Commit a31b9cc6 authored by Clément OUDOT's avatar Clément OUDOT

Documentation update

parent 8233e159
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:applications</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="applications.html"/>
......@@ -151,10 +151,16 @@ Applications listed below are known to be easy to integrate in <abbr title="Lemo
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/grr.html" class="media" title="documentation:2.0:applications:grr"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/phpldapadmin.html" class="media" title="documentation:2.0:applications:phpldapadmin"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col2 centeralign"> <a href="applications/limesurvey.html" class="media" title="documentation:2.0:applications:limesurvey"><img src="icons/kmultiple.png" class="media" title="LimeSurvey" alt="LimeSurvey" width="120" /></a> </td><td class="col3 centeralign"> <a href="http://help.sap.com/saphelp_nw70/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm" class="media" title="http://help.sap.com/saphelp_nw70/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm" rel="nofollow"><img src="icons/kmultiple.png" class="media" title="SAP" alt="SAP" /></a> </td>
</tr>
<tr class="row2 roweven">
<th class="col0 centeralign"> FusionDirectory </th><th class="col1"> </th><th class="col2"> </th><th class="col3"> </th>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> <a href="applications/fusiondirectory.html" class="media" title="documentation:2.0:applications:fusiondirectory"><img src="icons/kmultiple.png" class="media" title="fusiondirectory-logo.jpg" alt="fusiondirectory-logo.jpg" width="120" /></a> </td><td class="col1"> </td><td class="col2"> </td><td class="col3"> </td>
</tr>
</table></div>
<!-- EDIT12 TABLE [1252-1655] -->
<!-- EDIT12 TABLE [1252-1777] -->
</div>
<!-- EDIT11 SECTION "Other" [1235-1656] -->
<!-- EDIT11 SECTION "Other" [1235-1777] -->
<h2 class="sectionedit13" id="frameworks">Frameworks</h2>
<div class="level2">
<div class="table sectionedit14"><table class="inline table table-bordered table-striped">
......@@ -167,9 +173,9 @@ Applications listed below are known to be easy to integrate in <abbr title="Lemo
<td class="col0 centeralign"> <a href="applications/spring.html" class="media" title="documentation:2.0:applications:spring"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/django.html" class="media" title="documentation:2.0:applications:django"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td>
</tr>
</table></div>
<!-- EDIT14 TABLE [1681-1848] -->
<!-- EDIT14 TABLE [1802-1969] -->
</div>
<!-- EDIT13 SECTION "Frameworks" [1657-1849] -->
<!-- EDIT13 SECTION "Frameworks" [1778-1970] -->
<h2 class="sectionedit15" id="connectors">Connectors</h2>
<div class="level2">
<div class="table sectionedit16"><table class="inline table table-bordered table-striped">
......@@ -190,9 +196,9 @@ Applications listed below are known to be easy to integrate in <abbr title="Lemo
<a href="http://fr.lutece.paris.fr" class="urlextern" title="http://fr.lutece.paris.fr" rel="nofollow">Lutece</a> </td><td class="col2"> </td>
</tr>
</table></div>
<!-- EDIT16 TABLE [1874-2365] -->
<!-- EDIT16 TABLE [1995-2486] -->
</div>
<!-- EDIT15 SECTION "Connectors" [1850-2366] -->
<!-- EDIT15 SECTION "Connectors" [1971-2487] -->
<h2 class="sectionedit17" id="saml_connectors">SAML connectors</h2>
<div class="level2">
<div class="noteclassic">This requires to configure <abbr title="LemonLDAP::NG">LL::NG</abbr> as an <a href="idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">SAML Identity Provider</a>.
......@@ -212,8 +218,8 @@ Applications listed below are known to be easy to integrate in <abbr title="Lemo
<td class="col0 centeralign"> <a href="applications/nextcloud.html" class="media" title="documentation:2.0:applications:nextcloud"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/adfs.html" class="media" title="documentation:2.0:applications:adfs"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col2 leftalign"> </td><td class="col3 leftalign"> </td>
</tr>
</table></div>
<!-- EDIT18 TABLE [2486-3028] -->
<!-- EDIT18 TABLE [2607-3149] -->
</div>
<!-- EDIT17 SECTION "SAML connectors" [2367-] --></div>
<!-- EDIT17 SECTION "SAML connectors" [2488-] --></div>
</body>
</html>
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:applications:django</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,applications,django"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="django.html"/>
......@@ -62,7 +62,7 @@
<div class="level2">
<p>
The Django connector is available on GitHub: <a href="https://github.com/9h37/django-lemonldap" class="urlextern" title="https://github.com/9h37/django-lemonldap" rel="nofollow">https://github.com/9h37/django-lemonldap</a>
The Django connector is available on GitHub: <a href="https://github.com/rclsilver/django-lemonldap" class="urlextern" title="https://github.com/rclsilver/django-lemonldap" rel="nofollow">https://github.com/rclsilver/django-lemonldap</a>
</p>
<p>
......
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:applications:fusiondirectory</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,fusiondirectory"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="fusiondirectory.html"/>
<link rel="contents" href="fusiondirectory.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:fusiondirectory","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script>
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script>
<!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Presentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#fusiondirectory1">FusionDirectory</a></div></li>
<li class="level2"><div class="li"><a href="#llng">LL::NG</a></div></li>
</ul></li>
</ul>
</div>
</div>
<!-- TOC END -->
<h1 class="sectionedit1" id="fusiondirectory">FusionDirectory</h1>
<div class="level1">
<p>
<img src="fusiondirectory-logo.jpeg" class="mediacenter" alt="" />
</p>
</div>
<!-- EDIT1 SECTION "FusionDirectory" [1-85] -->
<h2 class="sectionedit2" id="presentation">Presentation</h2>
<div class="level2">
<p>
<a href="https://www.fusiondirectory.org/" class="urlextern" title="https://www.fusiondirectory.org/" rel="nofollow">FusionDirectory</a> provides a solution to daily management of data stored in an LDAP directory.
</p>
</div>
<!-- EDIT2 SECTION "Presentation" [86-242] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div>
<!-- EDIT3 SECTION "Configuration" [243-269] -->
<h3 class="sectionedit4" id="fusiondirectory1">FusionDirectory</h3>
<div class="level3">
<p>
Go in Configuration and in Login and Session panel. Set:
</p>
<ul>
<li class="level1"><div class="li"> <strong>HTTP Header authentication</strong>: Activate</div>
</li>
<li class="level1"><div class="li"> <strong>Header name</strong>: Auth-User</div>
</li>
</ul>
<p>
See also <a href="https://documentation.fusiondirectory.org/en/documentation/admin_installation/core_configuration#login-and-session" class="urlextern" title="https://documentation.fusiondirectory.org/en/documentation/admin_installation/core_configuration#login-and-session" rel="nofollow">https://documentation.fusiondirectory.org/en/documentation/admin_installation/core_configuration#login-and-session</a>
</p>
</div>
<!-- EDIT4 SECTION "FusionDirectory" [270-555] -->
<h3 class="sectionedit5" id="llng">LL::NG</h3>
<div class="level3">
<p>
Just set the <code>Auth-User</code> header with the attribute that carries the user login, for example <code>$uid</code>.
</p>
</div>
<!-- EDIT5 SECTION "LL::NG" [556-] --></div>
</body>
</html>
......@@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=761151e5c98aa11e440c41e32546ca38" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=083d765a6c01244c897a27ed8b56cdd7" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
......@@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1492102688" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1504111293" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>
......
......@@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=761151e5c98aa11e440c41e32546ca38" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=083d765a6c01244c897a27ed8b56cdd7" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
......@@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1492102688" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1504111293" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>
......
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:authapache</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authapache"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authapache.html"/>
......
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:authcas</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authcas"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authcas.html"/>
......
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:authcombination</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authcombination"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authcombination.html"/>
......
......@@ -302,8 +302,28 @@ List of columns to query to fill user session. See also <a href="exportedvars.ht
<ul>
<li class="level1"><div class="li"> <strong>Hash schema</strong>: SQL method for hashing password. Can be left blank for plain text passwords.</div>
</li>
<li class="level1"><div class="li"> <strong>Dynamic hash activation</strong>: Activate dynamic hashing. With dynamic hashing, the hash scheme is recovered from the user password in the database during authentication.</div>
</li>
<li class="level1"><div class="li"> <strong>Supported non-salted schemes</strong>: List of whitespace separated hash schemes. Every hash scheme MUST match a non-salted hash function in the database. LemonLDAP::NG relies on this hashing function for computing user password hashes. These hashes MUST NOT be salted (no random data used in conjunction with the password).</div>
</li>
<li class="level1"><div class="li"> <strong>Supported salted schemes</strong>: List of whitespace separated salted hash schemes, of the form “<strong>s</strong>scheme”, where scheme MUST match a non-salted hash function in the database. LemonLDAP::NG relies on this hashing function for computing user password hashes. Salted and non-salted scheme lists are not necessarily equivalent. (for example: non-salted=“sha256” and salted=“ssha ssha512” is valid)</div>
</li>
<li class="level1"><div class="li"> <strong>Dynamic hash scheme for new passwords</strong>: LemonLDAP::NG is able to store new passwords in the database (while modifying or reinitializing the password). You can choose a salted or non salted dynamic hashed password. The value must be an element of “Supported non-salted schemes” or “Supported salted schemes”.</div>
</li>
</ul>
<div class="noteimportant">The SQL function MUST have hexadecimal values as input AND output
</div><div class="notetip">Here is an example for creating a postgreSQL SHA256 function.
1. Install postgresql-contrib.
2. Activate extension: <pre class="code">CREATE EXTENSION pgcrypto;</pre>
<p>
3. Create the hash function:
</p>
<pre class="code">CREATE OR REPLACE FUNCTION sha256(varchar) returns text AS $$
SELECT encode(digest(decode($1, &#039;hex&#039;), &#039;sha256&#039;), &#039;hex&#039;)
$$ LANGUAGE SQL STRICT IMMUTABLE;</pre>
</div>
</div>
<!-- EDIT15 SECTION "Password" [3489-] --></div>
</body>
......
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:authkerberos</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authkerberos"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authkerberos.html"/>
......
......@@ -158,7 +158,7 @@ List of attributes to query to fill user session. See also <a href="exportedvars
</li>
<li class="level2"><div class="li"> To use TLS, set <code>ldap+tls://server</code> and to use LDAPS, set <code>ldaps://server</code> instead of server name.</div>
</li>
<li class="level2"><div class="li"> If you use TLS, you can set any of the <a href="http://search.cpan.org/~gbarr/perl-ldap/lib/Net/LDAP.pod" class="urlextern" title="http://search.cpan.org/~gbarr/perl-ldap/lib/Net/LDAP.pod" rel="nofollow">Net::LDAP</a> start_tls() sub like <code>ldap+tls://server/verify=none&amp;capath=/etc/ssl</code>. You can also use caFile and caPath parameters.</div>
<li class="level2"><div class="li"> If you use TLS, you can set any of the <a href="http://search.cpan.org/~gbarr/perl-ldap/lib/Net/LDAP.pod" class="urlextern" title="http://search.cpan.org/~gbarr/perl-ldap/lib/Net/LDAP.pod" rel="nofollow">Net::LDAP</a> start_tls() sub like <code>ldap+tls://server/verify=none&amp;capath=/etc/ssl</code>. You can also use cafile and capath parameters.</div>
</li>
</ul>
</li>
......
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:authlinkedin</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authlinkedin"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authlinkedin.html"/>
<link rel="contents" href="authlinkedin.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:authlinkedin","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script>
<!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="linkedin">LinkedIn</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Authentication </th><th class="col1 centeralign"> Users </th><th class="col2 centeralign"> Password </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 leftalign"> </td><td class="col2 leftalign"> </td>
</tr>
</table></div>
<!-- EDIT2 TABLE [25-84] -->
</div>
<!-- EDIT1 SECTION "LinkedIn" [1-85] -->
<h2 class="sectionedit3" id="presentation">Presentation</h2>
<div class="level2">
<p>
<a href="https://www.linkedin.com/" class="urlextern" title="https://www.linkedin.com/" rel="nofollow">LinkedIn</a> is a professional social network. It uses <a href="http://en.wikipedia.org/wiki/OAuth2" class="urlextern" title="http://en.wikipedia.org/wiki/OAuth2" rel="nofollow">OAuth2</a> protocol to allow applications to reuse its own authentication process (see <a href="https://developer.linkedin.com/docs/oauth2" class="urlextern" title="https://developer.linkedin.com/docs/oauth2" rel="nofollow">https://developer.linkedin.com/docs/oauth2</a>).
</p>
<p>
You need to register a new application on LinkedIn to get an application ID and a secret. See <a href="https://www.linkedin.com/developer/apps/" class="urlextern" title="https://www.linkedin.com/developer/apps/" rel="nofollow">https://www.linkedin.com/developer/apps/</a> on how to do that.
</p>
</div>
<!-- EDIT3 SECTION "Presentation" [86-526] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">
<p>
In Manager, go in <code>General Parameters</code> &gt; <code>Authentication modules</code> and choose LinkedIn for authentication module.
</p>
<p>
Then, go in <code>LinkedIn parameters</code>:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Authentication level</strong>: authentication level for this module.</div>
</li>
<li class="level1"><div class="li"> <strong>Client ID</strong>: the application ID you get</div>
</li>
<li class="level1"><div class="li"> <strong>Client secret</strong>: the corresponding secret</div>
</li>
<li class="level1"><div class="li"> <strong>Searched fields</strong>: Fields requested on People endpoint</div>
</li>
<li class="level1"><div class="li"> <strong>Field containing user identifier</strong>: Field that will be used as main user identifier in <abbr title="LemonLDAP::NG">LL::NG</abbr></div>
</li>
<li class="level1"><div class="li"> <strong>Scope</strong>: OAuth 2.0 scopes</div>
</li>
</ul>
<div class="notetip">Collected fields are stored in session in <code>linkedIn_</code> keys
</div>
</div>
<!-- EDIT4 SECTION "Configuration" [527-] --></div>
</body>
</html>
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:authssl</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authssl"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authssl.html"/>
......
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:idpcas</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,idpcas"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="idpcas.html"/>
......@@ -85,8 +85,6 @@ In the Manager, go in <code>General Parameters</code> » <code>Issuer modules</c
<div class="notetip">For example, to allow only users with a strong authentication level:
<pre class="code">$authenticationLevel &gt; 2</pre>
</div><div class="noteimportant">Rewrite rules must have been activated in <a href="configlocation.html#portal" class="wikilink1" title="documentation:2.0:configlocation">Apache portal configuration</a> or in <a href="configlocation.html#portal1" class="wikilink1" title="documentation:2.0:configlocation">Nginx portal configuration</a>.
</div>
<p>
Then go in <code>Options</code> to define:
......
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:idpopenid</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,idpopenid"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="idpopenid.html"/>
......@@ -117,8 +117,6 @@ In the Manager, go in <code>General Parameters</code> » <code>Issuer modules</c
<div class="notetip">For example, to allow only users with a strong authentication level:
<pre class="code">$authenticationLevel &gt; 2</pre>
</div><div class="noteimportant">Rewrite rules must have been activated in <a href="configlocation.html#portal" class="wikilink1" title="documentation:2.0:configlocation">Apache portal configuration</a> or in <a href="configlocation.html#portal1" class="wikilink1" title="documentation:2.0:configlocation">Nginx portal configuration</a>.
</div>
<p>
Then go in <code>Options</code> to define:
......@@ -136,7 +134,7 @@ Then go in <code>Options</code> to define:
<div class="notetip">If <code>OpenID login</code> is not set, it uses <code>General Parameters</code> » <code>Logs</code> » <code>REMOTE_USER</code> data, which is set to <code>uid</code> by default
</div>
</div>
<!-- EDIT3 SECTION "Configuration" [1126-2423] -->
<!-- EDIT3 SECTION "Configuration" [1126-2240] -->
<h3 class="sectionedit4" id="shared_attributes_sreg">Shared attributes (SREG)</h3>
<div class="level3">
......@@ -170,7 +168,7 @@ Each SREG attribute will be associated to a user session key. A session key can
<div class="noteclassic">If the OpenID consumer ask for data, users will be prompted to accept or not the data sharing.
</div>
</div>
<!-- EDIT4 SECTION "Shared attributes (SREG)" [2424-2931] -->
<!-- EDIT4 SECTION "Shared attributes (SREG)" [2241-2748] -->
<h3 class="sectionedit5" id="security">Security</h3>
<div class="level3">
<ul>
......@@ -182,6 +180,6 @@ Each SREG attribute will be associated to a user session key. A session key can
<div class="noteimportant">Note that <a href="idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">SAML</a> protocol is more secured than OpenID, so when your partners are known, prefer <a href="idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">SAML</a>.
</div>
</div>
<!-- EDIT5 SECTION "Security" [2932-] --></div>
<!-- EDIT5 SECTION "Security" [2749-] --></div>
</body>
</html>
......@@ -105,7 +105,7 @@
<td class="col0 centeralign"> <a href="applications/nextcloud.html" class="media" title="documentation:2.0:applications:nextcloud"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/adfs.html" class="media" title="documentation:2.0:applications:adfs"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col2 leftalign"> </td><td class="col3 leftalign"> </td>
</tr>
</table></div>
<!-- EDIT5 TABLE [2486-3028] -->
<!-- EDIT5 TABLE [2607-3149] -->
</div>
<!-- EDIT4 PLUGIN_INCLUDE_END "documentation:2.0:applications" [0-] --></div>
<div class="level2">
......
......@@ -135,12 +135,16 @@ You can add this repository to have recent packages:
</p>
<pre class="code">vi /etc/apt/sources.list.d/lemonldap-ng.list</pre>
<pre class="file"># LemonLDAP::NG repository
deb http://lemonldap-ng.org/deb stable main
deb-src http://lemonldap-ng.org/deb stable main</pre>
<div class="notetip">Use the <code>oldstable</code> repository to get packages from previous major version:
<pre class="file"># LemonLDAP::NG repository
deb http://lemonldap-ng.org/deb oldstable main
deb-src http://lemonldap-ng.org/deb oldstable main</pre>
deb https://lemonldap-ng.org/deb stable main
deb-src https://lemonldap-ng.org/deb stable main</pre>
<div class="notetip"><ul>
<li class="level1"><div class="li"> Use the <code>oldstable</code> repository to get packages from previous major version</div>
</li>
<li class="level1"><div class="li"> Use the <code>testing</code> repository to get packages from next major version</div>
</li>
<li class="level1"><div class="li"> Use the <code>2.0</code> repository to avoid upgrade to next major version</div>
</li>
</ul>
</div>
<p>
......@@ -149,7 +153,7 @@ Run this to update packages cache:
<pre class="code">apt-get update</pre>
</div>
<!-- EDIT5 SECTION "LL::NG repository" [1000-1589] -->
<!-- EDIT5 SECTION "LL::NG repository" [1000-1595] -->
<h3 class="sectionedit6" id="manual_download">Manual download</h3>
<div class="level3">
......@@ -158,7 +162,7 @@ Packages are available on the <a href="download.html" class="wikilink1" title="d
</p>
</div>
<!-- EDIT6 SECTION "Manual download" [1590-1676] -->
<!-- EDIT6 SECTION "Manual download" [1596-1682] -->
<h2 class="sectionedit7" id="package_gpg_signature">Package GPG signature</h2>
<div class="level2">
......@@ -172,18 +176,18 @@ Install it to trust packages:
<pre class="code">apt-key add rpm-gpg-key-ow2</pre>
</div>
<!-- EDIT7 SECTION "Package GPG signature" [1677-1845] -->
<!-- EDIT7 SECTION "Package GPG signature" [1683-1851] -->
<h2 class="sectionedit8" id="install_packages">Install packages</h2>
<div class="level2">
</div>
<!-- EDIT8 SECTION "Install packages" [1846-1875] -->
<!-- EDIT8 SECTION "Install packages" [1852-1881] -->
<h3 class="sectionedit9" id="with_aptitude">With aptitude</h3>
<div class="level3">
<pre class="code">aptitude install lemonldap-ng</pre>
</div>
<!-- EDIT9 SECTION "With aptitude" [1876-1946] -->
<!-- EDIT9 SECTION "With aptitude" [1882-1952] -->
<h3 class="sectionedit10" id="with_dpkg">With dpkg</h3>
<div class="level3">
......@@ -197,22 +201,22 @@ Then:
<pre class="code">dpkg -i liblemonldap-ng-* lemonldap-ng*</pre>
</div>
<!-- EDIT10 SECTION "With dpkg" [1947-2095] -->
<!-- EDIT10 SECTION "With dpkg" [1953-2101] -->
<h2 class="sectionedit11" id="first_configuration_steps">First configuration steps</h2>
<div class="level2">
</div>
<!-- EDIT11 SECTION "First configuration steps" [2096-2134] -->
<!-- EDIT11 SECTION "First configuration steps" [2102-2140] -->
<h3 class="sectionedit12" id="change_default_dns_domain">Change default DNS domain</h3>
<div class="level3">
<p>
By default, <abbr title="Domain Name System">DNS</abbr> domain is <code>example.com</code>. You can change it quick with a sed command. For example, we change it to <code>ow2.org</code>:
</p>
<pre class="code shell">sed -i 's/example\.com/ow2.org/g' /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1.js /var/lib/lemonldap-ng/test/index.pl</pre>
<pre class="code shell">sed -i 's/example\.com/ow2.org/g' /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1.json /var/lib/lemonldap-ng/test/index.pl</pre>
</div>
<!-- EDIT12 SECTION "Change default DNS domain" [2135-2452] -->
<!-- EDIT12 SECTION "Change default DNS domain" [2141-2460] -->
<h3 class="sectionedit13" id="reload_virtual_host">Reload virtual host</h3>
<div class="level3">
......@@ -223,7 +227,7 @@ To allow the manager to reload the configuration, register the reload virtual ho
<div class="notetip">Adapt the reload virtual host name to the domain you configured.
</div>
</div>
<!-- EDIT13 SECTION "Reload virtual host" [2453-2754] -->
<!-- EDIT13 SECTION "Reload virtual host" [2461-2762] -->
<h3 class="sectionedit14" id="upgrade">Upgrade</h3>
<div class="level3">
......@@ -232,7 +236,7 @@ If you upgraded <abbr title="LemonLDAP::NG">LL::NG</abbr>, check all <a href="up
</p>
</div>
<!-- EDIT14 SECTION "Upgrade" [2755-2835] -->
<!-- EDIT14 SECTION "Upgrade" [2763-2843] -->
<h3 class="sectionedit15" id="dns">DNS</h3>
<div class="level3">
......@@ -248,7 +252,7 @@ Follow the <a href="start.html#configuration" class="wikilink1" title="documenta
</p>
</div>
<!-- EDIT15 SECTION "DNS" [2836-3108] -->
<!-- EDIT15 SECTION "DNS" [2844-3116] -->
<h2 class="sectionedit16" id="file_location">File location</h2>
<div class="level2">
<ul>
......@@ -269,7 +273,7 @@ Follow the <a href="start.html#configuration" class="wikilink1" title="documenta
</ul>
</div>
<!-- EDIT16 SECTION "File location" [3109-3645] -->
<!-- EDIT16 SECTION "File location" [3117-3653] -->
<h2 class="sectionedit17" id="build_your_packages">Build your packages</h2>
<div class="level2">
......@@ -281,6 +285,6 @@ cd lemonldap-ng-*
make debian-packages</pre>
</div>
<!-- EDIT17 SECTION "Build your packages" [3646-] --></div>
<!-- EDIT17 SECTION "Build your packages" [3654-] --></div>
</body>
</html>
......@@ -135,7 +135,18 @@ You can add this YUM repository to get recent packages:
<pre class="code">vi /etc/yum.repos.d/lemonldap-ng.repo</pre>
<pre class="file">[lemonldap-ng]
name=LemonLDAP::NG packages
baseurl=http://lemonldap-ng.org/rpm7/
baseurl=https://lemonldap-ng.org/redhat/stable/$releasever/noarch
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2</pre>
<div class="notetip">Replace <code>stable</code> by <code>2.0</code> to avoid upgrade to next major version