file session backend) or in a network backend protected with a firewall that only accepts HTTP flows.
Most of the time, SOAP session backend is used by Handlers installed on external servers.
To configure it, SOAP session backend will be set trough Manager in global configuration (used by all Hanlders), and the real session backend will be configured for local components in lemonldap-ng.ini.
First, active SOAP in General parameters » Advanced parameters » SOAP.
Then, set Lemonldap::NG::Common::Apache::Session::SOAP in General parameters » Sessions » Session storage » Apache::Session module and add the following parameters (case sensitive):
| Paramètres exigés | ||
|---|---|---|
| Nom | Commentaire | Exemple |
| proxy | URL of sessions SOAP end point | http://auth.example.com/index.fcgi/sessions |
Sessions SOAP end points access must be allowed in Apache portal configuration (for example, access by IP range):
# SOAP functions for sessions management (disabled by default) <Location /index.fcgi/adminSessions> Require 192.168.2.0/24 </Location> # SOAP functions for sessions access (disabled by default) <Location /index.fcgi/sessions> Require 192.168.2.0/24 </Location>
Real session backend will be configured in lemonldap-ng.ini, in portal section (the portal hosts the SOAP service for sessions, and will do the link between SOAP requests and real sessions).
Par exemple, si les sessions réelels sont stockées dans des fichiers :
[portal] globalStorage = Apache::Session::File globalStorageOptions = { 'Directory' => '/var/lib/lemonldap-ng/sessions/', 'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/', }
globalStorage et globalStorageOptions dans la section all (et pas portal) de lemonldap-ng.ini.