Commit ae1835b6 authored by Yadd's avatar Yadd
Browse files

Update doc

parent ca399ab5
...@@ -90,7 +90,7 @@ ...@@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form> <form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav"> <ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=d4fe5585dec923939be5e0ea38da2802" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul> <li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=fa0cc1a85fc0d1baf3a61bfee1cba736" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div> </div>
...@@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio ...@@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site --> </div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1505393484" width="2" height="1" alt="" /></div> <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1508842909" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no"> <div id="screen__mode" class="no">
<span class="visible-xs"></span> <span class="visible-xs"></span>
<span class="visible-sm"></span> <span class="visible-sm"></span>
......
...@@ -90,7 +90,7 @@ ...@@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form> <form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav"> <ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=d4fe5585dec923939be5e0ea38da2802" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul> <li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=fa0cc1a85fc0d1baf3a61bfee1cba736" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div> </div>
...@@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio ...@@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site --> </div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1505393484" width="2" height="1" alt="" /></div> <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1508842909" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no"> <div id="screen__mode" class="no">
<span class="visible-xs"></span> <span class="visible-xs"></span>
<span class="visible-sm"></span> <span class="visible-sm"></span>
......
...@@ -135,6 +135,8 @@ Each module that will be used in combination rule must be declared. You must set ...@@ -135,6 +135,8 @@ Each module that will be used in combination rule must be declared. You must set
</li> </li>
</ul> </ul>
</li> </li>
<li class="level1"><div class="li"> overwritten parameters: you can redefine any LLNG string parameter. For example, if you use 2 different LDAP, the first can use normal configuration and for the second, overwritten parameter can redefine ldapServer,…</div>
</li>
</ul> </ul>
<p> <p>
...@@ -143,23 +145,23 @@ For example: ...@@ -143,23 +145,23 @@ For example:
<div class="table sectionedit6"><table class="inline table table-bordered table-striped"> <div class="table sectionedit6"><table class="inline table table-bordered table-striped">
<thead> <thead>
<tr class="row0 roweven"> <tr class="row0 roweven">
<th class="col0"> Name </th><th class="col1"> Type </th><th class="col2"> Scope </th> <th class="col0"> Name </th><th class="col1"> Type </th><th class="col2"> Scope </th><th class="col3"> Parameters </th>
</tr> </tr>
</thead> </thead>
<tr class="row1 rowodd"> <tr class="row1 rowodd">
<td class="col0"> DB1 </td><td class="col1"> <abbr title="Database Interface">DBI</abbr> </td><td class="col2"> Auth only </td> <td class="col0"> DB1 </td><td class="col1"> <abbr title="Database Interface">DBI</abbr> </td><td class="col2"> Auth only </td><td class="col3"> </td>
</tr> </tr>
<tr class="row2 roweven"> <tr class="row2 roweven">
<td class="col0"> DB2 </td><td class="col1"> <abbr title="Database Interface">DBI</abbr> </td><td class="col2"> User DB only </td> <td class="col0"> DB2 </td><td class="col1"> <abbr title="Database Interface">DBI</abbr> </td><td class="col2"> User DB only </td><td class="col3"> dbiAuthChain ⇒ “mysql:…” </td>
</tr> </tr>
</table></div> </table></div>
<!-- EDIT6 TABLE [811-889] --> <!-- EDIT6 TABLE [1034-1157] -->
<p> <p>
Usually, you can&#039;t declare two modules of the same type if they don&#039;t have the same parameters. For example, usually you can&#039;t declare a MySQL <abbr title="Database Interface">DBI</abbr> and a PostgreSQL <abbr title="Database Interface">DBI</abbr>, because there is no extra field for PostgreSQL parameters. Now with Combination, you can declare some overloaded parameters. For example, if <abbr title="Database Interface">DBI</abbr> is configured to use PostgreSQL but DB2 is a MySQL DB, you can override the “dbiChain” parameter. Usually, you can&#039;t declare two modules of the same type if they don&#039;t have the same parameters. For example, usually you can&#039;t declare a MySQL <abbr title="Database Interface">DBI</abbr> and a PostgreSQL <abbr title="Database Interface">DBI</abbr>, because there is no extra field for PostgreSQL parameters. Now with Combination, you can declare some overloaded parameters. For example, if <abbr title="Database Interface">DBI</abbr> is configured to use PostgreSQL but DB2 is a MySQL DB, you can override the “dbiChain” parameter.
</p> </p>
</div> </div>
<!-- EDIT5 SECTION "Modules declaration" [516-1303] --> <!-- EDIT5 SECTION "Modules declaration" [516-1571] -->
<h3 class="sectionedit7" id="rule_chain">Rule chain</h3> <h3 class="sectionedit7" id="rule_chain">Rule chain</h3>
<div class="level3"> <div class="level3">
...@@ -206,7 +208,7 @@ Remember that schemes in rules are the names declared above. ...@@ -206,7 +208,7 @@ Remember that schemes in rules are the names declared above.
<td class="col0 leftalign"> <code>[mySSL and myLDAP, myLDAP ]</code> </td><td class="col1"> Use mySSL and myLDAP to authentify, myLDAP to get user </td> <td class="col0 leftalign"> <code>[mySSL and myLDAP, myLDAP ]</code> </td><td class="col1"> Use mySSL and myLDAP to authentify, myLDAP to get user </td>
</tr> </tr>
</table></div> </table></div>
<!-- EDIT8 TABLE [1757-2188] --><div class="noteimportant">Note that “or” can&#039;t be used inside a scheme. <!-- EDIT8 TABLE [2025-2456] --><div class="noteimportant">Note that “or” can&#039;t be used inside a scheme.
If you think to “[mySSL or myLDAP, myLDAP]”, you must write <code>[mySSL, myLDAP] or [myLDAP, myLDAP]</code> If you think to “[mySSL or myLDAP, myLDAP]”, you must write <code>[mySSL, myLDAP] or [myLDAP, myLDAP]</code>
</div><div class="table sectionedit9"><table class="inline table table-bordered table-striped"> </div><div class="table sectionedit9"><table class="inline table table-bordered table-striped">
...@@ -222,7 +224,7 @@ If you think to “[mySSL or myLDAP, myLDAP]”, you must write <code>[mySSL, my ...@@ -222,7 +224,7 @@ If you think to “[mySSL or myLDAP, myLDAP]”, you must write <code>[mySSL, my
<td class="col0"> <code>[myDBI1] and [myDBI2] or [myLDAP] and [myDBI2]</code> </td><td class="col1"> Try myDBI1 and myDBI2, if it fails, try myLDAP and myDBI2 </td> <td class="col0"> <code>[myDBI1] and [myDBI2] or [myLDAP] and [myDBI2]</code> </td><td class="col1"> Try myDBI1 and myDBI2, if it fails, try myLDAP and myDBI2 </td>
</tr> </tr>
</table></div> </table></div>
<!-- EDIT9 TABLE [2361-2605] --><div class="noteimportant">You can&#039;t use brackets in a boolean expression and “and” has precedence on “or”. <!-- EDIT9 TABLE [2629-2873] --><div class="noteimportant">You can&#039;t use brackets in a boolean expression and “and” has precedence on “or”.
<p> <p>
If you think to “( [myLDAP] or [myDBI1] ) and [myDBI2]”, you must write <code>[myLDAP] and [myDBI2] or [myDBI1] and [myDBI2]</code> If you think to “( [myLDAP] or [myDBI1] ) and [myDBI2]”, you must write <code>[myLDAP] and [myDBI2] or [myDBI1] and [myDBI2]</code>
</p> </p>
...@@ -249,7 +251,7 @@ Test can use only the <code>$env</code> variable. It contains the FastCGI enviro ...@@ -249,7 +251,7 @@ Test can use only the <code>$env</code> variable. It contains the FastCGI enviro
<td class="col0"> <code>if($env→{REMOTE_ADDR} =~ /^10\./) then [myLDAP] else if($env→{REMOTE_ADDR} =~ /^192/) then [myDBI1] else [myDBI2]</code> </td><td class="col1"> Chain tests </td> <td class="col0"> <code>if($env→{REMOTE_ADDR} =~ /^10\./) then [myLDAP] else if($env→{REMOTE_ADDR} =~ /^192/) then [myDBI1] else [myDBI2]</code> </td><td class="col1"> Chain tests </td>
</tr> </tr>
</table></div> </table></div>
<!-- EDIT10 TABLE [2941-3263] --><div class="noteimportant">Note that brackets can&#039;t be used except to enclose test. <!-- EDIT10 TABLE [3209-3531] --><div class="noteimportant">Note that brackets can&#039;t be used except to enclose test.
<p> <p>
If you wants to write <code>if(…) then if…</code>, you must write <code>if(not …) then … else if(…)…</code> If you wants to write <code>if(…) then if…</code>, you must write <code>if(not …) then … else if(…)…</code>
</p> </p>
...@@ -269,7 +271,7 @@ The following rule is valid: ...@@ -269,7 +271,7 @@ The following rule is valid:
</p> </p>
</div> </div>
<!-- EDIT7 SECTION "Rule chain" [1304-3610] --> <!-- EDIT7 SECTION "Rule chain" [1572-3878] -->
<h3 class="sectionedit11" id="combine_second_factor">Combine second factor</h3> <h3 class="sectionedit11" id="combine_second_factor">Combine second factor</h3>
<div class="level3"> <div class="level3">
...@@ -294,7 +296,7 @@ Now if you want to authenticate users either by LDAP or LDAP+U2F <em>(to have 2 ...@@ -294,7 +296,7 @@ Now if you want to authenticate users either by LDAP or LDAP+U2F <em>(to have 2
</ul> </ul>
</div> </div>
<!-- EDIT11 SECTION "Combine second factor" [3611-4260] --> <!-- EDIT11 SECTION "Combine second factor" [3879-4528] -->
<h3 class="sectionedit12" id="display_multiple_forms">Display multiple forms</h3> <h3 class="sectionedit12" id="display_multiple_forms">Display multiple forms</h3>
<div class="level3"> <div class="level3">
...@@ -305,12 +307,12 @@ Combination module returns the form corresponding to the first authentication sc ...@@ -305,12 +307,12 @@ Combination module returns the form corresponding to the first authentication sc
<span class="re1">combinationForms</span> <span class="sy0">=</span><span class="re2"> standardform, openidform</span></pre> <span class="re1">combinationForms</span> <span class="sy0">=</span><span class="re2"> standardform, openidform</span></pre>
</div> </div>
<!-- EDIT12 SECTION "Display multiple forms" [4261-4589] --> <!-- EDIT12 SECTION "Display multiple forms" [4529-4857] -->
<h2 class="sectionedit13" id="known_problems">Known problems</h2> <h2 class="sectionedit13" id="known_problems">Known problems</h2>
<div class="level2"> <div class="level2">
</div> </div>
<!-- EDIT13 SECTION "Known problems" [4590-4617] --> <!-- EDIT13 SECTION "Known problems" [4858-4885] -->
<h3 class="sectionedit14" id="federation_protocols">Federation protocols</h3> <h3 class="sectionedit14" id="federation_protocols">Federation protocols</h3>
<div class="level3"> <div class="level3">
...@@ -330,9 +332,9 @@ Combination module returns the form corresponding to the first authentication sc ...@@ -330,9 +332,9 @@ Combination module returns the form corresponding to the first authentication sc
<td class="col0"> <em><code>[<abbr title="Security Assertion Markup Language">SAML</abbr>] and [LDAP] or [LDAP]</code></em> </td><td class="col1"> <code>[<abbr title="Security Assertion Markup Language">SAML</abbr>, <abbr title="Security Assertion Markup Language">SAML</abbr> and LDAP] or [LDAP]</code> </td><td class="col2"> Authentication is done by <abbr title="Security Assertion Markup Language">SAML</abbr> or LDAP but user must match an LDAP entry </td> <td class="col0"> <em><code>[<abbr title="Security Assertion Markup Language">SAML</abbr>] and [LDAP] or [LDAP]</code></em> </td><td class="col1"> <code>[<abbr title="Security Assertion Markup Language">SAML</abbr>, <abbr title="Security Assertion Markup Language">SAML</abbr> and LDAP] or [LDAP]</code> </td><td class="col2"> Authentication is done by <abbr title="Security Assertion Markup Language">SAML</abbr> or LDAP but user must match an LDAP entry </td>
</tr> </tr>
</table></div> </table></div>
<!-- EDIT15 TABLE [4917-5249] --> <!-- EDIT15 TABLE [5185-5517] -->
</div> </div>
<!-- EDIT14 SECTION "Federation protocols" [4618-5250] --> <!-- EDIT14 SECTION "Federation protocols" [4886-5518] -->
<h3 class="sectionedit16" id="authapache_authentication">Auth::Apache authentication</h3> <h3 class="sectionedit16" id="authapache_authentication">Auth::Apache authentication</h3>
<div class="level3"> <div class="level3">
...@@ -350,7 +352,7 @@ To bypass this, follow the documentation of <a href="authapache.html" class="wik ...@@ -350,7 +352,7 @@ To bypass this, follow the documentation of <a href="authapache.html" class="wik
</p> </p>
</div> </div>
<!-- EDIT16 SECTION "Auth::Apache authentication" [5251-5862] --> <!-- EDIT16 SECTION "Auth::Apache authentication" [5519-6130] -->
<h3 class="sectionedit17" id="ssl_authentication">SSL authentication</h3> <h3 class="sectionedit17" id="ssl_authentication">SSL authentication</h3>
<div class="level3"> <div class="level3">
...@@ -359,6 +361,6 @@ To chain SSL, you have to set “SSLRequire optional” in Apache configuration, ...@@ -359,6 +361,6 @@ To chain SSL, you have to set “SSLRequire optional” in Apache configuration,
</p> </p>
</div> </div>
<!-- EDIT17 SECTION "SSL authentication" [5863-] --></div> <!-- EDIT17 SECTION "SSL authentication" [6131-] --></div>
</body> </body>
</html> </html>
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
<meta charset="utf-8" /> <meta charset="utf-8" />
<title>documentation:2.0:configlocation</title> <title>documentation:2.0:configlocation</title>
<meta name="generator" content="DokuWiki"/> <meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/> <meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,configlocation"/> <meta name="keywords" content="documentation,2.0,configlocation"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/> <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="configlocation.html"/> <link rel="start" href="configlocation.html"/>
......
...@@ -74,11 +74,11 @@ ...@@ -74,11 +74,11 @@
<div class="level2"> <div class="level2">
<p> <p>
To use Nginx, you must install LemonLDAP::NG FastCGI server, which is not installed by default lemonldap-ng metapackage. To use Nginx, you must install LemonLDAP::NG FastCGI server, which is not installed by lemonldap-ng metapackage.
</p> </p>
</div> </div>
<!-- EDIT2 SECTION "FastCGI server" [43-192] --> <!-- EDIT2 SECTION "FastCGI server" [43-184] -->
<h3 class="sectionedit3" id="debianubuntu">Debian/Ubuntu</h3> <h3 class="sectionedit3" id="debianubuntu">Debian/Ubuntu</h3>
<div class="level3"> <div class="level3">
<pre class="code">apt install lemonldap-ng-fastcgi-server</pre> <pre class="code">apt install lemonldap-ng-fastcgi-server</pre>
...@@ -90,7 +90,7 @@ Enable and start the service : ...@@ -90,7 +90,7 @@ Enable and start the service :
systemctl start llng-fastcgi-server</pre> systemctl start llng-fastcgi-server</pre>
</div> </div>
<!-- EDIT3 SECTION "Debian/Ubuntu" [193-393] --> <!-- EDIT3 SECTION "Debian/Ubuntu" [185-385] -->
<h3 class="sectionedit4" id="red_hatcentos">Red Hat/CentOS</h3> <h3 class="sectionedit4" id="red_hatcentos">Red Hat/CentOS</h3>
<div class="level3"> <div class="level3">
<pre class="code">yum install lemonldap-ng-fastcgi-server</pre> <pre class="code">yum install lemonldap-ng-fastcgi-server</pre>
...@@ -102,7 +102,7 @@ Enable and start the service : ...@@ -102,7 +102,7 @@ Enable and start the service :
systemctl start llng-fastcgi-server</pre> systemctl start llng-fastcgi-server</pre>
</div> </div>
<!-- EDIT4 SECTION "Red Hat/CentOS" [394-595] --> <!-- EDIT4 SECTION "Red Hat/CentOS" [386-587] -->
<h2 class="sectionedit5" id="files">Files</h2> <h2 class="sectionedit5" id="files">Files</h2>
<div class="level2"> <div class="level2">
...@@ -115,7 +115,7 @@ You have to include them in Nginx main configuration. ...@@ -115,7 +115,7 @@ You have to include them in Nginx main configuration.
</p> </p>
</div> </div>
<!-- EDIT5 SECTION "Files" [596-818] --> <!-- EDIT5 SECTION "Files" [588-810] -->
<h3 class="sectionedit6" id="debianubuntu1">Debian/Ubuntu</h3> <h3 class="sectionedit6" id="debianubuntu1">Debian/Ubuntu</h3>
<div class="level3"> <div class="level3">
...@@ -136,7 +136,7 @@ ln -s /etc/nginx/sites-available/portal-nginx.conf /etc/nginx/sites-enabled/ ...@@ -136,7 +136,7 @@ ln -s /etc/nginx/sites-available/portal-nginx.conf /etc/nginx/sites-enabled/
ln -s /etc/nginx/sites-available/test-nginx.conf /etc/nginx/sites-enabled/</pre> ln -s /etc/nginx/sites-available/test-nginx.conf /etc/nginx/sites-enabled/</pre>
</div> </div>
<!-- EDIT6 SECTION "Debian/Ubuntu" [819-1577] --> <!-- EDIT6 SECTION "Debian/Ubuntu" [811-1569] -->
<h3 class="sectionedit7" id="red_hatcentos1">Red Hat/CentOS</h3> <h3 class="sectionedit7" id="red_hatcentos1">Red Hat/CentOS</h3>
<div class="level3"> <div class="level3">
...@@ -149,6 +149,6 @@ ln -s /etc/lemonldap-ng/portal-nginx.conf /etc/nginx/conf.d/ ...@@ -149,6 +149,6 @@ ln -s /etc/lemonldap-ng/portal-nginx.conf /etc/nginx/conf.d/
ln -s /etc/lemonldap-ng/test-nginx.conf /etc/nginx/conf.d/</pre> ln -s /etc/lemonldap-ng/test-nginx.conf /etc/nginx/conf.d/</pre>
</div> </div>
<!-- EDIT7 SECTION "Red Hat/CentOS" [1578-] --></div> <!-- EDIT7 SECTION "Red Hat/CentOS" [1570-] --></div>
</body> </body>
</html> </html>
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
<meta charset="utf-8" /> <meta charset="utf-8" />
<title>documentation:2.0:configvhost</title> <title>documentation:2.0:configvhost</title>
<meta name="generator" content="DokuWiki"/> <meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/> <meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,configvhost"/> <meta name="keywords" content="documentation,2.0,configvhost"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/> <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="configvhost.html"/> <link rel="start" href="configvhost.html"/>
...@@ -368,11 +368,11 @@ server { ...@@ -368,11 +368,11 @@ server {
<div class="level2"> <div class="level2">
<p> <p>
An apache virtual host protected by LemonLDAP::NG Handler must be registered in LemonLDAP::NG configuration. A virtual host protected by LemonLDAP::NG Handler must be registered in LemonLDAP::NG configuration.
</p> </p>
<p> <p>
To do this, use the Manager, and go in <code>Virtual Hosts</code> branch. You can add, delete or modify a virtual host here. To do this, use the Manager, and go in <code>Virtual Hosts</code> branch. You can add, delete or modify a virtual host here. Enter the exact virtual host name (for example <code>test.example.com</code>) or use a wildcard (for example <code>*.example.com</code>).
</p> </p>
<p> <p>
...@@ -390,7 +390,7 @@ A virtual host contains: ...@@ -390,7 +390,7 @@ A virtual host contains:
</ul> </ul>
</div> </div>
<!-- EDIT9 SECTION "LemonLDAP::NG configuration" [7862-8349] --> <!-- EDIT9 SECTION "LemonLDAP::NG configuration" [7862-8461] -->
<h3 class="sectionedit10" id="access_rules_and_http_headers">Access rules and HTTP headers</h3> <h3 class="sectionedit10" id="access_rules_and_http_headers">Access rules and HTTP headers</h3>
<div class="level3"> <div class="level3">
...@@ -399,7 +399,7 @@ See <strong><a href="writingrulesand_headers.html" class="wikilink1" title="docu ...@@ -399,7 +399,7 @@ See <strong><a href="writingrulesand_headers.html" class="wikilink1" title="docu
</p> </p>
</div> </div>
<!-- EDIT10 SECTION "Access rules and HTTP headers" [8350-8542] --> <!-- EDIT10 SECTION "Access rules and HTTP headers" [8462-8654] -->
<h3 class="sectionedit11" id="post_data">POST data</h3> <h3 class="sectionedit11" id="post_data">POST data</h3>
<div class="level3"> <div class="level3">
...@@ -408,7 +408,7 @@ See <strong><a href="formreplay.html" class="wikilink1" title="documentation:2.0 ...@@ -408,7 +408,7 @@ See <strong><a href="formreplay.html" class="wikilink1" title="documentation:2.0
</p> </p>
</div> </div>
<!-- EDIT11 SECTION "POST data" [8543-8677] --> <!-- EDIT11 SECTION "POST data" [8655-8789] -->
<h3 class="sectionedit12" id="options">Options</h3> <h3 class="sectionedit12" id="options">Options</h3>
<div class="level3"> <div class="level3">
...@@ -429,6 +429,6 @@ These options are used to build redirection <abbr title="Uniform Resource Locato ...@@ -429,6 +429,6 @@ These options are used to build redirection <abbr title="Uniform Resource Locato
</p> </p>
</div> </div>
<!-- EDIT12 SECTION "Options" [8678-] --></div> <!-- EDIT12 SECTION "Options" [8790-] --></div>
</body> </body>
</html> </html>
...@@ -54,8 +54,8 @@ ...@@ -54,8 +54,8 @@
<ul class="toc"> <ul class="toc">
<li class="level2"><div class="li"><a href="#declare_module_in_handler_server">Declare module in handler server</a></div> <li class="level2"><div class="li"><a href="#declare_module_in_handler_server">Declare module in handler server</a></div>
<ul class="toc"> <ul class="toc">
<li class="level3"><div class="li"><a href="#apache">Apache</a></div></li> <li class="level3"><div class="li"><a href="#new_method">New method</a></div></li>
<li class="level3"><div class="li"><a href="#fastcgi_server_nginx">FastCGI server (Nginx)</a></div></li> <li class="level3"><div class="li"><a href="#old_method">Old method</a></div></li>
</ul> </ul>
</li> </li>
<li class="level2"><div class="li"><a href="#declare_custom_functions">Declare custom functions</a></div></li> <li class="level2"><div class="li"><a href="#declare_custom_functions">Declare custom functions</a></div></li>
...@@ -106,9 +106,28 @@ Create your Perl module with custom functions. You can name your module as you w ...@@ -106,9 +106,28 @@ Create your Perl module with custom functions. You can name your module as you w
</div> </div>
<h4 id="apache">Apache</h4> <h4 id="new_method">New method</h4>
<div class="level4"> <div class="level4">
<p>
Just declare files or Perl module that must be loaded:
</p>
<pre class="code file :ini"><span class="re0"><span class="br0">&#91;</span>all<span class="br0">&#93;</span></span>
<span class="re1">require</span> <span class="sy0">=</span><span class="re2"> /path/to/functions.pl, /path/to/func2.pm</span>
# OR
<span class="re1">require</span> <span class="sy0">=</span><span class="re2"> My::Func1, My::Func2</span></pre>
</div>
<h4 id="old_method">Old method</h4>
<div class="level4">
<div class="notewarning">This method is available but unusable by Portal under Apache. So if your rule may be used by the menu, use the new method.
</div>
</div>
<h5 id="apache">Apache</h5>
<div class="level5">
<p> <p>
Your module has to be loaded by Apache (for example after Handler load): Your module has to be loaded by Apache (for example after Handler load):
</p> </p>
...@@ -119,8 +138,8 @@ PerlOptions +GlobalRequest</pre> ...@@ -119,8 +138,8 @@ PerlOptions +GlobalRequest</pre>
</div> </div>
<h4 id="fastcgi_server_nginx">FastCGI server (Nginx)</h4> <h5 id="fastcgi_server_nginx">FastCGI server (Nginx)</h5>
<div class="level4"> <div class="level5">
<p> <p>
You&#039;ve just to incicate to <a href="fastcgiserver.html" class="wikilink1" title="documentation:2.0:fastcgiserver">LLNG FastCGI server</a> the file to read using either <code>-f</code> option or <code>CUSTOM_FUNCTIONS_FILE</code> environment variable. Using packages, you just have to modify your <code>/etc/default/llng-fastcgi-server</code> (or <code>/etc/default/lemonldap-ng-fastcgi-server</code>) file: You&#039;ve just to incicate to <a href="fastcgiserver.html" class="wikilink1" title="documentation:2.0:fastcgiserver">LLNG FastCGI server</a> the file to read using either <code>-f</code> option or <code>CUSTOM_FUNCTIONS_FILE</code> environment variable. Using packages, you just have to modify your <code>/etc/default/llng-fastcgi-server</code> (or <code>/etc/default/lemonldap-ng-fastcgi-server</code>) file:
...@@ -142,7 +161,7 @@ GROUP=www-data ...@@ -142,7 +161,7 @@ GROUP=www-data
CUSTOM_FUNCTIONS_FILE=/root/SSOExtensions.pm</pre> CUSTOM_FUNCTIONS_FILE=/root/SSOExtensions.pm</pre>
</div> </div>
<!-- EDIT4 SECTION "Declare module in handler server" [609-1543] --> <!-- EDIT4 SECTION "Declare module in handler server" [609-1892] -->
<h3 class="sectionedit5" id="declare_custom_functions">Declare custom functions</h3> <h3 class="sectionedit5" id="declare_custom_functions">Declare custom functions</h3>
<div class="level3"> <div class="level3">
...@@ -153,7 +172,7 @@ Go in Manager, <code>General Parameters</code> » <code>Advanced Parameters</cod ...@@ -153,7 +172,7 @@ Go in Manager, <code>General Parameters</code> » <code>Advanced Parameters</cod
<div class="noteimportant">If your function is not compliant with <a href="safejail.html" class="wikilink1" title="documentation:2.0:safejail">Safe jail</a>, you will need to disable the jail. <div class="noteimportant">If your function is not compliant with <a href="safejail.html" class="wikilink1" title="documentation:2.0:safejail">Safe jail</a>, you will need to disable the jail.
</div> </div>
</div> </div>
<!-- EDIT5 SECTION "Declare custom functions" [1544-1840] --> <!-- EDIT5 SECTION "Declare custom functions" [1893-2189] -->
<h2 class="sectionedit6" id="use_it">Use it</h2> <h2 class="sectionedit6" id="use_it">Use it</h2>
<div class="level2"> <div class="level2">
...@@ -163,6 +182,6 @@ You can now use your function in a macro, an header or an access rule, for examp ...@@ -163,6 +182,6 @@ You can now use your function in a macro, an header or an access rule, for examp
<pre class="code">Custom-Header =&gt; function1( $uid, $ENV{REMOTE_ADDR} )</pre> <pre class="code">Custom-Header =&gt; function1( $uid, $ENV{REMOTE_ADDR} )</pre>
</div> </div>
<!-- EDIT6 SECTION "Use it" [1841-] --></div> <!-- EDIT6 SECTION "Use it" [2190-] --></div>
</body> </body>
</html> </html>
...@@ -47,6 +47,11 @@ ...@@ -47,6 +47,11 @@
<h1 class="sectionedit1" id="convert_http_header_into_environment_variable">Convert HTTP header into environment variable</h1> <h1 class="sectionedit1" id="convert_http_header_into_environment_variable">Convert HTTP header into environment variable</h1>
<div class="level1"> <div class="level1">
</div>
<!-- EDIT1 SECTION "Convert HTTP header into environment variable" [1-61] -->
<h2 class="sectionedit2" id="apache">Apache</h2>
<div class="level2">
<p> <p>
Using <abbr title="LemonLDAP::NG">LL::NG</abbr> in reverse proxy mode, you will not have the <code>REMOTE_USER</code> environment variable set. Indeed, this variable is set by the Handler on the physical server hosting the Handler, and not on other servers where the Handler is not installed. Using <abbr title="LemonLDAP::NG">LL::NG</abbr> in reverse proxy mode, you will not have the <code>REMOTE_USER</code> environment variable set. Indeed, this variable is set by the Handler on the physical server hosting the Handler, and not on other servers where the Handler is not installed.
</p> </p>
...@@ -95,6 +100,17 @@ Of course, you need to <a href="passwordstore.html" class="wikilink1" title="doc ...@@ -95,6 +100,17 @@ Of course, you need to <a href="passwordstore.html" class="wikilink1" title="doc
</div> </div>
</div> </div>
<!-- EDIT2 SECTION "Apache" [62-1756] -->
<h2 class="sectionedit3" id="nginx">Nginx</h2>
<div class="level2">
<p>
Nginx doesn&#039;t launch directly PHP pages (or other languages): it dials with FastCGI servers (like php-fpm). As you can see in examples, it&#039;s easy to map a LLNG header to a fastcgi param. Example:
</p>
<pre class="code file nginx">auth_request_set $authuser $upstream_http_auth_user;
fastcgi_param HTTP_MYVAR $authuser;</pre>
</div> </div>
<!-- EDIT3 SECTION "Nginx" [1757-] --></div>
</body> </body>
</html> </html>
...@@ -60,7 +60,7 @@ ...@@ -60,7 +60,7 @@
<li class="level1"><div class="li"><a href="#package_gpg_signature">Package GPG signature</a></div></li> <li class="level1"><div class="li"><a href="#package_gpg_signature">Package GPG signature</a></div></li>
<li class="level1"><div class="li"><a href="#install_packages">Install packages</a></div> <li class="level1"><div class="li"><a href="#install_packages">Install packages</a></div>
<ul class="toc"> <ul class="toc">
<li class="level2"><div class="li"><a href="#with_aptitude">With aptitude</a></div></li> <li class="level2"><div class="li"><a href="#with_apt">With apt</a></div></li>