dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
cc79680b89
lemonldap-ng/doc/pages/documentation/current/contextswitching.html
Xavier 39c968b215 Update doc
2019-09-23 22:41:16 +02:00

89 lines
4.4 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:contextswitching</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,contextswitching"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="contextswitching.html"/>
<link rel="contents" href="contextswitching.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:contextswitching","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script>
<!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="contextswitching_plugin">ContextSwitching plugin</h1>
<div class="level1">
<p>
This plugin allows certain users to switch context other user. This may be useful when providing assistance or when testing privileges. Enter the uid of the user you&#039;d like to switch context to.
</p>
</div>
<!-- EDIT1 SECTION "ContextSwitching plugin" [1-235] -->
<h2 class="sectionedit2" id="configuration">Configuration</h2>
<div class="level2">
<p>
Just enable it in the Manager (section “plugins”) by setting a rule. ContextSwitching can be allowed or denied for specific users. Furthermore, specific identities like administrators or anonymous users can be forbidden to assume.
</p>
<ul>
<li class="level1"><div class="li"> <strong>Parameters</strong>:</div>
<ul>
<li class="level2"><div class="li"> <strong>Use rule</strong>: Select which users may use this plugin</div>
</li>
<li class="level2"><div class="li"> <strong>Identities use rule</strong>: Rule to define which identities can be assumed. Useful to prevent impersonation of certain sensitive identities like CEO, administrators or anonymous/protected users.</div>
</li>
<li class="level2"><div class="li"> <strong>Stop by logout</strong>: Stop context switching by sending a logout request.</div>
</li>
</ul>
</li>
</ul>
<div class="notewarning">During context switching authentication process, all plugins are disabled. In other words, all entry points like afterData, endAuth and so on are skipped. Therefore, second factors or notifications by example will not be prompted!
</div><div class="noteimportant">ContextSwitching plugin works only with a userDB backend. You can not switch context with federated authentication.
</div>
<p>
impersonationPrefix is used to store real user&#039;s session Id. You can set this prefix (&#039;real_&#039; by default) by editing <code>lemonldap-ng.ini</code> in [portal] section:
</p>
<pre class="code file ini"><span class="re0"><span class="br0">&#91;</span>portal<span class="br0">&#93;</span></span>
<span class="re1">impersonationPrefix</span> <span class="sy0">=</span><span class="re2"> real_</span></pre>
</div>
<!-- EDIT2 SECTION "Configuration" [236-] --></div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink