configvhost.html 17.4 KB
Newer Older
Clément OUDOT's avatar
Clément OUDOT committed
1 2 3 4 5 6
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
  <meta charset="utf-8" />
  <title>documentation:2.0:configvhost</title>
<meta name="generator" content="DokuWiki"/>
Xavier Guimard's avatar
Xavier Guimard committed
7
<meta name="robots" content="index,follow"/>
Clément OUDOT's avatar
Clément OUDOT committed
8 9 10 11 12
<meta name="keywords" content="documentation,2.0,configvhost"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="configvhost.html"/>
<link rel="contents" href="configvhost.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
Xavier Guimard's avatar
Xavier Guimard committed
13 14 15 16 17 18 19 20 21
<!-- //if:usedebianlibs
  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
Clément OUDOT's avatar
Clément OUDOT committed
22 23 24
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:configvhost","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
Xavier Guimard's avatar
Xavier Guimard committed
25 26 27 28 29 30 31 32 33 34 35 36 37 38
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
  <script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
  <script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
Xavier Guimard's avatar
Xavier Guimard committed
39
  <script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
Xavier Guimard's avatar
Xavier Guimard committed
40
//else -->
Xavier Guimard's avatar
Xavier Guimard committed
41
  <script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script>
Xavier Guimard's avatar
Xavier Guimard committed
42
<!-- //endif -->
Clément OUDOT's avatar
Clément OUDOT committed
43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>

<ul class="toc">
<li class="level1"><div class="li"><a href="#apache_configuration">Apache configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#hosted_application">Hosted application</a></div></li>
<li class="level2"><div class="li"><a href="#reverse_proxy">Reverse proxy</a></div></li>
<li class="level2"><div class="li"><a href="#add_a_floating_menu">Add a floating menu</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#nginx_configuration">Nginx configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#hosted_application1">Hosted application</a></div></li>
<li class="level2"><div class="li"><a href="#reverse_proxy1">Reverse proxy</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#lemonldapng_configuration">LemonLDAP::NG configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#access_rules_and_http_headers">Access rules and HTTP headers</a></div></li>
<li class="level2"><div class="li"><a href="#post_data">POST data</a></div></li>
<li class="level2"><div class="li"><a href="#options">Options</a></div></li>
</ul></li>
</ul>
</div>
</div>
<!-- TOC END -->

<h1 class="sectionedit1" id="manage_virtual_hosts">Manage virtual hosts</h1>
<div class="level1">

<p>
LemonLDAP::NG configuration is build around Apache or Nginx virtual hosts. Each virtual host is a protected resource, with access rules, headers, POST data and options.
</p>

</div>
<!-- EDIT1 SECTION "Manage virtual hosts" [1-206] -->
<h2 class="sectionedit2" id="apache_configuration">Apache configuration</h2>
<div class="level2">

<p>
To protect a virtual host in Apache, the LemonLDAP::NG Handler must be activated (see <a href="configlocation.html#apache" class="wikilink1" title="documentation:2.0:configlocation">Apache global configuration</a>).
</p>

<p>
Then you can take any virtual host, and simply add this line to protect it:
</p>
Clément OUDOT's avatar
Clément OUDOT committed
95
<pre class="code file apache">PerlHeaderParserHandler Lemonldap::NG::Handler::ApacheMP2</pre>
Clément OUDOT's avatar
Clément OUDOT committed
96 97

</div>
Clément OUDOT's avatar
Clément OUDOT committed
98
<!-- EDIT2 SECTION "Apache configuration" [207-541] -->
Clément OUDOT's avatar
Clément OUDOT committed
99 100 101 102 103 104 105 106 107
<h3 class="sectionedit3" id="hosted_application">Hosted application</h3>
<div class="level3">

<p>
Example of a protected virtual host for a local application:
</p>
<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
        <span class="kw1">ServerName</span> localsite.example.com
&nbsp;
Clément OUDOT's avatar
Clément OUDOT committed
108
        PerlHeaderParserHandler Lemonldap::NG::Handler::ApacheMP2
Clément OUDOT's avatar
Clément OUDOT committed
109 110 111 112 113 114 115 116 117
&nbsp;
        <span class="kw1">DocumentRoot</span> /var/www/localsite
&nbsp;
        <span class="kw1">ErrorLog</span> /var/log/apache2/localsite_error.log
        <span class="kw1">CustomLog</span> /var/log/apache2/localsite_access.log combined
&nbsp;
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>

</div>
Clément OUDOT's avatar
Clément OUDOT committed
118
<!-- EDIT3 SECTION "Hosted application" [542-960] -->
Clément OUDOT's avatar
Clément OUDOT committed
119 120 121 122 123 124 125 126 127
<h3 class="sectionedit4" id="reverse_proxy">Reverse proxy</h3>
<div class="level3">

<p>
Example of a protected virtual host with LemonLDAP::NG as reverse proxy:
</p>
<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
        <span class="kw1">ServerName</span> application.example.com
&nbsp;
Clément OUDOT's avatar
Clément OUDOT committed
128
        PerlHeaderParserHandler Lemonldap::NG::Handler::ApacheMP2
Clément OUDOT's avatar
Clément OUDOT committed
129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146
&nbsp;
        <span class="co1"># Reverse-Proxy</span>
        <span class="kw1">ProxyPass</span> / http://private-name/
        <span class="co1"># Change &quot;Location&quot; header in redirections</span>
        <span class="kw1">ProxyPassReverse</span> / http://private-name/
        <span class="co1"># Change domain cookies</span>
        <span class="kw1">ProxyPassReverseCookieDomain</span> private-name application.example.com
&nbsp;
        <span class="kw1">ErrorLog</span> /var/log/apache2/proxysite_error.log
        <span class="kw1">CustomLog</span> /var/log/apache2/proxysite_access.log combined
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>

<p>
Same with remote server configured with the same host name:
</p>
<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
        <span class="kw1">ServerName</span> application.example.com
&nbsp;
Clément OUDOT's avatar
Clément OUDOT committed
147
        PerlHeaderParserHandler Lemonldap::NG::Handler::ApacheMP2
Clément OUDOT's avatar
Clément OUDOT committed
148 149 150 151 152 153 154 155 156 157 158 159 160 161 162
&nbsp;
        <span class="co1"># Reverse-Proxy</span>
        <span class="kw1">ProxyPass</span> / http://APPLICATION_IP/
&nbsp;
        <span class="kw1">ProxyPreserveHost</span> <span class="kw2">on</span>
&nbsp;
        <span class="kw1">ErrorLog</span> /var/log/apache2/proxysite_error.log
        <span class="kw1">CustomLog</span> /var/log/apache2/proxysite_access.log combined
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>
<div class="noteclassic">The <code>ProxyPreserveHost</code> directive will forward the Host header to the protected application.<br/>
To learn more about using Apache as reverse-proxy, see <a href="http://httpd.apache.org/docs/current/mod/mod_proxy.html" class="urlextern" title="http://httpd.apache.org/docs/current/mod/mod_proxy.html"  rel="nofollow">Apache documentation</a>.

</div><div class="notetip">Some applications need the <code>REMOTE_USER</code> environment variable to get the connected user, which is not set in reverse-proxy mode. In this case, see <a href="header_remote_user_conversion.html" class="wikilink1" title="documentation:2.0:header_remote_user_conversion">how convert header into environment variable</a>.
</div>
</div>
Clément OUDOT's avatar
Clément OUDOT committed
163
<!-- EDIT4 SECTION "Reverse proxy" [961-2575] -->
Clément OUDOT's avatar
Clément OUDOT committed
164 165 166 167 168 169 170
<h3 class="sectionedit5" id="add_a_floating_menu">Add a floating menu</h3>
<div class="level3">

<p>
A little floating menu can be added to application with this simple Apache configuration:
</p>
<pre class="code file apache">PerlModule Lemonldap::NG::Handler::Menu
Clément OUDOT's avatar
Clément OUDOT committed
171
PerlOutputFilterHandler Lemonldap::NG::Handler::ApacheMP2::Menu-&gt;run</pre>
Clément OUDOT's avatar
Clément OUDOT committed
172 173 174 175 176

<p>
Pages where this menu is displayed can be restricted, for example:
</p>
<pre class="code file apache">&lt;<span class="kw3">Location</span> /var/www/html/index.php&gt;
Clément OUDOT's avatar
Clément OUDOT committed
177
PerlOutputFilterHandler Lemonldap::NG::Handler::ApacheMP2::Menu-&gt;run
Clément OUDOT's avatar
Clément OUDOT committed
178 179 180 181
&lt;/<span class="kw3">Location</span>&gt;</pre>
<div class="noteimportant">You need to disable mod_deflate to use the floating menu
</div>
</div>
Clément OUDOT's avatar
Clément OUDOT committed
182
<!-- EDIT5 SECTION "Add a floating menu" [2576-3114] -->
Clément OUDOT's avatar
Clément OUDOT committed
183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208
<h2 class="sectionedit6" id="nginx_configuration">Nginx configuration</h2>
<div class="level2">

<p>
To protect a virtual host in Nginx, the LemonLDAP::NG FastCGI server must be launched (see <a href="fastcgiserver.html" class="wikilink1" title="documentation:2.0:fastcgiserver">LemonLDAP::NG FastCGI server</a>).
</p>

<p>
Then you can take any virtual host and modify it:
</p>
<ul>
<li class="level1"><div class="li"> Declare the /lmauth endpoint</div>
</li>
</ul>
<pre class="code file nginx">  location = /lmauth {
    internal;
    include /etc/nginx/fastcgi_params;
    fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
&nbsp;
    # Drop post datas
    fastcgi_pass_request_body  off;
    fastcgi_param CONTENT_LENGTH &quot;&quot;;
&nbsp;
    # Keep original hostname
    fastcgi_param HOST $http_host;
&nbsp;
Xavier Guimard's avatar
Xavier Guimard committed
209
    # Keep original request (LLNG server will receive /lmauth)
Clément OUDOT's avatar
Clément OUDOT committed
210 211 212 213 214 215 216 217 218 219
    fastcgi_param X_ORIGINAL_URI  $request_uri;
  }</pre>
<ul>
<li class="level1"><div class="li"> Protect the application (/ or /path/to/protect):</div>
</li>
</ul>
<pre class="code file nginx">  location /path/to/protect {
    auth_request /lmauth;
    auth_request_set $lmremote_user $upstream_http_lm_remote_user;
    auth_request_set $lmlocation $upstream_http_location;
Xavier Guimard's avatar
Xavier Guimard committed
220 221
    auth_request_set $cookie_value $upstream_http_set_cookie;
    add_header Set-Cookie $cookie_value;
Clément OUDOT's avatar
Clément OUDOT committed
222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255
    error_page 401 $lmlocation;
    try_files $uri $uri/ =404;
&nbsp;
    ...
  }</pre>
<ul>
<li class="level1"><div class="li"> Use LUA or set manually the headers:</div>
</li>
</ul>
<pre class="code file nginx">  location /path/to/protect {
&nbsp;
    ...
&nbsp;
    # IF LUA IS SUPPORTED
    #include /etc/lemonldap-ng/nginx-lua-headers.conf;
&nbsp;
    # ELSE
    # Set manually your headers
    #auth_request_set $authuser $upstream_http_auth_user;
    #proxy_set_header Auth-User $authuser;
    # OR
    #fastcgi_param HTTP_AUTH_USER $authuser;
&nbsp;
    # Then (if LUA not supported), change cookie header to hide LLNG cookie
    #auth_request_set $lmcookie $upstream_http_cookie;
    #proxy_set_header Cookie: $lmcookie;
    # OR in the corresponding block
    #fastcgi_param HTTP_COOKIE $lmcookie;
&nbsp;
    # Set REMOTE_USER (for FastCGI apps only)
    #fastcgi_param REMOTE_USER $lmremote_user;
  }</pre>

</div>
Clément OUDOT's avatar
Clément OUDOT committed
256
<!-- EDIT6 SECTION "Nginx configuration" [3115-5001] -->
Clément OUDOT's avatar
Clément OUDOT committed
257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278
<h3 class="sectionedit7" id="hosted_application1">Hosted application</h3>
<div class="level3">

<p>
Example of a protected virtual host for a local application:
</p>
<pre class="code file nginx"># Log format
include /path/to/lemonldap-ng/nginx-lmlog.conf;
server {
  listen 80;
  server_name myserver;
  root /var/www/html;
  # Internal authentication request
  location = /lmauth {
    internal;
    include /etc/nginx/fastcgi_params;
    fastcgi_pass /path/to/llng-fastcgi-server.sock;
    # Drop post datas
    fastcgi_pass_request_body  off;
    fastcgi_param CONTENT_LENGTH &quot;&quot;;
    # Keep original hostname
    fastcgi_param HOST $http_host;
Xavier Guimard's avatar
Xavier Guimard committed
279
    # Keep original request (LLNG server will receive /lmauth)
Clément OUDOT's avatar
Clément OUDOT committed
280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314
    fastcgi_param X_ORIGINAL_URI  $request_uri;
  } 
&nbsp;
  # Client requests
  location ~ \.php$ {
    auth_request /lmauth;
    auth_request_set $lmremote_user $upstream_http_lm_remote_user;
    auth_request_set $lmlocation $upstream_http_location;
    error_page 401 $lmlocation;
    try_files $uri $uri/ =404;
    include fastcgi_params;
    try_files $fastcgi_script_name =404;
    fastcgi_pass /path/to/php-fpm/socket;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_intercept_errors on;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_hide_header X-Powered-By;
&nbsp;
    ##################################
    # PASSING HEADERS TO APPLICATION #
    ##################################
    # IF LUA IS SUPPORTED
    #include /path/to/nginx-lua-headers.conf
&nbsp;
    # ELSE
    # Set manually your headers
    #auth_request_set $authuser $upstream_http_auth_user;
    #fastcgi_param HTTP_AUTH_USER $authuser;
  }
  location / {
    try_files $uri $uri/ =404;
  }
}</pre>

</div>
Clément OUDOT's avatar
Clément OUDOT committed
315
<!-- EDIT7 SECTION "Hosted application" [5002-6630] -->
Clément OUDOT's avatar
Clément OUDOT committed
316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337
<h3 class="sectionedit8" id="reverse_proxy1">Reverse proxy</h3>
<div class="level3">

<p>
Example of a protected reverse-proxy:
</p>
<pre class="code file nginx"># Log format
include /path/to/lemonldap-ng/nginx-lmlog.conf;
server {
  listen 80;
  server_name myserver;
  root /var/www/html;
  # Internal authentication request
  location = /lmauth {
    internal;
    include /etc/nginx/fastcgi_params;
    fastcgi_pass /path/to/llng-fastcgi-server.sock;
    # Drop post datas
    fastcgi_pass_request_body  off;
    fastcgi_param CONTENT_LENGTH &quot;&quot;;
    # Keep original hostname
    fastcgi_param HOST $http_host;
Xavier Guimard's avatar
Xavier Guimard committed
338
    # Keep original request (LLNG server will receive /lmauth)
Clément OUDOT's avatar
Clément OUDOT committed
339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365
    fastcgi_param X_ORIGINAL_URI  $request_uri;
  } 
&nbsp;
  # Client requests
  location / {
    auth_request /lmauth;
    auth_request_set $lmremote_user $upstream_http_lm_remote_user;
    auth_request_set $lmlocation $upstream_http_location;
    error_page 401 $lmlocation;
&nbsp;
    proxy_pass http://remote.server/;
    include /etc/nginx/proxy_params;
&nbsp;
    ##################################
    # PASSING HEADERS TO APPLICATION #
    ##################################
    # IF LUA IS SUPPORTED
    #include /path/to/nginx-lua-headers.conf
&nbsp;
    # ELSE
    # Set manually your headers
    #auth_request_set $authuser $upstream_http_auth_user;
    #proxy_set_header HTTP_AUTH_USER $authuser;
  }
}</pre>

</div>
Clément OUDOT's avatar
Clément OUDOT committed
366
<!-- EDIT8 SECTION "Reverse proxy" [6631-7924] -->
Clément OUDOT's avatar
Clément OUDOT committed
367 368 369 370
<h2 class="sectionedit9" id="lemonldapng_configuration">LemonLDAP::NG configuration</h2>
<div class="level2">

<p>
Xavier Guimard's avatar
Xavier Guimard committed
371
A virtual host protected by LemonLDAP::NG Handler must be registered in LemonLDAP::NG configuration.
Clément OUDOT's avatar
Clément OUDOT committed
372 373 374
</p>

<p>
Xavier Guimard's avatar
Xavier Guimard committed
375
To do this, use the Manager, and go in <code>Virtual Hosts</code> branch. You can add, delete or modify a virtual host here. Enter the exact virtual host name (for example <code>test.example.com</code>) or use a wildcard (for example <code>*.example.com</code>).
Clément OUDOT's avatar
Clément OUDOT committed
376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392
</p>

<p>
A virtual host contains:
</p>
<ul>
<li class="level1"><div class="li"> Access rules: check user&#039;s right on <abbr title="Uniform Resource Locator">URL</abbr> patterns</div>
</li>
<li class="level1"><div class="li"> HTTP headers: forge information sent to protected applications</div>
</li>
<li class="level1"><div class="li"> POST data: use form replay</div>
</li>
<li class="level1"><div class="li"> Options: redirection port and protocol</div>
</li>
</ul>

</div>
Clément OUDOT's avatar
Clément OUDOT committed
393
<!-- EDIT9 SECTION "LemonLDAP::NG configuration" [7925-8524] -->
Clément OUDOT's avatar
Clément OUDOT committed
394 395 396 397 398 399 400 401
<h3 class="sectionedit10" id="access_rules_and_http_headers">Access rules and HTTP headers</h3>
<div class="level3">

<p>
See <strong><a href="writingrulesand_headers.html" class="wikilink1" title="documentation:2.0:writingrulesand_headers">Writing rules and headers</a></strong> to learn how to configure access control and HTTP headers sent to application by <abbr title="LemonLDAP::NG">LL::NG</abbr>.
</p>

</div>
Clément OUDOT's avatar
Clément OUDOT committed
402
<!-- EDIT10 SECTION "Access rules and HTTP headers" [8525-8717] -->
Clément OUDOT's avatar
Clément OUDOT committed
403 404 405 406 407 408 409 410
<h3 class="sectionedit11" id="post_data">POST data</h3>
<div class="level3">

<p>
See <strong><a href="formreplay.html" class="wikilink1" title="documentation:2.0:formreplay">Form replay</a></strong> to learn how to configure form replay to POST data on protected applications.
</p>

</div>
Clément OUDOT's avatar
Clément OUDOT committed
411
<!-- EDIT11 SECTION "POST data" [8718-8852] -->
Clément OUDOT's avatar
Clément OUDOT committed
412 413 414 415 416 417 418
<h3 class="sectionedit12" id="options">Options</h3>
<div class="level3">

<p>
Some options are available:
</p>
<ul>
Xavier Guimard's avatar
Xavier Guimard committed
419
<li class="level1"><div class="li"> Port: used to build redirection <abbr title="Uniform Resource Locator">URL</abbr> <em>(when user is not logged, or for <abbr title="Cross Domain Authentication">CDA</abbr> requests)</em></div>
Clément OUDOT's avatar
Clément OUDOT committed
420
</li>
Xavier Guimard's avatar
Xavier Guimard committed
421
<li class="level1"><div class="li"> HTTPS: used to build redirection <abbr title="Uniform Resource Locator">URL</abbr></div>
Clément OUDOT's avatar
Clément OUDOT committed
422
</li>
Xavier Guimard's avatar
Xavier Guimard committed
423 424 425 426 427 428 429
<li class="level1"><div class="li"> Maintenance mode: reject all requests with a maintenance message</div>
</li>
<li class="level1"><div class="li"> Aliases: list of aliases for this virtual host <em>(avoid to rewrite rules,…)</em></div>
</li>
<li class="level1"><div class="li"> Type: handler type <em>(normal, <a href="devopshandler.html" class="wikilink1" title="documentation:2.0:devopshandler">DevOps Handler</a>,…)</em></div>
</li>
<li class="level1"><div class="li"> Authentication level required: this options avoid to reject user with a rule based on <code>$_authenticationLevel</code>. When user hasn&#039;t the required level, he is redirected to an upgrade page in the portal</div>
Clément OUDOT's avatar
Clément OUDOT committed
430 431 432 433
</li>
</ul>

<p>
Xavier Guimard's avatar
Xavier Guimard committed
434
“Port” and “HTTPS” options are used to build redirection <abbr title="Uniform Resource Locator">URL</abbr> <em>(when user is not logged, or for <abbr title="Cross Domain Authentication">CDA</abbr> requests)</em>. By default, default values are used. These options are only here to override default values.
Clément OUDOT's avatar
Clément OUDOT committed
435 436 437
</p>

</div>
Clément OUDOT's avatar
Clément OUDOT committed
438
<!-- EDIT12 SECTION "Options" [8853-] --></div>
Clément OUDOT's avatar
Clément OUDOT committed
439 440
</body>
</html>