dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9ae8fd9f83
lemonldap-ng/po-doc/fr/pages/documentation/current/variables.html
Xavier Guimard 79e65f5607 Update documentation
2017-02-07 16:35:26 +00:00

374 lines
16 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:variables</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,variables"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="variables.html"/>
<link rel="contents" href="variables.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:variables","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container"><!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Présentation</a></div></li>
<li class="level1"><div class="li"><a href="#modules">Modules</a></div></li>
<li class="level1"><div class="li"><a href="#connection">Connexion</a></div></li>
<li class="level1"><div class="li"><a href="#authentication">Authentification</a></div></li>
<li class="level1"><div class="li"><a href="#dates">Dates</a></div></li>
<li class="level1"><div class="li"><a href="#saml">SAML</a></div></li>
<li class="level1"><div class="li"><a href="#notifications">Notifications</a></div></li>
<li class="level1"><div class="li"><a href="#login_history">Historique de connexion</a></div></li>
<li class="level1"><div class="li"><a href="#ldap">LDAP</a></div></li>
<li class="level1"><div class="li"><a href="#openid">OpenID</a></div></li>
<li class="level1"><div class="li"><a href="#openid_connect">OpenID Connect</a></div></li>
<li class="level1"><div class="li"><a href="#other">Autres</a></div></li>
</ul>
</div>
</div><!-- TOC END -->
<h1 class="sectionedit1" id="variables">Variables</h1>
<div class="level1">
</div><!-- EDIT1 SECTION "Variables" [1-25] -->
<h2 class="sectionedit2" id="presentation">Présentation</h2>
<div class="level2">
<p>
Les variables peuvent être utilisées dans les règles et en-têtes. Toutes les règles sont concernées :
</p>
<ul>
<li class="level1"><div class="li"> Règle d'accès à un hôte virtuel</div>
</li>
<li class="level1"><div class="li"> Préselection d'IDP <abbr title="Security Assertion Markup Language">SAML</abbr></div>
</li>
<li class="level1"><div class="li"> Ouverture de session</div>
</li>
<li class="level1"><div class="li"></div>
</li>
</ul>
<p>
Les variables sont stockées dans la session utilisateur. On peut distinguer plusieurs types de variables :
</p>
<ul>
<li class="level1"><div class="li"> les variables internes, gérées par LemonLDAP::NG</div>
</li>
<li class="level1"><div class="li"> les <a href="exportedvars.html" class="wikilink1" title="documentation:2.0:exportedvars">variables exportées</a> collectées depuis le backend utilisateur</div>
</li>
<li class="level1"><div class="li"> <a href="performances.html#macros_and_groups" class="wikilink1" title="documentation:2.0:performances">les macro et groupes</a></div>
</li>
</ul>
<p>
En connaissant le nom d'une variable, il suffit de la préfixer avec un signe dollar pour l'utiliser, par exemple pour savoir si la variable <code>uid</code> contient <code>coudot</code> :
</p>
<pre class="code">$uid eq "coudot"</pre>
<div class="notetip">On peut inspecter une session utilisateur avec l'explorateur de sessions (accessible depuis le manager)
</div>
<p>
Ci-dessous sont documentées les variables internes.
</p>
</div><!-- EDIT2 SECTION "Presentation" [26-794] -->
<h2 class="sectionedit3" id="modules">Modules</h2>
<div class="level2">
<p>
Enregistre les modules utilisés pour l'authentification, les données utilisateurs, les mots-de-passe, …
</p>
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Clef </th><th class="col1 centeralign"> Description </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> _auth </td><td class="col1 leftalign"> Module d'authentication </td>
</tr>
<tr class="row2 roweven">
<td class="col0 centeralign"> _userDB </td><td class="col1 leftalign"> Module utilisateurs </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> _passwordDB </td><td class="col1 leftalign"> Module mots-de-passe </td>
</tr>
<tr class="row4 roweven">
<td class="col0 centeralign"> _issuerDB </td><td class="col1 leftalign"> Module fournisseur (peut-être multivalué) </td>
</tr>
<tr class="row5 rowodd">
<td class="col0 centeralign"> _authChoice </td><td class="col1 leftalign"> Choix de l'utilisateur si le <a href="authchoice.html" class="wikilink1" title="documentation:2.0:authchoice">backend d'authentification Choice</a> a été utilisé </td>
</tr>
<tr class="row6 roweven">
<td class="col0 centeralign"> _authMulti </td><td class="col1 leftalign"> Full name of authentication module (with <code>#label</code>) used in Multi </td>
</tr>
<tr class="row7 rowodd">
<td class="col0 centeralign"> _userDBMulti </td><td class="col1 leftalign"> Full name of user module (with <code>#label</code>) used in Multi </td>
</tr>
</table></div><!-- EDIT4 TABLE [891-1328] -->
</div><!-- EDIT3 SECTION "Modules" [795-1328] -->
<h2 class="sectionedit5" id="connection">Connexion</h2>
<div class="level2">
<p>
Données concernant la première connexion au portail
</p>
<div class="table sectionedit6"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Clef </th><th class="col1 centeralign"> Description </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> ipAddr </td><td class="col1 leftalign"> <abbr title="Internet Protocol">IP</abbr> de l'utilisateur (peut être celle de l'en-tête X-Forwarded-For si des proxies agréés ont été configurés) </td>
</tr>
<tr class="row2 roweven">
<td class="col0 leftalign"> _timezone </td><td class="col1"> Timezone de l'utilisateur, renseignée par javascript dans le formulaire d'authentification (vide si une autres méthode d'authentification est utilisée) </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 leftalign"> _url </td><td class="col1 leftalign"> <abbr title="Uniform Resource Locator">URL</abbr> utilisée avant d'être redirigé vers le portail (vide si le portail a été utilisé comme point d'entrée) </td>
</tr>
</table></div><!-- EDIT6 TABLE [1406-1770] -->
</div><!-- EDIT5 SECTION "Connection" [1329-1771] -->
<h2 class="sectionedit7" id="authentication">Authentification</h2>
<div class="level2">
<p>
Données concernant le processus d'authentification.
</p>
<div class="table sectionedit8"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Clef </th><th class="col1 centeralign"> Description </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> _session_id </td><td class="col1 leftalign"> Identifiant de session (porté par le cookie) </td>
</tr>
<tr class="row2 roweven">
<td class="col0 leftalign"> _user </td><td class="col1 leftalign"> Nom d'utilisateur trouvé dans le processus d'authentification </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 leftalign"> _password </td><td class="col1 leftalign"> Mot-de-passe fournit lors du processus d'authentification (seulement si le <a href="passwordstore.html" class="wikilink1" title="documentation:2.0:passwordstore">stockage du mot-de-passe dans la sessions</a> est configuré) </td>
</tr>
<tr class="row4 roweven">
<td class="col0 leftalign"> authenticationLevel </td><td class="col1 leftalign"> Niveau d'authentification </td>
</tr>
</table></div><!-- EDIT8 TABLE [1842-2139] -->
</div><!-- EDIT7 SECTION "Authentication" [1772-2140] -->
<h2 class="sectionedit9" id="dates">Dates</h2>
<div class="level2">
<div class="table sectionedit10"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Clef </th><th class="col1 centeralign"> Description </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> _utime </td><td class="col1 leftalign"> Date et heure (timestamp) de la création de la session </td>
</tr>
<tr class="row2 roweven">
<td class="col0 leftalign"> startTime </td><td class="col1 leftalign"> Date et heure (timestamp) de la création de la session </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 leftalign"> updateTime </td><td class="col1 leftalign"> Date de la dernière modification de la session </td>
</tr>
<tr class="row4 roweven">
<td class="col0"> _lastAuthnUTime </td><td class="col1 leftalign"> Date et heure (timestamp) de la dernière authentification </td>
</tr>
</table></div><!-- EDIT10 TABLE [2160-2387] -->
</div><!-- EDIT9 SECTION "Dates" [2141-2388] -->
<h2 class="sectionedit11" id="saml">SAML</h2>
<div class="level2">
<p>
Donnée relative au protocole <abbr title="Security Assertion Markup Language">SAML</abbr>
</p>
<div class="table sectionedit12"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Clef </th><th class="col1 centeralign"> Description </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> _idp </td><td class="col1 leftalign"> Nom de l'IDP utilisé pour l'authentification </td>
</tr>
<tr class="row2 roweven">
<td class="col0 leftalign"> _idpConfKey </td><td class="col1 leftalign"> Clef de configuration de l'IDP utilisé pour l'authentification </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 leftalign"> _samlToken </td><td class="col1 leftalign"> Jeton <abbr title="Security Assertion Markup Language">SAML</abbr> </td>
</tr>
<tr class="row4 roweven">
<td class="col0 leftalign"> _lassoSessionDump </td><td class="col1 leftalign"> Dump de session Lasso </td>
</tr>
<tr class="row5 rowodd">
<td class="col0 leftalign"> _lassoIdentityDump </td><td class="col1 leftalign"> Dump de l'identité Lasso </td>
</tr>
</table></div><!-- EDIT12 TABLE [2439-2704] -->
</div><!-- EDIT11 SECTION "SAML" [2389-2705] -->
<h2 class="sectionedit13" id="notifications">Notifications</h2>
<div class="level2">
<div class="table sectionedit14"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Clef </th><th class="col1 centeralign"> Description </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> _notification_<em>id</em> </td><td class="col1 leftalign"> Date de validation de la notification <em>id</em> </td>
</tr>
</table></div><!-- EDIT14 TABLE [2733-2833] -->
</div><!-- EDIT13 SECTION "Notifications" [2706-2834] -->
<h2 class="sectionedit15" id="login_history">Historique de connexion</h2>
<div class="level2">
<div class="table sectionedit16"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Clef </th><th class="col1 centeralign"> Description </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> loginHistory </td><td class="col1 leftalign"> Table des connexion réussies ou échouées </td>
</tr>
</table></div><!-- EDIT16 TABLE [2862-2943] -->
</div><!-- EDIT15 SECTION "Login history" [2835-2944] -->
<h2 class="sectionedit17" id="ldap">LDAP</h2>
<div class="level2">
<p>
Only with UserDB LDAP.
</p>
<div class="table sectionedit18"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Clef </th><th class="col1 centeralign"> Description </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> dn </td><td class="col1"> Nom distinct (distinguished name) </td>
</tr>
</table></div><!-- EDIT18 TABLE [2987-3041] -->
</div><!-- EDIT17 SECTION "LDAP" [2945-3042] -->
<h2 class="sectionedit19" id="openid">OpenID</h2>
<div class="level2">
<div class="table sectionedit20"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Clef </th><th class="col1 centeralign"> Description </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> _openid_<em>id</em> </td><td class="col1 leftalign"> Consentement de partage de l'attribut <em>id</em> via OpenID </td>
</tr>
</table></div><!-- EDIT20 TABLE [3063-3159] -->
</div><!-- EDIT19 SECTION "OpenID" [3043-3160] -->
<h2 class="sectionedit21" id="openid_connect">OpenID Connect</h2>
<div class="level2">
<div class="table sectionedit22"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Clef </th><th class="col1 centeralign"> Description </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> OpenIDConnect_IDToken </td><td class="col1 leftalign"> ID Token </td>
</tr>
<tr class="row2 roweven">
<td class="col0 leftalign"> OpenIDConnect_OP </td><td class="col1 leftalign"> Configuration key of OP used for authentication </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 leftalign"> OpenIDConnect_access_token </td><td class="col1 leftalign"> OAuth2 Access Token used to get UserInfo data </td>
</tr>
<tr class="row4 roweven">
<td class="col0"> _oidc_consent_scope_<em>rp</em> </td><td class="col1 leftalign"> Scope for which consent was given for RP <em>rp</em> </td>
</tr>
<tr class="row5 rowodd">
<td class="col0"> _oidc_consent_time_<em>rp</em> </td><td class="col1 leftalign"> Time when consent was given for RP <em>rp</em> </td>
</tr>
</table></div><!-- EDIT22 TABLE [3189-3564] -->
</div><!-- EDIT21 SECTION "OpenID Connect" [3161-3565] -->
<h2 class="sectionedit23" id="other">Autres</h2>
<div class="level2">
<div class="table sectionedit24"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Clef </th><th class="col1 centeralign"> Description </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> appsListOrder </td><td class="col1 leftalign"> Ordre des catégories dans le menu </td>
</tr>
<tr class="row2 roweven">
<td class="col0 leftalign"> _session_kind </td><td class="col1 leftalign"> Type of session (<abbr title="Authentification unique (Single Sign On)">SSO</abbr>, Persistent, …) </td>
</tr>
</table></div><!-- EDIT24 TABLE [3585-3725] -->
</div><!-- EDIT23 SECTION "Other" [3566-] -->
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink