dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5d35b3271f
lemonldap-ng/po-doc/fr/pages/documentation/current/upgrade.html
Clément Oudot 9a938793d8 FR documentation update
2017-08-30 16:47:26 +00:00

269 lines
12 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:upgrade</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,upgrade"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="upgrade.html"/>
<link rel="contents" href="upgrade.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:upgrade","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#installation">Installation</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#debian_wheezy">Debian Wheezy</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div></li>
<li class="level1"><div class="li"><a href="#logs">Journaux</a></div></li>
<li class="level1"><div class="li"><a href="#security">Sécurité</a></div></li>
<li class="level1"><div class="li"><a href="#handlers">Handlers</a></div></li>
<li class="level1"><div class="li"><a href="#rules_and_headers">Rules and headers</a></div></li>
<li class="level1"><div class="li"><a href="#supported_servers">Supported servers</a></div></li>
<li class="level1"><div class="li"><a href="#ajax_requests">Ajax requests</a></div></li>
<li class="level1"><div class="li"><a href="#soaprest_services">SOAP/REST services</a></div></li>
<li class="level1"><div class="li"><a href="#developer_corner">Developer corner</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#apis">APIs</a></div></li>
<li class="level2"><div class="li"><a href="#portal_overview">Portal overview</a></div></li>
<li class="level2"><div class="li"><a href="#handler">Agent (Handler)</a></div></li>
</ul></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="upgrade_from_19_to_20">Upgrade from 1.9 to 2.0</h1>
<div class="level1">
<div class="noteimportant">2.0 is a major release, many things have been changed. You must read this document before upgrade.
</div>
</div><!-- EDIT1 SECTION "Upgrade from 1.9 to 2.0" [1-162] -->
<h2 class="sectionedit2" id="installation">Installation</h2>
<div class="level2">
</div><!-- EDIT2 SECTION "Installation" [163-188] -->
<h3 class="sectionedit3" id="debian_wheezy">Debian Wheezy</h3>
<div class="level3">
<p>
To build Debian package with Wheezy, remove <code>debian/lemonldap-ng-doc.maintscript</code> file.
</p>
</div><!-- EDIT3 SECTION "Debian Wheezy" [189-304] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> User module in authentication parameters now provides a “Same as authentication” value. You must revalidate it in the manager since all special values must be replaced by this <em>(Multi, Choice, Proxy, Slave, <abbr title="Security Assertion Markup Language">SAML</abbr>, OpenID*,…)</em></div>
</li>
<li class="level1"><div class="li"> <strong>“Multi” doesn't exist anymore</strong>: it is replaced by the more powerful <a href="authcombination.html" class="wikilink1" title="documentation:2.0:authcombination">Combination</a></div>
</li>
<li class="level1"><div class="li"> Apache and Nginx configurations must updated to use the FastCGI portal</div>
</li>
</ul>
<div class="noteimportant">Apache-ModPerl is no longer usable since version 2.4 <em>(many segfaults,…)</em>, especially when using mpm-worker. That's why LLNG doesn't use anymore ModPerl::Registry: all is now handle by FastCGI <em>(portal and manager)</em>.
<p>
<strong>For handlers, it is now recommended to migrate to Nginx</strong>, but Apache-2.X is still supported
</p>
</div>
</div><!-- EDIT4 SECTION "Configuration" [305-1090] -->
<h2 class="sectionedit5" id="logs">Journaux</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> <strong>Syslog</strong>: logs are now configured only in <code>lemonldap-ng.ini</code> file. If you use Syslog, you must reconfigure it. See <a href="logs.html" class="wikilink1" title="documentation:2.0:logs">logs</a> for more.</div>
</li>
<li class="level1"><div class="li"> <strong>Apache2</strong>: Portal doesn't use anymore Apache2 logger. Logs continue to be written to Apache error.log but Apache “LogLevel” parameter has no effet on it: portal is now a FastCGI application and doesn't use anymore ModPerl. See <a href="logs.html" class="wikilink1" title="documentation:2.0:logs">logs</a> for more.</div>
</li>
</ul>
</div><!-- EDIT5 SECTION "Logs" [1091-1502] -->
<h2 class="sectionedit6" id="security">Sécurité</h2>
<div class="level2">
<p>
LLNG portal now embeds the following features:
</p>
<ul>
<li class="level1"><div class="li"> <a href="https://en.wikipedia.org/wiki/Cross-site_request_forgery" class="urlextern" title="https://en.wikipedia.org/wiki/Cross-site_request_forgery" rel="nofollow">CSRF</a> protection <em>(Cross-Site Request Forgery)</em>: a token is build for each form. To disable it, set requireToken to 0 <em>(portal security parameters in the manager)</em></div>
</li>
<li class="level1"><div class="li"> <a href="https://en.wikipedia.org/wiki/Content_Security_Policy" class="urlextern" title="https://en.wikipedia.org/wiki/Content_Security_Policy" rel="nofollow">Content-Security-Policy</a> header: portal build dynamically this header. You can modify default values in the manager <em>(Général parameters » Advanced parameters » Security » Content-Security-Policy)</em></div>
</li>
</ul>
</div><!-- EDIT6 SECTION "Security" [1503-2070] -->
<h2 class="sectionedit7" id="handlers">Handlers</h2>
<div class="level2">
<p>
Now, <a href="cda.html" class="wikilink1" title="documentation:2.0:cda">CDA</a>, <a href="documentation/latest/applications/zimbra.html" class="wikilink1" title="documentation:latest:applications:zimbra">ZimbraPreAuth</a>, <a href="securetoken.html" class="wikilink1" title="documentation:2.0:securetoken">SecureToken</a> and <a href="handlerauthbasic.html" class="wikilink1" title="documentation:2.0:handlerauthbasic">AuthBasic</a> are <a href="handlerarch.html" class="wikilink1" title="documentation:2.0:handlerarch">Handler Types</a>. So there is no more special file to load: you just have to choose “VirtualHost type” in the manager/VirtualHosts.
</p>
</div><!-- EDIT7 SECTION "Handlers" [2071-2419] -->
<h2 class="sectionedit8" id="rules_and_headers">Rules and headers</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> hostname() and remote_ip() are no more provided to avoid some name conflicts <em>(replaced by $ENV{})</em></div>
</li>
<li class="level1"><div class="li"> <code>$ENV{&lt;cgi_variable&gt;}</code> is now available everywhere: see <a href="writingrulesand_headers.html" class="wikilink1" title="documentation:2.0:writingrulesand_headers">Writing rules and headers</a></div>
</li>
<li class="level1"><div class="li"> some variable names have changed. See <a href="variables.html" class="wikilink1" title="documentation:2.0:variables">variables</a> document</div>
</li>
</ul>
</div><!-- EDIT8 SECTION "Rules and headers" [2420-2738] -->
<h2 class="sectionedit9" id="supported_servers">Supported servers</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> Apache-1.3 files are not provided now. You can build them yourself by looking at Apache-2 configuration files</div>
</li>
</ul>
</div><!-- EDIT9 SECTION "Supported servers" [2739-2884] -->
<h2 class="sectionedit10" id="ajax_requests">Ajax requests</h2>
<div class="level2">
<p>
Before 2.0, an Ajax query that was launched after session timeout received a 302 code. Now a response 401 is given. The <code>WWW-Authenticate</code> header contains: <code><abbr title="Authentification unique (Single Sign On)">SSO</abbr> &lt;portal-<abbr title="Uniform Resource Locator">URL</abbr>&gt;</code>
</p>
</div><!-- EDIT10 SECTION "Ajax requests" [2885-3091] -->
<h2 class="sectionedit11" id="soaprest_services">SOAP/REST services</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> SOAP server activation is now split in 2 parameters (configuration/sessions). You must set them else SOAP service will be disabled</div>
</li>
<li class="level1"><div class="li"> Notifications are now REST/JSON by default. You can force old format in the manager. Note that SOAP proxy has changed: <a href="http://portal/notifications" class="urlextern" title="http://portal/notifications" rel="nofollow">http://portal/notifications</a> now.</div>
</li>
<li class="level1"><div class="li"> If you use “adminSessions” endpoint with “singleSession*” features, you must upgrade all portals in the same time</div>
</li>
<li class="level1"><div class="li"> SOAP services can be replaced by new REST services</div>
</li>
</ul>
<div class="noteimportant"><a href="handlerauthbasic.html" class="wikilink1" title="documentation:2.0:handlerauthbasic">AuthBasic Handler</a> uses now REST services instead of SOAP.
</div>
</div><!-- EDIT11 SECTION "SOAP/REST services" [3092-3690] -->
<h2 class="sectionedit12" id="developer_corner">Developer corner</h2>
<div class="level2">
</div><!-- EDIT12 SECTION "Developer corner" [3691-3720] -->
<h3 class="sectionedit13" id="apis">APIs</h3>
<div class="level3">
<p>
Portal has now many REST features and includes a plugin <abbr title="Interface de programmation">API</abbr>. See Portal manpages to see how to write auth modules, issuers or other feature.
</p>
</div><!-- EDIT13 SECTION "APIs" [3721-3878] -->
<h3 class="sectionedit14" id="portal_overview">Portal overview</h3>
<div class="level3">
<p>
Portal is no more a big CGI object. it is written for Plack/PSGI. Little resume
</p>
<pre class="file">Portal object
|
+-&gt; auth module
|
+-&gt; userDB module
|
+-&gt; issuer modules
|
+-&gt; other plugins (notification,...)</pre>
<p>
The request is a separated object based on Lemonldap::NG::Portal::Main::Request which inherits from Lemonldap::NG::Common::PSGI::Request which inherits from Plack::Request. See manpages for more.
</p>
</div><!-- EDIT14 SECTION "Portal overview" [3879-4326] -->
<h3 class="sectionedit15" id="handler">Agent (Handler)</h3>
<div class="level3">
<p>
Handler libraries have been totally rewritten. If you've made custom handlers, they must be rewritten, see <a href="customhandlers.html" class="wikilink1" title="documentation:2.0:customhandlers">customhandlers</a>.
</p>
<p>
If you had auto protected CGI, you also need to rewrite them, see <a href="selfmadeapplication.html#perl_auto-protected_cgi" class="wikilink1" title="documentation:2.0:selfmadeapplication">documentation</a>.
</p>
</div><!-- EDIT15 SECTION "Handler" [4327-] -->
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink