Upgrade from 1.9 to 2.0
2.0 is a major release, many things have been changed. You must read this document before upgrade.
Configuration
User module in authentication parameters now provides a “Same as authentication” value. You must revalidate it in the manager since all special values must be replaced by this
(Multi, Choice, Proxy, Slave, SAML, OpenID*,…)
“Multi” doesn't exist anymore: it is replaced by the more powerful
Combination
Apache-ModPerl is no longer usable since version 2.4
(many segfaults,…). LLNG doesn't use anymore ModPerl::Registry: all is now handle by FastCGI
(portal and manager).
For handlers, it is now recommended to migrate to Nginx !
Security
LLNG portal now embeds the following features:
CSRF protection
(Cross-Site Request Forgery): a token is build for each form. To disable it, set requireToken to 0
(portal security parameters in the manager)
Content-Security-Policy header: portal build dynamically this header. You can modify default values in the manager
(Général parameters » Advanced parameters » Security » Content-Security-Policy)
Supported servers
SOAP/REST services
SOAP server activation is now split in 2 parameters (configuration/sessions). You must set them else SOAP service will be disabled
If you use “adminSessions” endpoint with “singleSession*” features, you must upgrade all portals in the same time
SOAP services can be replaced by new REST services
Developer corner
APIs
Portal has now many REST features and includes a plugin API. See Portal manpages to see how to write auth modules, issuers or other feature.
Portal overview
Portal is no more a big CGI object. it is written for Plack/PSGI. Little resume
Portal object
|
+-> auth module
|
+-> userDB module
|
+-> issuer modules
|
+-> other plugins (notification,...)
The request is a separated object based on Lemonldap::NG::Portal::Main::Request which inherits from Lemonldap::NG::Common::PSGI::Request which inherits from Plack::Request. See manpages for more.
Handler
Handler libraries have been changed another time. Inheritance is back (like 1.3.3). We are sorry for this new inconvenience.