173 lines
5.6 KiB
HTML
173 lines
5.6 KiB
HTML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
|
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
|
|
|
<html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr">
|
|
<head>
|
|
<meta name="generator" content=
|
|
"HTML Tidy for Linux/x86 (vers 1 September 2005), see www.w3.org" />
|
|
|
|
<title>FAQ LEMONLDAP::NG</title>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
|
|
</head>
|
|
|
|
<body>
|
|
<div class="main-content">
|
|
<h2 class="heading-1"><span id="HEXAMPLEINSTALLATION">EXAMPLE
|
|
INSTALLATION</span></h2>
|
|
|
|
<p class="paragraph"></p>
|
|
|
|
<ul>
|
|
<li>
|
|
<a href="#HPREREQ">PREREQ</a>
|
|
|
|
<ul>
|
|
<li><a href="#HSoftware">Software</a></li>
|
|
|
|
<li><a href="#HNeededPerlmodules">Needed Perl modules</a></li>
|
|
</ul>
|
|
</li>
|
|
|
|
<li>
|
|
<a href="#HBUILDING">BUILDING</a>
|
|
|
|
<ul>
|
|
<li><a href="#HCompleteinstall">Complete install</a></li>
|
|
|
|
<li><a href="#HDebianinstall">Debian install</a></li>
|
|
</ul>
|
|
</li>
|
|
|
|
<li><a href="#HEXAMPLECONFIGURATION">EXAMPLE CONFIGURATION</a></li>
|
|
</ul>The proposed example use a protected site named test.example.com. Non
|
|
authenticated users are redirected to auth.example.com.
|
|
|
|
<h3 class="heading-1-1"><span id="HPREREQ">PREREQ</span></h3>
|
|
|
|
<h4 class="heading-1-1-1"><span id="HSoftware">Software</span></h4>
|
|
|
|
<p class="paragraph"></p>To use Lemonldap::NG, you have to run a LDAP
|
|
server and of course an Apache server compiled with mod-perl (version 1.3
|
|
or 2.x). Generaly, the version of Apache proposed with your Linux
|
|
distribution match, but some distributions used an experimental version of
|
|
mod_perl with Apache2 (mod_perl-1.99) which does not work with
|
|
Lemonldap::NG. With such distributions (like Debian-3.1), you have to use
|
|
Apache-1.3 or to use a mod_perl, CGI.pm and CGI/Cookie.pm backports
|
|
(www.backports.org package for Debian works fine).
|
|
|
|
<h4 class="heading-1-1-1"><span id="HNeededPerlmodules">Needed Perl
|
|
modules</span></h4>
|
|
|
|
<p class="paragraph"></p>Apache::Session, Net::LDAP, MIME::Base64, CGI,
|
|
LWP::UserAgent, Cache::Cache, DBI, XML::Simple, SOAP::Lite (only if you
|
|
want to use SOAP with the manager).
|
|
|
|
<p class="paragraph"></p>With Debian, use:
|
|
|
|
<div class="code">
|
|
<pre>
|
|
apt-get install libapache-session-perl libnet-ldap-perl libcache-cache-perl libdbi-perl perl-modules libwww-perl libcache-cache-perl libxml-simple-perl
|
|
# If you want to use SOAP with the manager:
|
|
apt-get install libsoap-lite-perl
|
|
</pre>
|
|
</div>
|
|
|
|
<h3 class="heading-1-1"><span id="HBUILDING">BUILDING</span></h3>
|
|
|
|
<h4 class="heading-1-1-1"><span id="HCompleteinstall">Complete
|
|
install</span></h4>
|
|
|
|
<p class="paragraph"></p>
|
|
|
|
<div class="code">
|
|
<pre>
|
|
$ tar xzf lemonldap-ng-*.tar.gz
|
|
$ cd lemonldap-ng-*
|
|
$ make && make test
|
|
$ sudo make install
|
|
$ make example
|
|
</pre>
|
|
</div>
|
|
|
|
<h4 class="heading-1-1-1"><span id="HDebianinstall">Debian
|
|
install</span></h4>
|
|
|
|
<p class="paragraph"></p>
|
|
|
|
<div class="code">
|
|
<pre>
|
|
$ tar xzf lemonldap-ng-*.tar.gz
|
|
$ cd lemonldap-ng-*
|
|
$ debuild
|
|
$ sudo dpkg -i ../lemonldap-ng*.deb
|
|
</pre>
|
|
</div>
|
|
|
|
<h3 class="heading-1-1"><span id="HEXAMPLECONFIGURATION">EXAMPLE
|
|
CONFIGURATION</span></h3>
|
|
|
|
<p class="paragraph"></p>After build, you have a new file named
|
|
example/apache.conf. You just have to include this file in Apache
|
|
configuration:
|
|
|
|
<p class="paragraph"></p>
|
|
|
|
<div class="code">
|
|
<pre>
|
|
# Apache-1.3: add <span class="java-keyword">this</span> to httpd.conf
|
|
include /path/to/lemonldap-ng/source/example/apache.conf
|
|
# Apache-2.x:
|
|
include /path/to/lemonldap-ng/source/example/apache2.conf
|
|
# Debian Apache-1.3
|
|
ln -s /usr/share/doc/lemonldap-ng/example/apache.conf /etc/apache/conf.d/test.conf
|
|
# or with Apache-2.x
|
|
ln -s /usr/share/doc/lemonldap-ng/example/apache2.conf /etc/apache2/sites-enabled/test.conf
|
|
</pre>
|
|
</div>
|
|
|
|
<p class="paragraph"></p>Modify your /etc/hosts file to include:
|
|
|
|
<p class="paragraph"></p>
|
|
|
|
<div class="code">
|
|
<pre>
|
|
127.0.0.2 auth.example.com
|
|
127.0.0.3 test.example.com
|
|
127.0.0.4 manager.example.com
|
|
</pre>
|
|
</div>
|
|
|
|
<p class="paragraph"></p>Now you have to edit configuration to set your
|
|
LDAP settings. You can either use :
|
|
|
|
<ul class="star">
|
|
<li>the manager interface: restart Apache and connect to <span class=
|
|
"nobr"><a href=
|
|
"http://manager.example.com/">http://manager.example.com/</a></span></li>
|
|
|
|
<li>edit /path/to/lemonldap-ng/source/example/lmConfig-1 and specify
|
|
your LDAP settings (Debian users:
|
|
/usr/share/doc/lemonldap-ng/example/conf/lmConfig-1).</li>
|
|
</ul>If you don't set managerDn and managerPassword, Lemonldap::NG will
|
|
use an anonymous bind to find user dn.
|
|
|
|
<p class="paragraph"></p>WARNINGS:
|
|
|
|
<ul class="star">
|
|
<li>only few parameters can be set by hand in the configuration file.
|
|
You have to use the manager to change configuration, but since the
|
|
example is yet configured, you can edit directly the file,</li>
|
|
|
|
<li>each new configuration is saved by the manager in a new file (or a
|
|
new record with DBI) so you can recover an old configuration by removing
|
|
the new one.</li>
|
|
</ul>Next, restart Apache and use your prefered browser and try to connect
|
|
to <span class="wikiexternallink"><a href=
|
|
"http://test.example.com/">http://test.example.com/</a></span>. You'll be
|
|
redirect to auth.example.com. Try to authenticate yourself with a valid
|
|
account and the protected page will appear.
|
|
</div>
|
|
</body>
|
|
</html>
|