Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
LemonLDAP NG
lemonldap-ng
Commits
f1855f3e
Commit
f1855f3e
authored
Jan 12, 2022
by
Christophe Maudoux
🐛
Browse files
Improve doc (
#2685
)
parent
12d3e224
Pipeline
#18752
passed with stage
in 15 minutes and 45 seconds
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
doc/sources/admin/ssoaas.rst
View file @
f1855f3e
...
...
@@ -7,7 +7,7 @@ Our concept of SSOaaS
Access management provides 3 services:
- Global Authentication: Single Sign-On
- Authorization:
to g
rant authentication is not enough. User rights
- Authorization:
G
rant authentication is not enough. User rights
must be checked
- Accounting: SSO logs (access) + application logs *(transactions and
results)*
...
...
@@ -25,13 +25,13 @@ the ability for an app to manage authorizations and choose user
attributes to set. Authentication can not be really ``*aaS``: app must
just use it, not manage it.
LL::NG affords some features that can be used
to
provid
e
SSO as a
s
ervice: a web application can manage its rules and headers. Docker or
LL::NG affords some features that can be used
for
provid
ing
SSO as a
S
ervice: a web application can manage its rules and headers. Docker or
VM images (Nginx only) includes LL::NG Nginx configuration that aims to
a global
:ref:`LL::NG authorization server<platformsoverview-external-servers-for-nginx>`.
By default, all authenticated users can access and one header is set:
``Auth-User``. If application
giv
es a RULES_URL parameter that refers to
``Auth-User``. If application
defin
es a RULES_URL parameter that refers to
a JSON file, authorization server will read it, apply specified rules
and set required headers (see :doc:`DevOps Handler<devopshandler>`).
...
...
@@ -120,14 +120,14 @@ FastCGI" configuration.
.. code-block:: apache
<VirtualHost
...
>
<VirtualHost
port
>
ServerName app.tls
PerlHeaderParserHandler Lemonldap::NG::Handler::ApacheMP2::FCGIClient
# This must point to the central FastCGI server
PerlSetVar LLNG_SERVER 192.0.2.1:9090
# Declare this vhost as a DevOps
vhost, so that we
do not have
# Declare this vhost as a DevOps
protected vhost. So you
do not have
# to declare it in the LemonLDAP::NG Manager
PerlSetVar VHOSTTYPE DevOps
...
...
@@ -268,4 +268,3 @@ directory.
}
.. |image0| image:: /documentation/devops.png
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
