Commit b666f141 authored by Maxime Besson's avatar Maxime Besson
Browse files

Clarify outgoing proxy documentation (#2715)

parent 23bc481c
Use an outgoing proxy
=====================
For some protocols, LL::NG has to directly contact the external server.
For some protocols, LemonLDAP::NG has to directly contact the external server.
This is the case for example with CAS authentication (validation of
service ticket) or OpenID Connect authentication (access to token
endpoint and userinfo endpoint).
If the LL::NG server needs a proxy for outgoing connections, then you
need to configure some environment variables.
need to configure some environment variables. By default, only connections
to external systems (CAS, OIDC, etc.) are done through the proxy, while HTTP
connections in between LemonLDAP::NG components are not.
Apache
------
......@@ -21,6 +23,11 @@ In Apache configuration, set:
# on Centos7, you need LWP::Protocol::connect
# FcgidInitialEnv https_proxy connect://X.X.X.X:X
# Optional: use this to force ALL http connections to go
# through the proxy. This is only useful in some scenarios
# FcgidInitialEnv PERL_LWP_ENV_PROXY 1
# FcgidInitialEnv no_proxy <urls-without-proxy>
Nginx/FastCGI
-------------
......@@ -33,3 +40,8 @@ add in ``/etc/default/lemonldap-ng-fastcgi-server`` :
# on Centos7, you need LWP::Protocol::connect
# https_proxy=connect://X.X.X.X:X
# Optional: use this to force ALL http connections to go
# through the proxy. This is only useful in some scenarios
# PERL_LWP_ENV_PROXY=1
# no_proxy=<urls-without-proxy>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment