dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5d35b3271f
lemonldap-ng/po-doc/fr/pages/documentation/current/handlerauthbasic.html
Xavier Guimard 4cf3762f38 Update documentation
2017-03-07 18:03:53 +00:00

165 lines
6.2 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:handlerauthbasic</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,handlerauthbasic"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="handlerauthbasic.html"/>
<link rel="contents" href="handlerauthbasic.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:handlerauthbasic","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#virtual_host">Hôte virtuel</a></div></li>
<li class="level2"><div class="li"><a href="#nginx">Nginx</a></div></li>
<li class="level2"><div class="li"><a href="#handler_parameters">Paramètres de l'agent</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="authbasic_handler">Agent AuthBasic</h1>
<div class="level1">
</div><!-- EDIT1 SECTION "AuthBasic Handler" [1-33] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
L'agent AuthBasic est un agent spécial qui utilise l'authentification web basique pour authentifier dans un hôte virtuel et qui utilise ensuite les règles d'autorisation pour valider les accès à l'hôte virtuel.
</p>
<p>
The Handler will send a WWW-Authenticate header to the client, to request user and password, and then check the credentials using REST web service (you must enable REST session service in the manager). Lorsque la session est validée, l'agent examine les autorisations comme un agent standard.
</p>
<p>
Ce peut être pratique pour autoriser une application cliente à accéder à un hôte virtuel avec un authentifiant en envoyant un en-tête basique.
</p>
</div><!-- EDIT2 SECTION "Presentation" [34-677] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Configuration" [678-704] -->
<h3 class="sectionedit4" id="virtual_host">Hôte virtuel</h3>
<div class="level3">
<p>
You just have to set “Type: AuthBasic” in the virtualHost options in the manager.
</p>
<p>
If you want to protect only a virtualHost part, keep type on “Main” and set type in your configuration file:
</p>
<ul>
<li class="level1"><div class="li"> Apache: use simply a <code>PerlSetVar VHOSTTYPE AuthBasic</code></div>
</li>
<li class="level1"><div class="li"> Nginx: create another FastCGI with a <code>fastcgi_param VHOSTTYPE = AuthBasic;</code> <em>(and remove error_page 401)</em></div>
</li>
</ul>
</div><!-- EDIT4 SECTION "Virtual host" [705-1095] -->
<h3 class="sectionedit5" id="nginx">Nginx</h3>
<div class="level3">
<p>
Since 1.9.6, LLNG FastCGI server can handle AuthBasic handler. To call it, you just have to add <code>fastcgi_param VHOSTTYPE AuthBasic;</code> in the FastCGI server call and remove <code>error_page 401</code> directive:
</p>
<pre class="file">location = /lmauth {
internal;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
fastcgi_param VHOSTTYPE AuthBasic;
# Ignorer les données postées
fastcgi_pass_request_body off;
fastcgi_param CONTENT_LENGTH "";
# Conserver le nom d'hôte original
fastcgi_param HOST $http_host;
# Conserver la requête originale (le serveur LLNG va recevoir /llauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
location / {
...
######################################
# CALLING AUTHENTICATION #
######################################
auth_request /lmauth;
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
auth_request_set $lmlocation $upstream_http_location;
# Remove this for AuthBasic handler
#error_page 401 $lmlocation;
...
}</pre>
</div><!-- EDIT5 SECTION "Nginx" [1096-2119] -->
<h3 class="sectionedit6" id="handler_parameters">Paramètres de l'agent</h3>
<div class="level3">
<p>
Aucun paramètres n'est requis. But you have to allow sessions web services, see <a href="restsessionbackend.html" class="wikilink1" title="documentation:2.0:restsessionbackend">REST sessions backend</a>.
</p>
</div><!-- EDIT6 SECTION "Handler parameters" [2120-] -->
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink