Commit a8cdb046 authored by Xavier Guimard's avatar Xavier Guimard

Update doc

parent af138325
...@@ -90,7 +90,7 @@ ...@@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form> <form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav"> <ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=b1ead7f504050dc6ea4ebced99caf5c1" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul> <li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=5e53528a309f1afd578fccb6a5f04cf7" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div> </div>
...@@ -220,7 +220,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio ...@@ -220,7 +220,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site --> </div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1526412059" width="2" height="1" alt="" /></div> <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1526585770" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no"> <div id="screen__mode" class="no">
<span class="visible-xs"></span> <span class="visible-xs"></span>
<span class="visible-sm"></span> <span class="visible-sm"></span>
......
...@@ -90,7 +90,7 @@ ...@@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form> <form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav"> <ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=b1ead7f504050dc6ea4ebced99caf5c1" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul> <li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=5e53528a309f1afd578fccb6a5f04cf7" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div> </div>
...@@ -220,7 +220,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio ...@@ -220,7 +220,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site --> </div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1526412059" width="2" height="1" alt="" /></div> <div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1526585770" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no"> <div id="screen__mode" class="no">
<span class="visible-xs"></span> <span class="visible-xs"></span>
<span class="visible-sm"></span> <span class="visible-sm"></span>
......
...@@ -66,25 +66,25 @@ Just enable it in the manager (section “plugins”). You <em class="u">must</e ...@@ -66,25 +66,25 @@ Just enable it in the manager (section “plugins”). You <em class="u">must</e
<div class="level2"> <div class="level2">
<p> <p>
When enabled, <code>/checkstate</code> <abbr title="Uniform Resource Locator">URL</abbr> path is handled by this plugin. It can be called only by an unauthenticated request. GET parameters: When enabled, <code>/checkstate</code> <abbr title="Uniform Resource Locator">URL</abbr> path is handled by this plugin. GET parameters:
</p> </p>
<div class="table sectionedit4"><table class="inline table table-bordered table-striped"> <div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<thead> <thead>
<tr class="row0 roweven"> <tr class="row0 roweven">
<th class="col0 centeralign"> Parameter </th><th class="col1 leftalign"> </th><th class="col2 centeralign"> Value </th> <th class="col0 centeralign"> GET Parameter </th><th class="col1 centeralign"> Need </th><th class="col2 centeralign"> Value </th>
</tr> </tr>
</thead> </thead>
<tr class="row1 rowodd"> <tr class="row1 rowodd">
<td class="col0 centeralign"> secret </td><td class="col1 centeralign"> required </td><td class="col2"> Same value as the shared secret given to the manager </td> <td class="col0 centeralign"> <code>secret</code> </td><td class="col1 centeralign"> required </td><td class="col2"> Same value as the shared secret given to the manager </td>
</tr> </tr>
<tr class="row2 roweven"> <tr class="row2 roweven">
<td class="col0 centeralign"> user </td><td class="col1 centeralign"> optional </td><td class="col2"> If set (with password), a login/logout process will be tried </td> <td class="col0 centeralign"> <code>user</code> </td><td class="col1 centeralign"> optional </td><td class="col2" rowspan="2"> If set (with password), a login/logout process will be tried </td>
</tr> </tr>
<tr class="row3 rowodd"> <tr class="row3 rowodd">
<td class="col0 centeralign"> password </td><td class="col1 centeralign"> optional </td><td class="col2 leftalign"> </td> <td class="col0 centeralign"> <code>password</code> </td><td class="col1 centeralign"> optional </td>
</tr> </tr>
</table></div> </table></div>
<!-- EDIT4 TABLE [466-693] --> <!-- EDIT4 TABLE [413-667] -->
<p> <p>
Example: <code><a href="https://auth.example.com/checkstate?secret=qwerty&amp;user=dwho&amp;password=dwho" class="urlextern" title="https://auth.example.com/checkstate?secret=qwerty&amp;user=dwho&amp;password=dwho" rel="nofollow">https://auth.example.com/checkstate?secret=qwerty&amp;user=dwho&amp;password=dwho</a></code> Example: <code><a href="https://auth.example.com/checkstate?secret=qwerty&amp;user=dwho&amp;password=dwho" class="urlextern" title="https://auth.example.com/checkstate?secret=qwerty&amp;user=dwho&amp;password=dwho" rel="nofollow">https://auth.example.com/checkstate?secret=qwerty&amp;user=dwho&amp;password=dwho</a></code>
</p> </p>
......
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
<meta charset="utf-8" /> <meta charset="utf-8" />
<title>documentation:2.0:cli_examples</title> <title>documentation:2.0:cli_examples</title>
<meta name="generator" content="DokuWiki"/> <meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/> <meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,cli_examples"/> <meta name="keywords" content="documentation,2.0,cli_examples"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/> <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="cli_examples.html"/> <link rel="start" href="cli_examples.html"/>
...@@ -298,7 +298,13 @@ In this example we have: ...@@ -298,7 +298,13 @@ In this example we have:
</li> </li>
<li class="level1"><div class="li"> Client secret : testclientsecret</div> <li class="level1"><div class="li"> Client secret : testclientsecret</div>
</li> </li>
<li class="level1"><div class="li"> Allowed redirection <abbr title="Uniform Resource Locator">URL</abbr>: <a href="https://testrp.e-serv.ch/?callback=1" class="urlextern" title="https://testrp.e-serv.ch/?callback=1" rel="nofollow">https://testrp.e-serv.ch/?callback=1</a></div> <li class="level1"><div class="li"> Allowed redirection <abbr title="Uniform Resource Locator">URL</abbr>:</div>
<ul>
<li class="level2"><div class="li"> For login: <a href="https://testrp.example.com/?callback=1" class="urlextern" title="https://testrp.example.com/?callback=1" rel="nofollow">https://testrp.example.com/?callback=1</a></div>
</li>
<li class="level2"><div class="li"> For logout: <a href="https://testrp.example.com/" class="urlextern" title="https://testrp.example.com/" rel="nofollow">https://testrp.example.com/</a></div>
</li>
</ul>
</li> </li>
<li class="level1"><div class="li"> Exported attributes:</div> <li class="level1"><div class="li"> Exported attributes:</div>
<ul> <ul>
...@@ -325,12 +331,12 @@ In this example we have: ...@@ -325,12 +331,12 @@ In this example we have:
<li class="level1"><div class="li"> Redirection:</div> <li class="level1"><div class="li"> Redirection:</div>
</li> </li>
</ul> </ul>
<pre class="code">/usr/share/lemonldap-ng/bin/lemonldap-ng-cli -yes 1 addKey oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsRedirectUris &#039;https://testrp.e-serv.ch/?callback=1&#039;</pre> <pre class="code">/usr/share/lemonldap-ng/bin/lemonldap-ng-cli -yes 1 addKey oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsRedirectUris &#039;https://testrp.example.com/?callback=1&#039; oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsPostLogoutRedirectUris &#039;https://testrp.example.com/&#039;</pre>
<ul> <ul>
<li class="level1"><div class="li"> Signature and token expiration:</div> <li class="level1"><div class="li"> Signature and token expiration:</div>
</li> </li>
</ul> </ul>
<pre class="code">/usr/share/lemonldap-ng/bin/lemonldap-ng-cli -yes 1 addKey oidcRPMetaDataOptions/idm oidcRPMetaDataOptionsIDTokenSignAlg RS512 oidcRPMetaDataOptions/idm oidcRPMetaDataOptionsIDTokenExpiration 3600 oidcRPMetaDataOptions/idm oidcRPMetaDataOptionsAccessTokenExpiration 3600</pre> <pre class="code">/usr/share/lemonldap-ng/bin/lemonldap-ng-cli -yes 1 addKey oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsIDTokenSignAlg RS512 oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsIDTokenExpiration 3600 oidcRPMetaDataOptions/testrp oidcRPMetaDataOptionsAccessTokenExpiration 3600</pre>
</div> </div>
<!-- EDIT9 SECTION "Register an OpenID Connect Relying Party" [7670-] --></div> <!-- EDIT9 SECTION "Register an OpenID Connect Relying Party" [7670-] --></div>
......
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
<meta charset="utf-8" /> <meta charset="utf-8" />
<title>documentation:2.0:configapache</title> <title>documentation:2.0:configapache</title>
<meta name="generator" content="DokuWiki"/> <meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/> <meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,configapache"/> <meta name="keywords" content="documentation,2.0,configapache"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/> <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="configapache.html"/> <link rel="start" href="configapache.html"/>
...@@ -46,13 +46,13 @@ ...@@ -46,13 +46,13 @@
<h1 class="sectionedit1" id="deploy_apache_configuration">Deploy Apache configuration</h1> <h1 class="sectionedit1" id="deploy_apache_configuration">Deploy Apache configuration</h1>
<div class="level1"> <div class="level1">
<div class="noteclassic">This step should already have been if you installed <abbr title="LemonLDAP::NG">LL::NG</abbr> with packages. <div class="noteclassic">This step should have been already done if you installed <abbr title="LemonLDAP::NG">LL::NG</abbr> with packages.
</div> </div>
</div> </div>
<!-- EDIT1 SECTION "Deploy Apache configuration" [1-131] --> <!-- EDIT1 SECTION "Deploy Apache configuration" [1-136] -->
<h2 class="sectionedit2" id="files">Files</h2> <h2 class="sectionedit2" id="files">Files</h2>
<div class="level2"> <div class="level2">
<div class="noteimportant">Apache-ModPerl is no longer usable since version 2.4 <em>(many segfaults,…)</em>. No problem for portal and manager since they are now handle by FastCGI. <div class="noteimportant">Apache-ModPerl is no longer usable since 2.4 version <em>(many segfaults,…)</em>. No problem for portal and manager since they are now handled by FastCGI.
<p> <p>
<strong>But for handlers, please use <a href="confignginx.html" class="wikilink1" title="documentation:2.0:confignginx">Nginx</a> !</strong> <strong>But for handlers, please use <a href="confignginx.html" class="wikilink1" title="documentation:2.0:confignginx">Nginx</a> !</strong>
</p> </p>
...@@ -82,7 +82,7 @@ a2ensite test-apache2.conf</pre> ...@@ -82,7 +82,7 @@ a2ensite test-apache2.conf</pre>
</div> </div>
</div> </div>
<!-- EDIT2 SECTION "Files" [132-1156] --> <!-- EDIT2 SECTION "Files" [137-1162] -->
<h2 class="sectionedit3" id="modules">Modules</h2> <h2 class="sectionedit3" id="modules">Modules</h2>
<div class="level2"> <div class="level2">
...@@ -104,6 +104,6 @@ You will also need to load some Apache modules: ...@@ -104,6 +104,6 @@ You will also need to load some Apache modules:
</div> </div>
</div> </div>
<!-- EDIT3 SECTION "Modules" [1157-] --></div> <!-- EDIT3 SECTION "Modules" [1163-] --></div>
</body> </body>
</html> </html>
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
<meta charset="utf-8" /> <meta charset="utf-8" />
<title>documentation:2.0:handlerarch</title> <title>documentation:2.0:handlerarch</title>
<meta name="generator" content="DokuWiki"/> <meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/> <meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,handlerarch"/> <meta name="keywords" content="documentation,2.0,handlerarch"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/> <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="handlerarch.html"/> <link rel="start" href="handlerarch.html"/>
...@@ -44,14 +44,14 @@ ...@@ -44,14 +44,14 @@
<body> <body>
<div class="dokuwiki export container"> <div class="dokuwiki export container">
<h1 class="sectionedit1" id="handler_architecture">Handler architecture</h1> <h1 class="sectionedit1" id="handler_libraries_architecture">Handler libraries architecture</h1>
<div class="level1"> <div class="level1">
<p> <p>
Handlers are build on rows of modules: Handlers are build on rows of modules:
</p> </p>
<ul> <ul>
<li class="level1"><div class="li"> Applications or launchers that get the request and choose the good type <em>(Main, AuthBasic, ZimbraPreAuth,…)</em> and launch it <em>(may not inherits of other Handler::* modules)</em></div> <li class="level1"><div class="li"> Applications or launchers that get the request and choose the right type <em>(Main, AuthBasic, ZimbraPreAuth,…)</em> and launch it <em>(may not inherits from other Handler::* modules)</em></div>
</li> </li>
<li class="level1"><div class="li"> Wrappers that call “type” library and platform “Main” <em>(may all inherits from Platform::Main)</em></div> <li class="level1"><div class="li"> Wrappers that call “type” library and platform “Main” <em>(may all inherits from Platform::Main)</em></div>
</li> </li>
...@@ -62,7 +62,7 @@ Handlers are build on rows of modules: ...@@ -62,7 +62,7 @@ Handlers are build on rows of modules:
</ul> </ul>
</div> </div>
<!-- EDIT1 SECTION "Handler architecture" [1-452] --> <!-- EDIT1 SECTION "Handler libraries architecture" [1-465] -->
<h2 class="sectionedit2" id="overview_of_handler_packages">Overview of Handler packages</h2> <h2 class="sectionedit2" id="overview_of_handler_packages">Overview of Handler packages</h2>
<div class="level2"> <div class="level2">
<div class="table sectionedit3"><table class="inline table table-bordered table-striped"> <div class="table sectionedit3"><table class="inline table table-bordered table-striped">
...@@ -84,7 +84,7 @@ Handlers are build on rows of modules: ...@@ -84,7 +84,7 @@ Handlers are build on rows of modules:
<td class="col0 centeralign" colspan="2"> PSGI </td><td class="col2 centeralign"> PSGI::&lt;type&gt; </td> <td class="col0 centeralign" colspan="2"> PSGI </td><td class="col2 centeralign"> PSGI::&lt;type&gt; </td>
</tr> </tr>
</table></div> </table></div>
<!-- EDIT3 TABLE [495-753] --> <!-- EDIT3 TABLE [508-766] -->
<p> <p>
Types are: Types are:
</p> </p>
...@@ -102,6 +102,6 @@ Types are: ...@@ -102,6 +102,6 @@ Types are:
</ul> </ul>
</div> </div>
<!-- EDIT2 SECTION "Overview of Handler packages" [453-] --></div> <!-- EDIT2 SECTION "Overview of Handler packages" [466-] --></div>
</body> </body>
</html> </html>
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
<meta charset="utf-8" /> <meta charset="utf-8" />
<title>documentation:2.0:handlerauthbasic</title> <title>documentation:2.0:handlerauthbasic</title>
<meta name="generator" content="DokuWiki"/> <meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/> <meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,handlerauthbasic"/> <meta name="keywords" content="documentation,2.0,handlerauthbasic"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/> <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="handlerauthbasic.html"/> <link rel="start" href="handlerauthbasic.html"/>
...@@ -70,25 +70,25 @@ ...@@ -70,25 +70,25 @@
<div class="level2"> <div class="level2">
<p> <p>
The AuthBasic Handler is a special Handler that will us AuthBasic to authenticate to a virtual host, and then play authorizations rules to allow access to the virtual The AuthBasic Handler is a special Handler that will use AuthBasic to authenticate to a virtual host, and then run authorization rules to allow access to the virtual
host. host.
</p> </p>
<p> <p>
The Handler will send a WWW-Authenticate header to the client, to request user and password, and then check the credentials using REST web service (you must enable REST session service in the manager). When session is granted, the Handler will then check the authorizations like the standard Handler. The Handler will send a WWW-Authenticate header to the client, to request user and password, and then check the credentials using REST web service (you must enable REST session service in the manager). Then, when session is granted, the Handler will check authorizations like the standard Handler.
</p> </p>
<p> <p>
This can be useful to allow an third party application to access a virtual host with users credentials by sending a Basic challenge to it. This can be useful to allow a third party application to access a virtual host with users credentials by sending a Basic challenge to it.
</p> </p>
</div> </div>
<!-- EDIT2 SECTION "Presentation" [34-677] --> <!-- EDIT2 SECTION "Presentation" [34-672] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2> <h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2"> <div class="level2">
</div> </div>
<!-- EDIT3 SECTION "Configuration" [678-704] --> <!-- EDIT3 SECTION "Configuration" [673-699] -->
<h3 class="sectionedit4" id="virtual_host">Virtual host</h3> <h3 class="sectionedit4" id="virtual_host">Virtual host</h3>
<div class="level3"> <div class="level3">
...@@ -107,7 +107,7 @@ If you want to protect only a virtualHost part, keep type on “Main” and set ...@@ -107,7 +107,7 @@ If you want to protect only a virtualHost part, keep type on “Main” and set
</ul> </ul>
</div> </div>
<!-- EDIT4 SECTION "Virtual host" [705-1095] --> <!-- EDIT4 SECTION "Virtual host" [700-1090] -->
<h3 class="sectionedit5" id="nginx">Nginx</h3> <h3 class="sectionedit5" id="nginx">Nginx</h3>
<div class="level3"> <div class="level3">
...@@ -144,7 +144,7 @@ location / { ...@@ -144,7 +144,7 @@ location / {
}</pre> }</pre>
</div> </div>
<!-- EDIT5 SECTION "Nginx" [1096-2119] --> <!-- EDIT5 SECTION "Nginx" [1091-2114] -->
<h3 class="sectionedit6" id="handler_parameters">Handler parameters</h3> <h3 class="sectionedit6" id="handler_parameters">Handler parameters</h3>
<div class="level3"> <div class="level3">
...@@ -153,6 +153,6 @@ No parameters needed. But you have to allow sessions web services, see <a href=" ...@@ -153,6 +153,6 @@ No parameters needed. But you have to allow sessions web services, see <a href="
</p> </p>
</div> </div>
<!-- EDIT6 SECTION "Handler parameters" [2120-] --></div> <!-- EDIT6 SECTION "Handler parameters" [2115-] --></div>
</body> </body>
</html> </html>
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
<meta charset="utf-8" /> <meta charset="utf-8" />
<title>documentation:2.0:logs</title> <title>documentation:2.0:logs</title>
<meta name="generator" content="DokuWiki"/> <meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/> <meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,logs"/> <meta name="keywords" content="documentation,2.0,logs"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/> <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="logs.html"/> <link rel="start" href="logs.html"/>
......
...@@ -88,7 +88,7 @@ Up-to-date documentation is available on GitHub. ...@@ -88,7 +88,7 @@ Up-to-date documentation is available on GitHub.
</li> </li>
<li class="level1"><div class="li"> Multi-lines are not supported in lemonldap-ng.ini</div> <li class="level1"><div class="li"> Multi-lines are not supported in lemonldap-ng.ini</div>
</li> </li>
<li class="level1"><div class="li"> Virtualhosts handled by node-lemonldap-ng-handler must be explicitly declared in you <code>lemonldap-ng.ini</code> file in <code>[node-handler]</code> section <em>(<strong>NB</strong>: section <code>[handler]</code> isn&#039;t used by node handler)</em>:</div> <li class="level1"><div class="li"> Virtualhosts handled by node-lemonldap-ng-handler must be explicitly declared in your <code>lemonldap-ng.ini</code> file in <code>[node-handler]</code> section <em>(<strong>NB</strong>: section <code>[handler]</code> isn&#039;t used by node handler)</em>:</div>
</li> </li>
</ul> </ul>
<pre class="code ini"><span class="re0"><span class="br0">&#91;</span>node-handler<span class="br0">&#93;</span></span> <pre class="code ini"><span class="re0"><span class="br0">&#91;</span>node-handler<span class="br0">&#93;</span></span>
...@@ -96,7 +96,7 @@ Up-to-date documentation is available on GitHub. ...@@ -96,7 +96,7 @@ Up-to-date documentation is available on GitHub.
<span class="re1">nodeVhosts</span> <span class="sy0">=</span><span class="re2"> test.example.com, test2.example.com</span></pre> <span class="re1">nodeVhosts</span> <span class="sy0">=</span><span class="re2"> test.example.com, test2.example.com</span></pre>
</div> </div>
<!-- EDIT2 SECTION "Examples" [210-730] --> <!-- EDIT2 SECTION "Examples" [210-731] -->
<h3 class="sectionedit3" id="use_it_as_fastcgi_server_application_protection_only">Use it as FastCGI server (application protection only)</h3> <h3 class="sectionedit3" id="use_it_as_fastcgi_server_application_protection_only">Use it as FastCGI server (application protection only)</h3>
<div class="level3"> <div class="level3">
...@@ -142,7 +142,7 @@ handler.<span class="me1">nginxServer</span><span class="br0">&#40;</span><span ...@@ -142,7 +142,7 @@ handler.<span class="me1">nginxServer</span><span class="br0">&#40;</span><span
# Keep original hostname # Keep original hostname
fastcgi_param HOST $http_host; fastcgi_param HOST $http_host;
&nbsp; &nbsp;
# Keep original request (LLNG server will received /llauth) # Keep original request (LLNG server will received /lmauth)
fastcgi_param X_ORIGINAL_URI $request_uri; fastcgi_param X_ORIGINAL_URI $request_uri;
} }
&nbsp; &nbsp;
...@@ -158,7 +158,7 @@ handler.<span class="me1">nginxServer</span><span class="br0">&#40;</span><span ...@@ -158,7 +158,7 @@ handler.<span class="me1">nginxServer</span><span class="br0">&#40;</span><span
</dd></dl> </dd></dl>
</div> </div>
<!-- EDIT3 SECTION "Use it as FastCGI server (application protection only)" [731-1912] --> <!-- EDIT3 SECTION "Use it as FastCGI server (application protection only)" [732-1913] -->
<h3 class="sectionedit4" id="use_it_to_protect_an_express_app">Use it to protect an express app</h3> <h3 class="sectionedit4" id="use_it_to_protect_an_express_app">Use it to protect an express app</h3>
<div class="level3"> <div class="level3">
<dl class="file"> <dl class="file">
...@@ -188,6 +188,6 @@ app.<span class="me1">listen</span><span class="br0">&#40;</span><span class="nu ...@@ -188,6 +188,6 @@ app.<span class="me1">listen</span><span class="br0">&#40;</span><span class="nu
</dd></dl> </dd></dl>
</div> </div>
<!-- EDIT4 SECTION "Use it to protect an express app" [1913-] --></div> <!-- EDIT4 SECTION "Use it to protect an express app" [1914-] --></div>
</body> </body>
</html> </html>
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
<meta charset="utf-8" /> <meta charset="utf-8" />
<title>documentation:2.0:parameterlist</title> <title>documentation:2.0:parameterlist</title>
<meta name="generator" content="DokuWiki"/> <meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/> <meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,parameterlist"/> <meta name="keywords" content="documentation,2.0,parameterlist"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/> <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="parameterlist.html"/> <link rel="start" href="parameterlist.html"/>
......
This diff is collapsed.
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
<meta charset="utf-8" /> <meta charset="utf-8" />
<title>documentation:2.0:psgi</title> <title>documentation:2.0:psgi</title>
<meta name="generator" content="DokuWiki"/> <meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/> <meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,psgi"/> <meta name="keywords" content="documentation,2.0,psgi"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/> <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="psgi.html"/> <link rel="start" href="psgi.html"/>
...@@ -66,11 +66,11 @@ LLNG is build on <a href="http://plackperl.org/" class="urlextern" title="http:/ ...@@ -66,11 +66,11 @@ LLNG is build on <a href="http://plackperl.org/" class="urlextern" title="http:/
</ul> </ul>
<p> <p>
uWSGI and <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js handler</a> may provide the highest performance. uWSGI or <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js FastCGI server</a> may provide the highest performance.
</p> </p>
</div> </div>
<!-- EDIT1 SECTION "Advanced PSGI usage" [1-629] --> <!-- EDIT1 SECTION "Advanced PSGI usage" [1-635] -->
<h2 class="sectionedit2" id="fastcgi_server_replacement">FastCGI server replacement</h2> <h2 class="sectionedit2" id="fastcgi_server_replacement">FastCGI server replacement</h2>
<div class="level2"> <div class="level2">
...@@ -78,9 +78,21 @@ uWSGI and <a href="nodehandler.html" class="wikilink1" title="documentation:2.0: ...@@ -78,9 +78,21 @@ uWSGI and <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:
A <code>llng-server.psgi</code> is provided in example directory. It is designed to replace exactly FastCGI server. You can use it : A <code>llng-server.psgi</code> is provided in example directory. It is designed to replace exactly FastCGI server. You can use it :
</p> </p>
<ul> <ul>
<li class="level1"><div class="li"> with a FCGI Plack server, but you just have to change llng-fastcgi-server engine <em>(in /etc/default/llng-fastcgi-server)</em> to have the same result</div> <li class="level1"><div class="li"> with a FCGI Plack server, but you just have to change llng-fastcgi-server engine <em>(in /etc/default/llng-fastcgi-server)</em> to have the same result. Available engines:</div>
<ul>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI" rel="nofollow">FCGI</a> <strong>(default)</strong></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" rel="nofollow">AnyEvent::FCGI</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::EV" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::EV" rel="nofollow">FCGI::EV</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine" rel="nofollow">FCGI::Engine</a></div>
</li> </li>
<li class="level1"><div class="li"> with a HTTP Plack server, not yet tested</div> <li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Engine::ProcManager" rel="nofollow">FCGI::Engine::ProcManager</a></div>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI::Async" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI::Async" rel="nofollow">FCGI::Async</a></div>
</li>
</ul>
</li> </li>
<li class="level1"><div class="li"> with uWSGI <em><strong>(see below)</strong></em></div> <li class="level1"><div class="li"> with uWSGI <em><strong>(see below)</strong></em></div>
</li> </li>
...@@ -100,7 +112,7 @@ See also <a href="highperfnginxhandler.html" class="wikilink1" title="documentat ...@@ -100,7 +112,7 @@ See also <a href="highperfnginxhandler.html" class="wikilink1" title="documentat
</p> </p>
</div> </div>
<!-- EDIT2 SECTION "FastCGI server replacement" [630-1417] --> <!-- EDIT2 SECTION "FastCGI server replacement" [636-1878] -->
<h3 class="sectionedit3" id="using_uwsgi">Using uWSGI</h3> <h3 class="sectionedit3" id="using_uwsgi">Using uWSGI</h3>
<div class="level3"> <div class="level3">
...@@ -114,6 +126,6 @@ You will find in LLNG Nginx configuration files some comments that explain how t ...@@ -114,6 +126,6 @@ You will find in LLNG Nginx configuration files some comments that explain how t
</p> </p>
</div> </div>
<!-- EDIT3 SECTION "Using uWSGI" [1418-] --></div> <!-- EDIT3 SECTION "Using uWSGI" [1879-] --></div>
</body> </body>
</html> </html>
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
<meta charset="utf-8" /> <meta charset="utf-8" />
<title>documentation:2.0:redirections</title> <title>documentation:2.0:redirections</title>
<meta name="generator" content="DokuWiki"/> <meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/> <meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,redirections"/> <meta name="keywords" content="documentation,2.0,redirections"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/> <link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="redirections.html"/> <link rel="start" href="redirections.html"/>
...@@ -43,15 +43,37 @@ ...@@ -43,15 +43,37 @@
</head> </head>
<body> <body>
<div class="dokuwiki export container"> <div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<h1 class="sectionedit1" id="handler_redirections">Handler Redirections</h1> <ul class="toc">
<li class="level1"><div class="li"><a href="#handler_redirections">Handler Redirections</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#protocol_and_port">Protocol and port</a></div></li>
<li class="level2"><div class="li"><a href="#forbidden_and_server_error">Forbidden and Server error</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#portal_redirections">Portal Redirections</a></div></li>
</ul>
</div>
</div>
<!-- TOC END -->
<h1 class="sectionedit1" id="redirections">Redirections</h1>
<div class="level1"> <div class="level1">
</div>
<!-- EDIT1 SECTION "Redirections" [1-28] -->
<h2 class="sectionedit2" id="handler_redirections">Handler Redirections</h2>
<div class="level2">
<div class="noteclassic">When a user access a Handler without a cookie, he is redirected on portal, and the target <abbr title="Uniform Resource Locator">URL</abbr> is encoded in redirection <abbr title="Uniform Resource Locator">URL</abbr> (to redirect user after authentication process). <div class="noteclassic">When a user access a Handler without a cookie, he is redirected on portal, and the target <abbr title="Uniform Resource Locator">URL</abbr> is encoded in redirection <abbr title="Uniform Resource Locator">URL</abbr> (to redirect user after authentication process).
</div> </div>
</div> </div>
<!-- EDIT1 SECTION "Handler Redirections" [1-223] --> <!-- EDIT2 SECTION "Handler Redirections" [29-249] -->
<h2 class="sectionedit2" id="protocol_and_port">Protocol and port</h2> <h3 class="sectionedit3" id="protocol_and_port">Protocol and port</h3>
<div class="level2"> <div class="level3">
<p> <p>
To encode the redirection <abbr title="Uniform Resource Locator">URL</abbr>, the handler will use some Apache environment variables and also configuration settings: To encode the redirection <abbr title="Uniform Resource Locator">URL</abbr>, the handler will use some Apache environment variables and also configuration settings:
...@@ -69,9 +91,9 @@ These parameters can be configured in Manager, in <code>General Parameters</code ...@@ -69,9 +91,9 @@ These parameters can be configured in Manager, in <code>General Parameters</code
<div class="notetip">These settings can be overridden per virtual host, see <a href="configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">virtual host management</a>. <div class="notetip">These settings can be overridden per virtual host, see <a href="configvhost.html" class="wikilink1" title="documentation:2.0:configvhost">virtual host management</a>.
</div> </div>
</div> </div>
<!-- EDIT2 SECTION "Protocol and port" [224-732] --> <!-- EDIT3 SECTION "Protocol and port" [250-756] -->
<h2 class="sectionedit3" id="forbidden_and_server_error">Forbidden and Server error</h2> <h3 class="sectionedit4" id="forbidden_and_server_error">Forbidden and Server error</h3>
<div class="level2"> <div class="level3">
<p> <p>
Handler use the default Apache error code for the following cases: Handler use the default Apache error code for the following cases:
...@@ -116,18 +138,20 @@ These parameters can be configured in Manager, in <code>General Parameters</code ...@@ -116,18 +138,20 @@ These parameters can be configured in Manager, in <code>General Parameters</code
</ul> </ul>
</div> </div>
<!-- EDIT3 SECTION "Forbidden and Server error" [733-2104] --> <!-- EDIT4 SECTION "Forbidden and Server error" [757-2126] -->
<h1 class="sectionedit4" id="portal_redirections">Portal Redirections</h1> <h2 class="sectionedit5" id="portal_redirections">Portal Redirections</h2>
<div class="level1"> <div class="level2">
<div class="noteclassic">If a user is redirected from handler to portal for authentication and once he is authenticated, portal redirects him to the redirection <abbr title="Uniform Resource Locator">URL</abbr>. <div class="noteclassic">If a user is redirected from handler to portal for authentication and once he is authenticated, portal redirects him to the redirection <abbr title="Uniform Resource Locator">URL</abbr>.
</div><ul> </div><ul>
<li class="level1"><div class="li"> <strong>Redirection message</strong>: The redirection from portal can be done either with code 303 (See Other), or with a JavaScript redirection. Often the redirection takes some time because it is user&#039;s first access to the protected app, so a new app session has to be created : JavaScript redirection improves user experience by informing that authentication is performed, and by preventing from clicking again on the button because it is too slow.</div> <li class="level1"><div class="li"> <strong>Redirection message</strong>: The redirection from portal can be done either with code 303 (See Other), or with a JavaScript redirection. Often the redirection takes some time because it is user&#039;s first access to the protected app, so a new app session has to be created : JavaScript redirection improves user experience by informing that authentication is performed, and by preventing from clicking again on the button because it is too slow.</div>
</li> </li>
<li class="level1"><div class="li"> <strong>Keep redirections for Ajax</strong>: By default, when an Ajax request is done on the portal for an unauthenticated user (after a redirection done by the handler), a 401 code will be sentwith a <code>WWW-Authenticate</code> header containing “<abbr title="Single Sign On">SSO</abbr> &lt;portal-<abbr title="Uniform Resource Locator">URL</abbr>&gt;”. Set this option to 1 to keep the old behavior (return of <abbr title="HyperText Markup Language">HTML</abbr> code).</div> <li class="level1"><div class="li"> <strong>Keep redirections for Ajax</strong>: By default, when an Ajax request is done on the portal for an unauthenticated user (after a redirection done by the handler), a 401 code will be sentwith a <code>WWW-Authenticate</code> header containing “<abbr title="Single Sign On">SSO</abbr> &lt;portal-<abbr title="Uniform Resource Locator">URL</abbr>&gt;”. Set this option to 1 to keep the old behavior (return of <abbr title="HyperText Markup Language">HTML</abbr> code).</div>
</li> </li>
<li class="level1"><div class="li"> <strong>Skip re-auth confirmation</strong>: by default, when re-authentication is needed, a confirmation screen is displayed to let user accept the re-authentication. If you enable this option, user will be directly redirected to login page.</div>
</li>
</ul> </ul>