Commit a38386f0 authored by Clément OUDOT's avatar Clément OUDOT

New doc

parent a2806253
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:activedirectoryminihowto</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,activedirectoryminihowto"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="activedirectoryminihowto.html"/>
<link rel="contents" href="activedirectoryminihowto.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css"/>
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:activedirectoryminihowto","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="using_lemonldapng_with_active-directory">Using LemonLDAP::NG with Active-Directory</h1>
<div class="level1">
</div>
<!-- EDIT1 SECTION "Using LemonLDAP::NG with Active-Directory" [1-57] -->
<h2 class="sectionedit2" id="authentication_with_loginpassword">Authentication with login/password</h2>
<div class="level2">
<p>
To use Active Directory as LDAP backend, you must change few things in the manager :
</p>
<ul>
<li class="level1"><div class="li"> Use “Active Directory” as authentication, userDB and passwordDBbackends,</div>
</li>
<li class="level1"><div class="li"> Export sAMAccountName in a variable declared in <a href="exportedvars.html" class="wikilink1" title="documentation:2.0:exportedvars">exported variables</a></div>
</li>
<li class="level1"><div class="li"> Change the user attribute to store in Apache logs <em>(“General Parameters » Logs » REMOTE_USER”)</em>: use the variable declared above</div>
</li>
</ul>
</div>
<!-- EDIT2 SECTION "Authentication with login/password" [58-494] -->
<h2 class="sectionedit3" id="authentication_with_kerberos">Authentication with Kerberos</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> Choose “Apache” as authentication module <em>(“General Parameters » Authentication modules » Authentication module”)</em></div>
</li>
<li class="level1"><div class="li"> <a href="authapache.html" class="wikilink1" title="documentation:2.0:authapache">Configure the Apache server</a> that host the portal to use the Apache Kerberos authentication module</div>
</li>
</ul>
</div>
<!-- EDIT3 SECTION "Authentication with Kerberos" [495-] --></div>
</body>
</html>
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:applications</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="applications.html"/>
<link rel="contents" href="applications.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css"/>
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:applications","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#known_supported_applications">Known supported applications</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#mail_agenda_groupware">Mail, Agenda, Groupware</a></div></li>
<li class="level2"><div class="li"><a href="#wiki">Wiki</a></div></li>
<li class="level2"><div class="li"><a href="#cms_portal_ecm">CMS, Portal, ECM</a></div></li>
<li class="level2"><div class="li"><a href="#bugtracker_service_management">Bugtracker, Service Management</a></div></li>
<li class="level2"><div class="li"><a href="#other">Other</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#frameworks">Frameworks</a></div></li>
<li class="level1"><div class="li"><a href="#connectors">Connectors</a></div></li>
<li class="level1"><div class="li"><a href="#saml_connectors">SAML connectors</a></div></li>
</ul>
</div>
</div>
<!-- TOC END -->
<h1 class="sectionedit1" id="applications">Applications</h1>
<div class="level1">
</div>
<!-- EDIT1 SECTION "Applications" [1-28] -->
<h2 class="sectionedit2" id="known_supported_applications">Known supported applications</h2>
<div class="level2">
<p>
Applications listed below are known to be easy to integrate in <abbr title="LemonLDAP::NG">LL::NG</abbr>. As <abbr title="LemonLDAP::NG">LL::NG</abbr> works like classic WebSSO (like Siteminder™), many other applications are easy to integrate.
</p>
</div>
<!-- EDIT2 SECTION "Known supported applications" [29-248] -->
<h3 class="sectionedit3" id="mail_agenda_groupware">Mail, Agenda, Groupware</h3>
<div class="level3">
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> OBM </th><th class="col1 centeralign"> Sympa </th><th class="col2 centeralign"> Zimbra </th><th class="col3 centeralign"> RoundCube </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/obm.html" class="media" title="documentation:2.0:applications:obm"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/sympa.html" class="media" title="documentation:2.0:applications:sympa"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col2 centeralign"> <a href="applications/zimbra.html" class="media" title="documentation:2.0:applications:zimbra"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col3 centeralign"> <a href="applications/roundcube.html" class="media" title="documentation:2.0:applications:roundcube"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td>
</tr>
</table></div>
<!-- EDIT4 TABLE [284-580] -->
</div>
<!-- EDIT3 SECTION "Mail, Agenda, Groupware" [249-581] -->
<h3 class="sectionedit5" id="wiki">Wiki</h3>
<div class="level3">
<div class="table sectionedit6"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Dokuwiki </th><th class="col1 centeralign"> Mediawiki </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/dokuwiki.html" class="media" title="documentation:2.0:applications:dokuwiki"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/mediawiki.html" class="media" title="documentation:2.0:applications:mediawiki"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td>
</tr>
</table></div>
<!-- EDIT6 TABLE [598-764] -->
</div>
<!-- EDIT5 SECTION "Wiki" [582-765] -->
<h3 class="sectionedit7" id="cms_portal_ecm">CMS, Portal, ECM</h3>
<div class="level3">
<div class="table sectionedit8"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Drupal </th><th class="col1 centeralign"> Liferay </th><th class="col2 centeralign"> Alfresco </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/drupal.html" class="media" title="documentation:2.0:applications:drupal"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/liferay.html" class="media" title="documentation:2.0:applications:liferay"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col2 centeralign"> <a href="applications/alfresco.html" class="media" title="documentation:2.0:applications:alfresco"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td>
</tr>
</table></div>
<!-- EDIT8 TABLE [794-1029] -->
</div>
<!-- EDIT7 SECTION "CMS, Portal, ECM" [766-1030] -->
<h3 class="sectionedit9" id="bugtracker_service_management">Bugtracker, Service Management</h3>
<div class="level3">
<div class="table sectionedit10"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Bugzilla </th><th class="col1 centeralign"> GLPI </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/bugzilla.html" class="media" title="documentation:2.0:applications:bugzilla"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/glpi.html" class="media" title="documentation:2.0:applications:glpi"><img src="icons/kmultiple.png" class="media" alt="" width="100" /></a> </td>
</tr>
</table></div>
<!-- EDIT10 TABLE [1073-1229] -->
</div>
<!-- EDIT9 SECTION "Bugtracker, Service Management" [1031-1230] -->
<h3 class="sectionedit11" id="other">Other</h3>
<div class="level3">
<div class="table sectionedit12"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> GRR </th><th class="col1 centeralign"> phpLDAPadmin </th><th class="col2 centeralign"> LimeSurvey </th><th class="col3 centeralign"> SAP </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/grr.html" class="media" title="documentation:2.0:applications:grr"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/phpldapadmin.html" class="media" title="documentation:2.0:applications:phpldapadmin"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col2 centeralign"> <a href="applications/limesurvey.html" class="media" title="documentation:2.0:applications:limesurvey"><img src="icons/kmultiple.png" class="media" title="LimeSurvey" alt="LimeSurvey" width="120" /></a> </td><td class="col3 centeralign"> <a href="http://help.sap.com/saphelp_nw70/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm" class="media" title="http://help.sap.com/saphelp_nw70/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm" rel="nofollow"><img src="icons/kmultiple.png" class="media" title="SAP" alt="SAP" /></a> </td>
</tr>
</table></div>
<!-- EDIT12 TABLE [1248-1651] -->
</div>
<!-- EDIT11 SECTION "Other" [1231-1652] -->
<h2 class="sectionedit13" id="frameworks">Frameworks</h2>
<div class="level2">
<div class="table sectionedit14"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Java (Spring) </th><th class="col1 centeralign"> Python (Django) </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/spring.html" class="media" title="documentation:2.0:applications:spring"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/django.html" class="media" title="documentation:2.0:applications:django"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td>
</tr>
</table></div>
<!-- EDIT14 TABLE [1677-1844] -->
</div>
<!-- EDIT13 SECTION "Frameworks" [1653-1845] -->
<h2 class="sectionedit15" id="connectors">Connectors</h2>
<div class="level2">
<div class="table sectionedit16"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> HTTP Auth-Basic </th><th class="col1 centeralign"> Tomcat </th><th class="col2 centeralign"> Nginx </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/authbasic.html" class="media" title="documentation:2.0:applications:authbasic"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/tomcat.html" class="media" title="documentation:2.0:applications:tomcat"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col2 centeralign"> <a href="applications/nginx.html" class="media" title="documentation:2.0:applications:nginx"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td>
</tr>
<tr class="row2 roweven">
<th class="col0 centeralign" colspan="3"> Some applications using it </th>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> <a href="http://en.wikipedia.org/wiki/Outlook_Web_App" class="urlextern" title="http://en.wikipedia.org/wiki/Outlook_Web_App" rel="nofollow">Outlook Web App</a> <br/>
<a href="http://en.wikipedia.org/wiki/IBM_Lotus_iNotes" class="urlextern" title="http://en.wikipedia.org/wiki/IBM_Lotus_iNotes" rel="nofollow">IBM Lotus iNotes</a> </td><td class="col1 centeralign"> <a href="http://www.lambdaprobe.org" class="urlextern" title="http://www.lambdaprobe.org" rel="nofollow">Probe</a> <br/>
<a href="http://fr.lutece.paris.fr" class="urlextern" title="http://fr.lutece.paris.fr" rel="nofollow">Lutece</a> </td><td class="col2"> </td>
</tr>
</table></div>
<!-- EDIT16 TABLE [1870-2361] -->
</div>
<!-- EDIT15 SECTION "Connectors" [1846-2362] -->
<h2 class="sectionedit17" id="saml_connectors">SAML connectors</h2>
<div class="level2">
<div class="noteclassic">This requires to configure <abbr title="LemonLDAP::NG">LL::NG</abbr> as an <a href="idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">SAML Identity Provider</a>.
</div><div class="table sectionedit18"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Google Apps </th><th class="col1 centeralign"> Cornerstone </th><th class="col2 centeralign"> SalesForce </th><th class="col3 centeralign"> simpleSAMLphp </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/googleapps.html" class="media" title="documentation:2.0:applications:googleapps"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/cornerstone.html" class="media" title="documentation:2.0:applications:cornerstone"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a> </td><td class="col2 centeralign"> <a href="applications/salesforce.html" class="media" title="documentation:2.0:applications:salesforce"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a> </td><td class="col3 centeralign"> <a href="applications/simplesamlphp.html" class="media" title="documentation:2.0:applications:simplesamlphp"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a> </td>
</tr>
<tr class="row2 roweven">
<th class="col0 centeralign"> NextCloud </th><th class="col1 leftalign"> </th><th class="col2 leftalign"> </th><th class="col3 leftalign"> </th>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> <a href="applications/nextcloud.html" class="media" title="documentation:2.0:applications:nextcloud"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 leftalign"> </td><td class="col2 leftalign"> </td><td class="col3 leftalign"> </td>
</tr>
</table></div>
<!-- EDIT18 TABLE [2482-2957] -->
</div>
<!-- EDIT17 SECTION "SAML connectors" [2363-] --></div>
</body>
</html>
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:applications:alfresco</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,alfresco"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="alfresco.html"/>
<link rel="contents" href="alfresco.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:alfresco","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script>
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Presentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#alfresco1">Alfresco</a></div></li>
<li class="level2"><div class="li"><a href="#llng">LL::NG</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#other_resources">Other resources</a></div></li>
</ul>
</div>
</div>
<!-- TOC END -->
<h1 class="sectionedit1" id="alfresco">Alfresco</h1>
<div class="level1">
<p>
<img src="alfresco_logo.png" class="mediacenter" alt="" />
</p>
</div>
<!-- EDIT1 SECTION "Alfresco" [1-71] -->
<h2 class="sectionedit2" id="presentation">Presentation</h2>
<div class="level2">
<p>
<a href="https://www.alfresco.com/" class="urlextern" title="https://www.alfresco.com/" rel="nofollow">Alfresco</a> is an ECM/BPM software.
</p>
<p>
Since 4.0 release, it offers an easy way to configure <abbr title="Single Sign On">SSO</abbr> thanks to authentication subsystems.
</p>
<div class="noteimportant">If you use an older version, you need to refer to the following documentation: <a href="https://wiki.alfresco.com/wiki/SSO" class="urlextern" title="https://wiki.alfresco.com/wiki/SSO" rel="nofollow">https://wiki.alfresco.com/wiki/SSO</a>
</div>
</div>
<!-- EDIT2 SECTION "Presentation" [72-395] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div>
<!-- EDIT3 SECTION "Configuration" [396-422] -->
<h3 class="sectionedit4" id="alfresco1">Alfresco</h3>
<div class="level3">
<div class="notetip">The official documentation can be found here: <a href="http://docs.alfresco.com/4.0/tasks/auth-alfrescoexternal-sso.html" class="urlextern" title="http://docs.alfresco.com/4.0/tasks/auth-alfrescoexternal-sso.html" rel="nofollow">http://docs.alfresco.com/4.0/tasks/auth-alfrescoexternal-sso.html</a>
</div>
<p>
You need to find the following files in your Alfresco installation:
</p>
<ul>
<li class="level1"><div class="li"> <code>alfresco-global.properties</code> (ex: <code>tomcat/shared/classes/alfresco-global.properties</code>)</div>
</li>
<li class="level1"><div class="li"> <code>share-config-custom.xml</code> (ex: <code>tomcat/shared/classes/alfresco/web-extension/share-config-custom.xml</code>)</div>
</li>
</ul>
<p>
The first will allow to configure <abbr title="Single Sign On">SSO</abbr> for the alfresco webapp, and the other for the share webapp.
</p>
<p>
Edit first <code>alfresco-global.properties</code> and add the following:
</p>
<pre class="code file java">### SSO ###
authentication.<span class="me1">chain</span><span class="sy0">=</span>external1<span class="sy0">:</span>external
external.<span class="me1">authentication</span>.<span class="me1">enabled</span><span class="sy0">=</span><span class="kw2">true</span>
external.<span class="me1">authentication</span>.<span class="me1">defaultAdministratorUserNames</span><span class="sy0">=</span>
external.<span class="me1">authentication</span>.<span class="me1">proxyUserName</span><span class="sy0">=</span>
external.<span class="me1">authentication</span>.<span class="me1">proxyHeader</span><span class="sy0">=</span>Auth<span class="sy0">-</span>User
external.<span class="me1">authentication</span>.<span class="me1">userIdPattern</span><span class="sy0">=</span></pre>
<p>
Edit then <code>share-config-custom.xml</code> and uncomment the last part. In the <code>&lt;endpoint&gt;</code>, change <code>&lt;connector-id&gt;</code> value to <code>alfrescoHeader</code> and change the <code>&lt;userHeader&gt;</code> value to <code>Auth-User</code>:
</p>
<pre class="code file xml"> <span class="sc3"><span class="re1">&lt;config</span> <span class="re0">evaluator</span>=<span class="st0">&quot;string-compare&quot;</span> <span class="re0">condition</span>=<span class="st0">&quot;Remote&quot;</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;remote<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;keystore<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>alfresco/web-extension/alfresco-system.p12<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;type<span