authproxy.html 6.48 KB
Newer Older
Clément OUDOT's avatar
New doc  
Clément OUDOT committed
1 2 3 4 5 6 7 8 9 10 11 12
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
  <meta charset="utf-8" />
  <title>documentation:2.0:authproxy</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authproxy"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authproxy.html"/>
<link rel="contents" href="authproxy.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
Xavier Guimard's avatar
Xavier Guimard committed
13 14 15 16 17 18 19 20 21
<!-- //if:usedebianlibs
  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
Clément OUDOT's avatar
New doc  
Clément OUDOT committed
22 23 24
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authproxy","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
Xavier Guimard's avatar
Xavier Guimard committed
25 26 27 28 29 30 31 32 33 34 35 36 37 38
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
  <script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
  <script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
Xavier Guimard's avatar
Xavier Guimard committed
39
  <script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
Xavier Guimard's avatar
Xavier Guimard committed
40
//else -->
Xavier Guimard's avatar
Xavier Guimard committed
41
  <script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script>
Xavier Guimard's avatar
Xavier Guimard committed
42
<!-- //endif -->
Clément OUDOT's avatar
New doc  
Clément OUDOT committed
43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>

<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Presentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#external_portal">External portal</a></div></li>
<li class="level2"><div class="li"><a href="#internal_portal">Internal portal</a></div></li>
</ul></li>
</ul>
</div>
</div>
<!-- TOC END -->

<h1 class="sectionedit1" id="proxy">Proxy</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
	<thead>
	<tr class="row0 roweven">
		<th class="col0 centeralign">  Authentication  </th><th class="col1 centeralign">  Users  </th><th class="col2 centeralign">  Password  </th>
	</tr>
	</thead>
	<tr class="row1 rowodd">
		<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2"> </td>
	</tr>
</table></div>
<!-- EDIT2 TABLE [22-85] -->
</div>
<!-- EDIT1 SECTION "Proxy" [1-86] -->
<h2 class="sectionedit3" id="presentation">Presentation</h2>
<div class="level2">

<p>
Xavier Guimard's avatar
Xavier Guimard committed
82
<abbr title="LemonLDAP::NG">LL::NG</abbr> is able to transfer (trough REST or SOAP) authentication credentials to another <abbr title="LemonLDAP::NG">LL::NG</abbr> portal, like a proxy.
Clément OUDOT's avatar
New doc  
Clément OUDOT committed
83 84 85 86 87 88 89
</p>

<p>
The difference with <a href="authremote.html" class="wikilink1" title="documentation:2.0:authremote">remote authentication</a> is that the client will never be redirect to the main <abbr title="LemonLDAP::NG">LL::NG</abbr> portal. This configuration is usable if you want to expose your internal <abbr title="Single Sign On">SSO</abbr> portal to another network (DMZ).
</p>

</div>
Xavier Guimard's avatar
Xavier Guimard committed
90
<!-- EDIT3 SECTION "Presentation" [87-458] -->
Clément OUDOT's avatar
New doc  
Clément OUDOT committed
91 92 93 94
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">

</div>
Xavier Guimard's avatar
Xavier Guimard committed
95
<!-- EDIT4 SECTION "Configuration" [459-485] -->
Clément OUDOT's avatar
New doc  
Clément OUDOT committed
96 97 98 99 100 101 102 103 104 105 106
<h3 class="sectionedit5" id="external_portal">External portal</h3>
<div class="level3">

<p>
In Manager, go in <code>General Parameters</code> &gt; <code>Authentication modules</code> and choose Proxy for authentication and users.
</p>

<p>
Then, go in <code>Proxy parameters</code>:
</p>
<ul>
Xavier Guimard's avatar
Xavier Guimard committed
107 108
<li class="level1"><div class="li"> <strong>Internal portal <abbr title="Uniform Resource Locator">URL</abbr></strong>: <abbr title="Uniform Resource Locator">URL</abbr> of internal portal</div>
</li>
Xavier Guimard's avatar
Xavier Guimard committed
109
<li class="level1"><div class="li"> <strong>Session service <abbr title="Uniform Resource Locator">URL</abbr></strong> (optional): Session service <abbr title="Uniform Resource Locator">URL</abbr> (default: same as previous for SOAP, same with “/session/my” for REST)</div>
Clément OUDOT's avatar
New doc  
Clément OUDOT committed
110 111 112
</li>
<li class="level1"><div class="li"> <strong>Cookie name</strong> (optional): name of the cookie of internal portal, if different from external portal</div>
</li>
Xavier Guimard's avatar
Xavier Guimard committed
113 114
<li class="level1"><div class="li"> <strong>Authentication level</strong>: level given to this authentication</div>
</li>
Xavier Guimard's avatar
Xavier Guimard committed
115
<li class="level1"><div class="li"> <strong>Use SOAP instead of REST</strong>: use a SOAP server (deprecated) instead of a REST one (you must set it if internal portal version is &lt; 2.0). In this case, “Portal <abbr title="Uniform Resource Locator">URL</abbr>” parameter must contains SOAP endpoint (generally <a href="http://auth.example.com/index.pl/sessions" class="urlextern" title="http://auth.example.com/index.pl/sessions"  rel="nofollow">http://auth.example.com/index.pl/sessions</a> for 1.9 and earlier, <a href="http://auth.example.com/sessions" class="urlextern" title="http://auth.example.com/sessions"  rel="nofollow">http://auth.example.com/sessions</a> for 2.0)</div>
Clément OUDOT's avatar
New doc  
Clément OUDOT committed
116 117 118 119
</li>
</ul>

</div>
Xavier Guimard's avatar
Xavier Guimard committed
120
<!-- EDIT5 SECTION "External portal" [486-1341] -->
Clément OUDOT's avatar
New doc  
Clément OUDOT committed
121 122 123 124
<h3 class="sectionedit6" id="internal_portal">Internal portal</h3>
<div class="level3">

<p>
Xavier Guimard's avatar
Xavier Guimard committed
125
The portal must be configured to accept REST or SOAP authentication requests if you&#039;ve choose to use SOAP. See: <a href="restserverplugin" class="wikilink2" title="documentation:2.0:restserverplugin" rel="nofollow">REST server plugin</a> or <a href="soapsessionbackend.html" class="wikilink1" title="documentation:2.0:soapsessionbackend">SOAP session backend</a>.
Clément OUDOT's avatar
New doc  
Clément OUDOT committed
126 127 128
</p>

</div>
Xavier Guimard's avatar
Xavier Guimard committed
129
<!-- EDIT6 SECTION "Internal portal" [1342-] --></div>
Clément OUDOT's avatar
New doc  
Clément OUDOT committed
130 131
</body>
</html>