dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
40cb557d6d
lemonldap-ng/po-doc/fr/pages/documentation/1.9/authgoogle.html
Clément Oudot 40cb557d6d Import FR documentation (#909)
2016-02-10 10:17:52 +00:00

133 lines
5.6 KiB
HTML
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr"
lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title></title><!-- metadata --><!-- style sheet links -->
<meta name="generator" content="Hors ligne" />
<meta name="version" content="Hors-ligne 0.1" />
<link rel="stylesheet" media="all" type="text/css" href="../../../css/all.css" />
<link rel="stylesheet" media="screen" type="text/css" href="../../../css/screen.css" />
<link rel="stylesheet" media="print" type="text/css" href="../../../css/print.css" />
</head>
<body>
<div class="dokuwiki export">
<h1 class="sectionedit1" id="google">Google</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentification </th><th class="col1 centeralign"> Utilisateurs </th><th class="col2 centeralign"> Mot-de-passe </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2"> </td>
</tr>
</table></div><!-- EDIT2 TABLE [23-86] -->
</div><!-- EDIT1 SECTION "Google" [1-87] -->
<h2 class="sectionedit3" id="presentation">Présentation</h2>
<div class="level2">
<p>
Google propose d'autoriser les applications à réutiliser son propre processus d'authentification en utilisant le protocole <a href="http://fr.wikipedia.org/wiki/OpenID" class="urlextern" title="http://fr.wikipedia.org/wiki/OpenID" rel="nofollow">OpenID</a> (ce qui signifie que si on est connecté à Google, d'autres applications peuvent agréer Google et accepter l'utilisateur).
</p>
<p>
</p><p></p><div class="notewarning">OpenID 2.0 support is closed since 20th April 2015. If you still need to use Google login after this date, use <a href="../../documentation/1.9/authopenidconnect.html" class="wikilink1" title="documentation:1.9:authopenidconnect">OpenID Connect authentication module</a>.
</div></p>
</p>
</div><!-- EDIT3 SECTION "Presentation" [88-544] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
<p>
Dans le manager, allez dans <code>Paramètres generaux</code> &gt; <code>Modules d'authentification</code> et choisissez Google comme module d'authentication. L'adresse email est utilisée comme nom de compte (pour la traçabilité, l'explorateur de session,…). Pour accéder aux autres données, utiliser Google in <code>Paramètres generaux</code> &gt; <code>Modules d'authentification &gt; Modules d'utilisateurs</code>. Ensuite dans les «&nbsp;variables exportées&nbsp;», on ne peut demander que :
</p>
<ul>
<li class="level1"><div class="li"> country</div>
</li>
<li class="level1"><div class="li"> email</div>
</li>
<li class="level1"><div class="li"> firstname</div>
</li>
<li class="level1"><div class="li"> language</div>
</li>
<li class="level1"><div class="li"> lastname</div>
</li>
</ul>
<p>
Utiliser n'importe quel nom de clef mais ces valeurs dans le champ «&nbsp;valeur&nbsp;». If you want to require that a field is set, add “!” before the key name :
</p>
<ul>
<li class="level1"><div class="li"> “myfield ⇒ firstname” can be “”</div>
</li>
<li class="level1"><div class="li"> “!myfield ⇒ lastname” must be set</div>
</li>
</ul>
<p>
See also <a href="../../documentation/1.9/exportedvars.html" class="wikilink1" title="documentation:1.9:exportedvars">exported variables configuration</a>.
</p>
<p>
</p><p></p><div class="noteimportant">Une session persistente est créée avec ce module pour stocker les valeurs d'attribut renvoyées par Google. Si cette session est perdue, Google redemandera confirmation pour chaque attribut demandé.
</div></p>
</p>
</div><!-- EDIT4 SECTION "Configuration" [545-1491] -->
<h2 class="sectionedit5" id="google_migration">Google Migration</h2>
<div class="level2">
<p>
A Google Migration workaround is available since LemonLDAP::NG 1.4.4. It provides a specific and lightweight OpenID Connect module that will replace the current Google module.
</p>
<p>
</p><p></p><div class="noteimportant">This module is not available in version 1.9 and superior, you must use instead the <a href="../../documentation/1.9/authopenidconnect.html" class="wikilink1" title="documentation:1.9:authopenidconnect">OpenID Connect authentication module</a>.
</div></p>
</p>
<p>
To use it, edit lemonldap-ng.ini (this is not available trough Manager) and configure:
</p>
<pre class="code file ini"><span class="re0"><span class="br0">[</span>portal<span class="br0">]</span></span>
<span class="re1">authentication</span> <span class="sy0">=</span><span class="re2"> GoogleMigration</span>
<span class="re1">googleClientId</span> <span class="sy0">=</span><span class="re2"> XXXX</span>
<span class="re1">googleClientSecret</span> <span class="sy0">=</span><span class="re2"> XXXX</span></pre>
<p>
You need to register your LemonLDAP::NG application to Google in order to obtain the Client ID and the Client Secret, see <a href="https://developers.google.com/" class="urlextern" title="https://developers.google.com/" rel="nofollow">https://developers.google.com/</a>
</p>
<p>
You also need to register to Google the redirect <abbr title="Uniform Resource Identifier">URI</abbr>. You have to set your portal <abbr title="Uniform Resource Locator">URL</abbr> with the googlecb=1 GET parameter, for example:
</p>
<pre class="code">http://auth.example.com/?googlecb=1</pre>
</div>
</div><!-- closes <div class="dokuwiki export">--></body></html>
Reference in New Issue View Git Blame Copy Permalink