Portal: move configuration documentation from script to ini file

build/lemonldap-ng/Makefile

@@ -257,7 +257,6 @@ install_site:	install_manager_site install_portal_site install_handler_site inst
 	@echo "3 - Run 'make postconf' as root to update /etc/hosts" if your DNS service does not known auth.$(DNSDOMAIN) and manager.$(DNSDOMAIN)
 	@echo
 	@echo "4 - Use the manager at http://manager.${DNSDOMAIN}/ (after Apache restart) to modify LemonLDAP::NG configuration."
-	@echo "    Edit ${RCONFDIR}/apps/apps-list.xml to modify the menu."
 	@echo
 	@echo "5 - Try to connect to http://test1.${DNSDOMAIN}/ or http://test2.${DNSDOMAIN}/"
 	@if [ ! "$(APACHEUSER)" ]; then \
@@ -317,11 +316,6 @@ install_portal_site:	install_conf_dir
 			ln -s $(PORTALSKINSDIR)/$$skin $(RPORTALDIR)/skins/$$skin; \
 		done; \
 	fi
-	# Applications list install if erase configuration is needed
-	@if [ "$(ERASECONFIG)" -eq "1" ]; then \
-		cp --remove-destination _example/etc/apps-list* $(RCONFDIR); \
-	fi
-	@$(PERL) -i -pe 's/__DNSDOMAIN__/$(DNSDOMAIN)/g' $(RCONFDIR)/apps-list.xml
 	# L-A portal install
 	@cp -pR --remove-destination ${SRCPORTALDIR}/example/AuthLA/* $(RLASPPORTALDIR)
 	@$(PERL) -i -pe 's#__DIR__#$(LASPPORTALDIR)/#g' $(RLASPPORTALDIR)/index.pl
@@ -361,9 +355,7 @@ install_examples_site:
 		$(REXAMPLESDIR)/manager/images \
 	@rm -rf $$(find $(REXAMPLESDIR) -type d -name .svn)
 	@$(PERL) -i -pe 's#__DIR__#$(LASPPORTALDIR)#g' $(REXAMPLESDIR)/portal/AuthLA/index.pl
-	@$(PERL) -i -pe 's#__SKINDIR__#$(PORTALDIR)/skins#; \
-		s#__APPSXMLFILE__#$(CONFDIR)/apps-list.xml#; \
-		s#__SESSIONDIR__#$(APACHESESSIONFILEDIR)/#g;' $(REXAMPLESDIR)/portal/*.pl
+	@$(PERL) -i -pe 's#__SESSIONDIR__#$(APACHESESSIONFILEDIR)/#g;' $(REXAMPLESDIR)/portal/*.pl
 
 install_doc_site:
 	@install -v -d $(RDOCDIR)

modules/lemonldap-ng-common/lemonldap-ng.ini

@@ -18,7 +18,15 @@
 #==============================================================================
 
 [all]
-;cda = 1
+# CUSTOM FUNCTION
+# If you want to create customFunctions in rules, declare them here:
+;customFunctions    => 'function1 function2',
+;customFunctions    => 'Package::func1 Package::func2',
+
+# CROSS-DOMAIN
+# If you have some handlers that are not registered on the main domain,
+# uncomment this
+;cda => 1,
 
 [configuration]
 # GLOBAL CONFIGURATION ACCESS TYPE
@@ -57,6 +65,7 @@
 #           ldapConfBase     = ou=conf,ou=applications,dc=example,dc=com
 #           ldapBindDN       = cn=manager,dc=example,dc=com
 #           ldapBindPassword = secret
+
 type = File
 dirName = /var/lib/lemonldap-ng/conf
 
@@ -72,8 +81,97 @@ localStorage = Cache::FileCache
 localStorageOptions = { 'namespace' => 'MyNamespace', 'default_expires_in' => 600, 'directory_umask' => '007', 'cache_root' => '/tmp', 'cache_depth' => 5, }
 
 [portal]
-portalDisplayResetPassword = 0
-notifyDeleted = 1
+# PORTAL CUSTOMIZATION
+# Name of the skin
+;portalSkin = pastel
+# Modules displayed
+;portalDisplayLogout = 1
+;portalDisplayResetPassword = 1
+;portalDisplayChangePassword = 1
+;portalDisplayAppslist => 1
+# Allow password autocompletion (passwords stored in user web browsers)
+;portalAutocomplete = 1
+# Require the old password when changing password
+;portalRequireOldPassword = 1
+# Attribute displayed as connected user
+;portalUserAttr => "mail",
+
+# LOG
+# By default, all is logged in Apache file. To log user actions by
+# syslog, just set syslog facility here:
+;syslog = auth
+
+# SOAP FUNCTIONS
+# Remove comment to activate SOAP Functions getCookies(user,pwd) and
+# error(language, code)
+;Soap = 1
+# Note that getAttibutes() will be activated but on a different URI
+# (http://auth.example.com/index.pl/sessions)
+# You can also restrict attributes and macros exported by getAttributes
+;exportedAttr => uid mail
+
+# PASSWORD POLICY
+# Remove comment to use LDAP Password Policy
+;ldapPpolicyControl = 1
+# Remove comment to store password in session (use with caution)
+;storePassword = 1
+# Remove comment to use LDAP modify password extension
+# (beware of compatibility with LDAP Password Policy)
+;ldapSetPassword    = 1
+
+# RESET PASSWORD BY MAIL
+# SMTP server (default to localhost), set to '' to use default mail service
+;SMTPServer = localhost
+# Mail From address
+;mailFrom = noreply@test.com
+# Mail confirmation URL
+;mailUrl = http://reset.example.com
+# Mail subject for confirmation message
+;mailConfirmSubject = [LemonLDAP::NG] Password reset confirmation
+# Mail body for confiramtion (can use $url for confirmation URL, and other session
+# infos, like $cn). Keep comment to use HTML templates
+;mailConfirmBody = Hello $cn,\n\nClick here to receive your new password: $url
+# Mail subject for new password message
+;mailSubject = [LemonLDAP::NG] Your new password
+# Mail body for new password (can use $password for generated password, and other session
+# infos, like $cn). Keep comment to use HTML templates
+;mailBody = Hello $cn,\n\nYour new password is $password
+# LDAP filter to use
+;mailLDAPFilter = '(&(mail=$mail)(objectClass=inetOrgPerson))'
+# Random regexp for password generation
+;randomPasswordRegexp = [A-Z]{3}[a-z]{5}.\d{2}
+
+# LDAP GROUPS
+# Set the base DN of your groups branch
+;ldapGroupBase = ou=groups,dc=example,dc=com
+# Objectclass used by groups
+;ldapGroupObjectClass = groupOfUniqueNames
+# Attribute used by groups to store member
+;ldapGroupAttributeName = uniqueMember
+# Attribute used by user to link to groups
+;ldapGroupAttributeNameUser = dn
+# Attribute used to identify a group. The group will be displayed as
+# cn|mail|status, where cn, mail and status will be replaced by their
+# values.
+;ldapGroupAttributeNameSearch = ['cn']
+
+# NOTIFICATIONS SERVICE
+# Use it to be able to notify messages during authentication
+;notification = 1
+# Note that the SOAP function newNotification will be activated on
+# http://auth.example.com/index.pl/notification
+# If you want to hide this, just protect "/index.pl/notification" in
+# your Apache configuration file
+
+# XSS protection bypass
+# By default, the portal refuse redirections that comes from sites not
+# registered in the configuration (manager) except for those coming
+# from trusted domains. By default, trustedDomains contains the domain
+# declared in the manager. You can set trustedDomains to empty value so
+# that, undeclared sites will be rejected. You can also set here a list
+# of trusted domains or hosts separated by spaces. This is usefull if
+# your website use Lemonldap::NG without handler with SOAP functions.
+;trustedDomains => 'my.trusted.host example2.com',
 
 [handler]
 https = 0

modules/lemonldap-ng-portal/example/index_skin.pl

@@ -21,113 +21,6 @@ my $portal = Lemonldap::NG::Portal::SharedConf->new(
         # Note that YOU HAVE TO SET configStorage here if you've declared this
         # portal as SOAP configuration server in the manager
 
-        # PORTAL CUSTOMIZATION
-        # * Skin
-        # portalSkin => 'pastel',
-        # * Modules displayed
-        # portalDisplayLogout => 1,
-        # portalDisplayResetPassword => 1,
-        # portalDisplayChangePassword => 1,
-        # portalDisplayAppslist => 1,
-        # * Allow password autocompletion
-        #   (passwords stored in user web browsers)
-        # portalAutocomplete => "on",
-        # * Require the old password when changing password
-        # portalRequireOldPassword => 1,
-        # * Attribute displayed as connected user
-        # portalUserAttr => "mail",
-
-        # LOG
-        # By default, all is logged in Apache file. To log user actions by
-        # syslog, just set syslog facility here:
-        #syslog => 'auth',
-
-        # SOAP FUNCTIONS
-        # Remove comment to activate SOAP Functions getCookies(user,pwd) and
-        # error(language, code)
-        Soap => 1,
-
-        # Note that getAttibutes() will be activated but on a different URI
-        # (http://auth.example.com/index.pl/sessions)
-        # You can also restrict attributes and macros exported by getAttributes
-        #exportedAttr => 'uid mail',
-
-        # PASSWORD POLICY
-        # Remove comment to use LDAP Password Policy
-        #ldapPpolicyControl => 1,
-
-        # Remove comment to store password in session (use with caution)
-        #storePassword      => 1,
-
-        # Remove comment to use LDAP modify password extension
-        # (beware of compatibility with LDAP Password Policy)
-        #ldapSetPassword    => 1,
-
-        # RESET PASSWORD BY MAIL
-        # SMTP server (default to localhost), set to '' to use default mail
-        # service
-        #SMTPServer => "localhost",
-
-        # Mail From address
-        #mailFrom => "noreply@test.com",
-
-        # Mail subject
-        #mailSubject => "Password reset",
-
-        # Mail body (can use $password for generated password, and other session
-        # infos, like $cn)
-        #mailBody => 'Hello $cn,\n\nYour new password is $password',
-
-        # LDAP filter to use
-        #mailLDAPFilter => '(&(mail=$mail)(objectClass=inetOrgPerson))',
-
-        # Random regexp
-        #randomPasswordRegexp => '[A-Z]{3}[a-z]{5}.\d{2}',
-
-        # LDAP GROUPS
-        # Set the base DN of your groups branch
-        #ldapGroupBase => 'ou=groups,dc=example,dc=com',
-        # Objectclass used by groups
-        #ldapGroupObjectClass => 'groupOfUniqueNames',
-        # Attribute used by groups to store member
-        #ldapGroupAttributeName => 'uniqueMember',
-        # Attribute used by user to link to groups
-        #ldapGroupAttributeNameUser => 'dn',
-        # Attribute used to identify a group. The group will be displayed as
-        # cn|mail|status, where cn, mail and status will be replaced by their
-        # values.
-        #ldapGroupAttributeNameSearch => ['cn'],
-
-        # CUSTOM FUNCTION
-        # If you want to create customFunctions in rules, declare them here:
-        #customFunctions    => 'function1 function2',
-        #customFunctions    => 'Package::func1 Package::func2',
-
-        # NOTIFICATIONS SERVICE
-        # Use it to be able to notify messages during authentication
-        #notification => 1,
-        # Note that the SOAP function newNotification will be activated on
-        # http://auth.example.com/index.pl/notification
-        # If you want to hide this, just protect "/index.pl/notification" in
-        # your Apache configuration file
-
-        # CROSS-DOMAIN
-        # If you have some handlers that are not registered on the main domain,
-        # uncomment this
-        #cda => 1,
-
-        # XSS protection bypass
-        # By default, the portal refuse redirections that comes from sites not
-        # registered in the configuration (manager) except for those coming
-        # from trusted domains. By default, trustedDomains contains the domain
-        # declared in the manager. You can set trustedDomains to empty value so
-        # that, undeclared sites will be rejected. You can also set here a list
-        # of trusted domains or hosts separated by spaces. This is usefull if
-        # your website use Lemonldap::NG without handler with SOAP functions.
-        # Exemples :
-        #trustedDomains => 'my.trusted.host example2.com',
-        #trustedDomains => '',
-
         # OTHERS
         # You can also overload any parameter issued from manager
         # configuration. Example:
@@ -138,7 +31,6 @@ my $portal = Lemonldap::NG::Portal::SharedConf->new(
         #},
         # Note that YOU HAVE TO SET globalStorage here if you've declared this
         # portal as SOAP session server in the manager
-        #},
     }
 );