dani
/
lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
lemonldap-ng/build/lemonldap-ng/doc/5-Appli-Drupal.html

192 lines
5.8 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr">
<head>
<meta name="generator" content=
"HTML Tidy for Linux/x86 (vers 25 March 2009), see www.w3.org" />
<title>Lemonldap::NG documentation: 5-Appli-Drupal.html</title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
<style type="text/css">
/*<![CDATA[*/
body{
background: #ddd;
font-family: sans-serif;
font-size: 11pt;
padding: 0 50px;
}
div.main-content{
padding: 10px;
background: #fff;
border: 2px #ccc solid;
}
a{
text-decoration: none;
}
p.footer{
text-align: center;
margin: 5px 0 0 0;
}
.heading-1{
text-align: center;
color: orange;
font-variant: small-caps;
font-size: 20pt;
}
.heading-1-1{
color: orange;
font-size: 14pt;
border-bottom: 2px #ccc solid;
}
pre{
background: #eee;
border: 2px #ccc solid;
padding: 5px;
border-left: 10px #ccc solid;
}
ul.star li{
list-style-type: square;
}
/*]]>*/
</style>
</head>
<body>
<div class="main-content">
<h2 class="heading-1"><span id="HDrupal">Drupal</span></h2>
<p class="paragraph"></p>
<ul>
<li><a href="#HPresentation">Presentation</a></li>
<li>
<a href="#HIntegrationwithLemonLDAP3A3ANG">Integration with
LemonLDAP::NG</a>
<ul>
<li><a href="#HOnDrupalside">On Drupal side</a></li>
<li><a href="#HOnLemonLDAP3A3ANGside">On LemonLDAP::NG side</a></li>
</ul>
</li>
<li><a href="#HProtectonlytheadministrationpages">Protect only the
administration pages</a></li>
</ul>
<h3 class="heading-1-1"><span id="HPresentation">Presentation</span></h3>
<p class="paragraph"></p>Drupal is a CMS written in PHP. It can works with
external modules to extends its functionalities. One of this module can be
used to delegate authentication server to the web server: <span class=
"wikiexternallink"><a href=
"http://drupal.org/project/Webserver_auth">Webserver_auth</a></span>.
<h3 class="heading-1-1"><span id=
"HIntegrationwithLemonLDAP3A3ANG">Integration with
LemonLDAP::NG</span></h3>
<h4 class="heading-1-1-1"><span id="HOnDrupalside">On Drupal
side</span></h4>
<p class="paragraph"></p>Install <span class="wikiexternallink"><a href=
"http://drupal.org/project/Webserver_auth">Webserver_auth</a></span>
module, by downloading it, and unarchive it in the drupal modules/
directory.
<p class="paragraph"></p>Then go on administration interface and enable
the module.
<h4 class="heading-1-1-1"><span id="HOnLemonLDAP3A3ANGside">On
LemonLDAP::NG side</span></h4>
<p class="paragraph"></p>Declare a VirtualHost in Apache for Drupal and
active SSO, for example:
<p class="paragraph"></p>
<div class="code">
<pre>
&lt;VirtualHost *&gt;
ServerName drupal.example.com<br /><br /> # SSO protection
PerlHeaderParserHandler My::Package<br /><br /> # DocumentRoot
DocumentRoot /<span class="java-keyword">var</span>/www/html/drupal/
DirectoryIndex index.php<br /><br /> LogLevel warn
ErrorLog /<span class="java-keyword">var</span>/log/httpd/drupal-error.log
CustomLog /<span class=
"java-keyword">var</span>/log/httpd/drupal-access.log combined
&lt;/VirtualHost&gt;
</pre>
</div>
<p class="paragraph"></p>Then add this host in LemonLDAP::NG
Manager.<br />
<br />
If you are using LemonLDAP::NG as proxy, you can use this in your Druapl
Apache configuration:<br />
<br />
<div class="code">
<pre>
SetEnvIfNoCase Auth-User <span class="java-quote">"(.*)"</span> REMOTE_USER=$1
</pre>
</div><br />
<br />
You can also catch the logout page with this rule:<br />
<br />
<div class="code">
<pre>
q=logout =&gt; logout_app_sso
</pre>
</div>
<h3 class="heading-1-1"><span id=
"HProtectonlytheadministrationpages">Protect only the administration
pages</span></h3><br />
<br />
With the above solution, all the Drupal site will be protected, so no
anonymous access will be allowed.<br />
<br />
Drupal navigation is based on query strings (?q=admin, ?q=user,
etc.).<br />
<br />
You can create a special vhost and use mod_rewrite to witch between open
and protected hosts:<br />
<br />
<div class="code">
<pre>
&lt;VirtualHost *&gt;
ServerName drupal.example.com<br /><br /> # DocumentRoot
DocumentRoot /<span class="java-keyword">var</span>/www/html/drupal/
DirectoryIndex index.php<br /><br /> # Redirect admin pages
RewriteEngine On
RewriteCond %{QUERY_STRING} q=(admin|user)
RewriteRule ^/(.*)$ <span class="nobr"><a href=
"http://drupaladmin.example.com/$1">http://drupaladmin.example.com/$1</a></span> [R]<br /><br /> LogLevel warn
ErrorLog /<span class="java-keyword">var</span>/log/httpd/drupal-error.log
CustomLog /<span class=
"java-keyword">var</span>/log/httpd/drupal-access.log combined
&lt;/VirtualHost&gt;
&lt;VirtualHost *&gt;
ServerName admindrupal.example.com<br /><br /> # SSO protection
PerlHeaderParserHandler My::Package<br /><br /> # DocumentRoot
DocumentRoot /<span class="java-keyword">var</span>/www/html/drupal/
DirectoryIndex index.php<br /><br /> LogLevel warn
ErrorLog /<span class=
"java-keyword">var</span>/log/httpd/admindrupal-error.log
CustomLog /<span class=
"java-keyword">var</span>/log/httpd/admindrupal-access.log combined
&lt;/VirtualHost&gt;
</pre>
</div>
</div>
<p class="footer"><a href="index.html">Index</a></p>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink