Commit b3877e74 authored by Clément OUDOT's avatar Clément OUDOT

Update documentation

parent 58703dcf
This diff is collapsed.
......@@ -34,7 +34,9 @@
<p>
<a href="/_detail/icons/xfmail.png?id=contact" class="media" title="icons:xfmail.png"><img src="../media/icons/xfmail.png" class="medialeft" align="left" alt="" /></a>
<div style="width:100px;height:80px;float:left;">
<a href="/_detail/icons/xfmail.png?id=contact" class="media" title="icons:xfmail.png"><img src="../media/icons/xfmail.png" class="media" alt="" /></a>
</div>
</p>
<ul>
......@@ -47,13 +49,15 @@
</ul>
</div>
<!-- SECTION "Mailing lists" [35-421] -->
<!-- SECTION "Mailing lists" [35-503] -->
<h2><a name="irc" id="irc">IRC</a></h2>
<div class="level2">
<p>
<a href="/_detail/icons/chat.png?id=contact" class="media" title="icons:chat.png"><img src="../media/icons/chat.png" class="medialeft" align="left" alt="" /></a>
<div style="width:100px;height:50px;float:left;">
<a href="/_detail/icons/chat.png?id=contact" class="media" title="icons:chat.png"><img src="../media/icons/chat.png" class="media" alt="" /></a>
</div>
</p>
<p>
......@@ -72,13 +76,15 @@ No <acronym title="Internet Relay Chat">IRC</acronym> client? <a href="http://we
<iframe src="http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fhome.php%3F%23%21%2Fpages%2FLemonldapNG%2F328254254936&amp;width=300&amp;colorscheme=light&amp;connections=10&amp;stream=false&amp;header=false&amp;height=200" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:300px; height:587px;float:right;" allowTransparency="true"></iframe>
</div>
<!-- SECTION "IRC" [422-992] -->
<!-- SECTION "IRC" [504-1156] -->
<h2><a name="social_networks_and_news" id="social_networks_and_news">Social Networks and News</a></h2>
<div class="level2">
<p>
<a href="/_detail/icons/knewsticker.png?id=contact" class="media" title="icons:knewsticker.png"><img src="../media/icons/knewsticker.png" class="medialeft" align="left" alt="" /></a>
<div style="width:100px;height:100px;float:left;">
<a href="/_detail/icons/knewsticker.png?id=contact" class="media" title="icons:knewsticker.png"><img src="../media/icons/knewsticker.png" class="media" alt="" /></a>
</div>
</p>
<ul>
......@@ -92,19 +98,16 @@ No <acronym title="Internet Relay Chat">IRC</acronym> client? <a href="http://we
</li>
</ul>
<p>
<br/>
</p>
</div>
<!-- SECTION "Social Networks and News" [993-1388] -->
<!-- SECTION "Social Networks and News" [1157-1630] -->
<h2><a name="reporting_a_bug" id="reporting_a_bug">Reporting a bug</a></h2>
<div class="level2">
<p>
<a href="/_detail/icons/bug.png?id=contact" class="media" title="icons:bug.png"><img src="../media/icons/bug.png" class="medialeft" align="left" alt="" /></a>
<div style="width:100px;height:50px;float:left;">
<a href="/_detail/icons/bug.png?id=contact" class="media" title="icons:bug.png"><img src="../media/icons/bug.png" class="media" alt="" /></a>
</div>
</p>
<p>
......@@ -117,43 +120,41 @@ We use <a href="http://jira.ow2.org" class="urlextern" title="http://jira.ow2.or
</p>
</div>
<!-- SECTION "Reporting a bug" [1389-1691] -->
<!-- SECTION "Reporting a bug" [1631-2015] -->
<h1><a name="the_team" id="the_team">The team</a></h1>
<div class="level1">
</div>
<!-- SECTION "The team" [1692-1715] -->
<!-- SECTION "The team" [2016-2039] -->
<h2><a name="core_team" id="core_team">Core team</a></h2>
<div class="level2">
<p>
<a href="/_detail/icons/tux.png?id=contact" class="media" title="icons:tux.png"><img src="../media/icons/tux.png" class="medialeft" align="left" alt="" /></a>
<div style="width:100px;height:80px;float:left;">
<a href="/_detail/icons/tux.png?id=contact" class="media" title="icons:tux.png"><img src="../media/icons/tux.png" class="media" alt="" /></a>
</div>
</p>
<ul>
<li class="level1"><div class="li"> Xavier GUIMARD: project leader, lead developer</div>
<li class="level1"><div class="li"> <strong>Xavier GUIMARD</strong>: project leader, lead developer</div>
</li>
<li class="level1"><div class="li"> Clément OUDOT: developer, graphics, documentation, community management</div>
<li class="level1"><div class="li"> <strong>Clément “KPTN” OUDOT</strong>: developer, graphics, documentation, community management</div>
</li>
<li class="level1"><div class="li"> Thomas CHEMINEAU: developer, graphics</div>
<li class="level1"><div class="li"> <strong>Thomas CHEMINEAU</strong>: developer, graphics</div>
</li>
</ul>
<p>
<br/>
</p>
</div>
<!-- SECTION "Core team" [1716-1935] -->
<!-- SECTION "Core team" [2040-2356] -->
<h2><a name="past_and_present_contributors" id="past_and_present_contributors">Past and present contributors</a></h2>
<div class="level2">
<p>
<a href="/_detail/icons/personal.png?id=contact" class="media" title="icons:personal.png"><img src="../media/icons/personal.png" class="medialeft" align="left" alt="" /></a>
<div style="width:100px;height:250px;float:left;">
<a href="/_detail/icons/personal.png?id=contact" class="media" title="icons:personal.png"><img src="../media/icons/personal.png" class="media" alt="" /></a>
</div>
</p>
<ul>
......@@ -181,11 +182,5 @@ We use <a href="http://jira.ow2.org" class="urlextern" title="http://jira.ow2.or
</li>
</ul>
<p>
<br/>
</p>
</div>
<!-- SECTION "Past and present contributors" [1936-] --></div><!-- closes <div class="dokuwiki export">-->
\ No newline at end of file
<!-- SECTION "Past and present contributors" [2357-] --></div><!-- closes <div class="dokuwiki export">-->
\ No newline at end of file
......@@ -21,14 +21,14 @@
<hr />
<p style="text-align:center"><strong>Sponsored by</p></strong>
<p style="text-align:center"><strong>Sponsored by</strong></p>
<p>
<a href="http://www.gendarmerie.interieur.gouv.fr/" class="media" title="http://www.gendarmerie.interieur.gouv.fr/" rel="nofollow"><img src="../media/logos/logo_gn.png" class="mediacenter" alt="" /></a>
<a href="http://www.linagora.com" class="media" title="http://www.linagora.com" rel="nofollow"><img src="../media/logos/logo_linagora.png" class="mediacenter" alt="" /></a>
</p>
<hr />
<p style="text-align:center"><strong>Hosted by</p></strong>
<p style="text-align:center"><strong>Hosted by</strong></p>
<p>
<a href="http://www.ow2.org" class="media" title="http://www.ow2.org" rel="nofollow"><img src="../media/logos/ow2.png" class="mediacenter" alt="" width="150" /></a>
......
......@@ -42,24 +42,20 @@
<ul>
<li class="level1"><div class="li"> <a href="documentation/presentation.html" class="wikilink1" title="documentation:presentation">How it works</a></div>
</li>
<li class="level1"><div class="li"> <a href="documentation/features.html" class="wikilink1" title="documentation:features">Main features</a></div>
</li>
<li class="level1"><div class="li"> <a href="documentation/quickstart.html" class="wikilink1" title="documentation:quickstart">Quick start tutorial</a></div>
</li>
</ul>
<p>
<br/>
</p>
</div>
<!-- SECTION "Presentation" [41-283] -->
<!-- SECTION "Presentation" [41-324] -->
<h2><a name="installation_and_configuration" id="installation_and_configuration">Installation and configuration</a></h2>
<div class="level2">
<p>
<div style="width:100px;height:100px;float:left;">
<div style="width:100px;height:120px;float:left;">
<a href="/_detail/icons/windowlist.png?id=documentation" class="media" title="icons:windowlist.png"><img src="../media/icons/windowlist.png" class="media" alt="" /></a>
</div>
......@@ -80,7 +76,7 @@
</ul>
</div>
<!-- SECTION "Installation and configuration" [284-649] -->
<!-- SECTION "Installation and configuration" [325-690] -->
<h2><a name="development" id="development">Development</a></h2>
<div class="level2">
......@@ -117,7 +113,7 @@
</ul>
</div>
<!-- SECTION "Development" [650-1574] -->
<!-- SECTION "Development" [691-1615] -->
<h2><a name="other" id="other">Other</a></h2>
<div class="level2">
......@@ -136,4 +132,4 @@
</ul>
</div>
<!-- SECTION "Other" [1575-] --></div><!-- closes <div class="dokuwiki export">-->
\ No newline at end of file
<!-- SECTION "Other" [1616-] --></div><!-- closes <div class="dokuwiki export">-->
\ No newline at end of file
......@@ -57,12 +57,45 @@
</p>
<p>
They can then be forwarded to applications trough <a href="../../documentation/1.0/writingrulesand_headers.html#headers" class="wikilink1" title="documentation:1.0:writingrulesand_headers">HTTP headers</a>.
</p>
</div>
<!-- SECTION "Presentation" [71-656] -->
<!-- SECTION "Presentation" [71-655] -->
<h2><a name="perl-cas_module_installation" id="perl-cas_module_installation">Perl-CAS module installation</a></h2>
<div class="level2">
<p>
Download the latest version:
</p>
<pre class="code">
wget https://sourcesup.cru.fr/frs/download.php/2476/AuthCAS-1.4.tar.gz
</pre>
<p>
Extract and build the module:
</p>
<pre class="code">
tar zxvf AuthCAS-1.4.tar.gz
cd AuthCAS-1.4/
perl Makefile.PL
make
make test
</pre>
<p>
Install the module:
</p>
<pre class="code">
sudo make install
</pre>
</div>
<!-- SECTION "Perl-CAS module installation" [656-989] -->
<h2><a name="configuration" id="configuration">Configuration</a></h2>
<div class="level2">
......@@ -72,7 +105,6 @@ In Manager, go in <code>General Parameters</code> &gt; <code>Authentication modu
</p>
<p>
<p><div class="notetip">You can then choose any other module for users and password.
</div></p>
</p>
......@@ -91,7 +123,7 @@ Then, go in <code><acronym title="Central Authentication Service">CAS</acronym>
</li>
<li class="level1"><div class="li"> <strong>Gateways authentication</strong>: force transparent authentication on <acronym title="Central Authentication Service">CAS</acronym> server</div>
</li>
<li class="level1"><div class="li"> <strong><acronym title="Proxy Granting Ticket">PGT</acronym> file</strong>: temporary file where proxy tickets are stored</div>
<li class="level1"><div class="li"> <strong><acronym title="Proxy Granting Ticket">PGT</acronym> file</strong>: temporary file where proxy tickets are stored (by default, <code>/tmp/pgt.txt</code>)</div>
</li>
<li class="level1"><div class="li"> <strong>Proxied services</strong>: list of services for which a proxy ticket is requested:</div>
<ul>
......@@ -103,5 +135,27 @@ Then, go in <code><acronym title="Central Authentication Service">CAS</acronym>
</li>
</ul>
<p>
<p><div class="notetip">If no proxied services defined, <acronym title="Central Authentication Service">CAS</acronym> authentication will not activate the <acronym title="Central Authentication Service">CAS</acronym> proxy mode.
</div></p>
</p>
<p>
<p><div class="noteimportant">
If you activate proxy mode, you must create the <acronym title="Proxy Granting Ticket">PGT</acronym> file on your system, for example:
</p>
<pre class="code">
touch /tmp/pgt.txt
</pre>
<p>
</div></p>
</p>
</div>
<!-- SECTION "Configuration" [657-] --></div><!-- closes <div class="dokuwiki export">-->
\ No newline at end of file
<!-- SECTION "Configuration" [990-] --></div><!-- closes <div class="dokuwiki export">-->
\ No newline at end of file
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
lang="en" dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title></title>
<!-- metadata -->
<meta name="generator" content="Offline" />
<meta name="version" content="Offline 0.1" />
<!-- style sheet links -->
<link rel="stylesheet" media="all" type="text/css" href="../../../css/all.css" />
<link rel="stylesheet" media="screen" type="text/css" href="../../../css/screen.css" />
<link rel="stylesheet" media="print" type="text/css" href="../../../css/print.css" />
</head>
<body>
<div class="dokuwiki export">
<h1><a name="null" id="null">Null</a></h1>
<div class="level1">
<table class="inline">
<tr class="row0 roweven">
<th class="col0">Authentication </th><th class="col1"> Users </th><th class="col2"> Password </th>
</tr>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2 centeralign"></td>
</tr>
</table>
</div>
<!-- SECTION "Null" [1-84] -->
<h2><a name="presentation" id="presentation">Presentation</a></h2>
<div class="level2">
<p>
<acronym title="LemonLDAP::NG">LL::NG</acronym> Null backend is a transparent backend:
</p>
<ul>
<li class="level1"><div class="li"> Authentication: will create session without prompting any credentials (but will register client <acronym title="Internet Protocol">IP</acronym> and creation date)</div>
</li>
<li class="level1"><div class="li"> Users: will not collect any data (but you can still register environment variables in session)</div>
</li>
<li class="level1"><div class="li"> Password: will not change any password</div>
</li>
</ul>
<p>
You can use Null backend to bypass some authentication process steps.
</p>
</div>
<!-- SECTION "Presentation" [85-492] -->
<h2><a name="configuration" id="configuration">Configuration</a></h2>
<div class="level2">
<p>
In Manager, go in <code>General Parameters</code> &gt; <code>Authentication modules</code> and choose Null for authentication, users or password module.
</p>
<p>
Then, go in <code>Null parameters</code>:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Authentication level</strong>: authentication level for this module.</div>
</li>
</ul>
</div>
<!-- SECTION "Configuration" [493-] --></div><!-- closes <div class="dokuwiki export">-->
\ No newline at end of file
......@@ -29,12 +29,12 @@
<th class="col0">Authentication </th><th class="col1"> Users </th><th class="col2"> Password </th>
</tr>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 rightalign"> </td><td class="col2"> </td>
<td class="col0 centeralign"></td><td class="col1 centeralign"> </td><td class="col2"> </td>
</tr>
</table>
</div>
<!-- SECTION "OpenID" [1-78] -->
<!-- SECTION "OpenID" [1-79] -->
<h2><a name="presentation" id="presentation">Presentation</a></h2>
<div class="level2">
......@@ -66,7 +66,7 @@ If OpenID is used as users database, attributes will be requested to the server
</p>
</div>
<!-- SECTION "Presentation" [79-825] -->
<!-- SECTION "Presentation" [80-826] -->
<h2><a name="configuration" id="configuration">Configuration</a></h2>
<div class="level2">
......@@ -125,4 +125,4 @@ To configure requested attributes, go in <code>Variables</code> &gt; <code>Expor
</ul>
</div>
<!-- SECTION "Configuration" [826-] --></div><!-- closes <div class="dokuwiki export">-->
\ No newline at end of file
<!-- SECTION "Configuration" [827-] --></div><!-- closes <div class="dokuwiki export">-->
\ No newline at end of file
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
lang="en" dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title></title>
<!-- metadata -->
<meta name="generator" content="Offline" />
<meta name="version" content="Offline 0.1" />
<!-- style sheet links -->
<link rel="stylesheet" media="all" type="text/css" href="../../../css/all.css" />
<link rel="stylesheet" media="screen" type="text/css" href="../../../css/screen.css" />
<link rel="stylesheet" media="print" type="text/css" href="../../../css/print.css" />
</head>
<body>
<div class="dokuwiki export">
<h1><a name="proxy" id="proxy">Proxy</a></h1>
<div class="level1">
<table class="inline">
<tr class="row0 roweven">
<th class="col0">Authentication </th><th class="col1"> Users </th><th class="col2"> Password </th>
</tr>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2"> </td>
</tr>
</table>
</div>
<!-- SECTION "Proxy" [1-79] -->
<h2><a name="presentation" id="presentation">Presentation</a></h2>
<div class="level2">
<p>
<acronym title="LemonLDAP::NG">LL::NG</acronym> is able to transfer (trough <acronym title="Simple Object Access Protocol">SOAP</acronym>) authentication credentials to another <acronym title="LemonLDAP::NG">LL::NG</acronym> portal, like a proxy.
</p>
<p>
The difference with <a href="../../documentation/1.0/authremote.html" class="wikilink1" title="documentation:1.0:authremote">remote authentication</a> is that the client will never be redirect to the main <acronym title="LemonLDAP::NG">LL::NG</acronym> portal. This configuration is usable if you want to expose your internal <acronym title="Single Sign On">SSO</acronym> portal to another network (DMZ).
</p>
</div>
<!-- SECTION "Presentation" [80-443] -->
<h2><a name="configuration" id="configuration">Configuration</a></h2>
<div class="level2">
</div>
<!-- SECTION "Configuration" [444-470] -->
<h3><a name="external_portal" id="external_portal">External portal</a></h3>
<div class="level3">
<p>
In Manager, go in <code>General Parameters</code> &gt; <code>Authentication modules</code> and choose Proxy for authentication and users.
</p>
<p>
Then, go in <code>Proxy parameters</code>:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Portal <acronym title="Uniform Resource Locator">URL</acronym></strong>: <acronym title="Uniform Resource Locator">URL</acronym> of internal portal</div>
</li>
<li class="level1"><div class="li"> <strong>Cookie name</strong> (optional): name of the cookie of internal portal, if different from external portal</div>
</li>
<li class="level1"><div class="li"> <strong><acronym title="Simple Object Access Protocol">SOAP</acronym> sessions end point</strong> (optional): <acronym title="Simple Object Access Protocol">SOAP</acronym> end point, if not based on internal portal <acronym title="Uniform Resource Locator">URL</acronym> with <code>index.pl/sessions</code> suffix</div>
</li>
</ul>
</div>
<!-- SECTION "External portal" [471-928] -->
<h3><a name="internal_portal" id="internal_portal">Internal portal</a></h3>
<div class="level3">
<p>
The portal must be configured to accept <acronym title="Simple Object Access Protocol">SOAP</acronym> authentication requests. See <a href="../../documentation/1.0/soapsessionbackend.html" class="wikilink1" title="documentation:1.0:soapsessionbackend">SOAP session backend</a> documentation.
</p>
</div>
<!-- SECTION "Internal portal" [929-] --></div><!-- closes <div class="dokuwiki export">-->
\ No newline at end of file
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
lang="en" dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title></title>
<!-- metadata -->
<meta name="generator" content="Offline" />
<meta name="version" content="Offline 0.1" />
<!-- style sheet links -->
<link rel="stylesheet" media="all" type="text/css" href="../../../css/all.css" />
<link rel="stylesheet" media="screen" type="text/css" href="../../../css/screen.css" />
<link rel="stylesheet" media="print" type="text/css" href="../../../css/print.css" />
</head>
<body>
<div class="dokuwiki export">
<h1><a name="remote" id="remote">Remote</a></h1>
<div class="level1">
<table class="inline">
<tr class="row0 roweven">
<th class="col0">Authentication </th><th class="col1"> Users </th><th class="col2"> Password </th>
</tr>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2"> </td>
</tr>
</table>
<p>
<p><div class="notetip">This module in a <acronym title="LemonLDAP::NG">LL::NG</acronym> specific identity federation protocol. You may rather use standards protocols like <a href="../../documentation/1.0/idpsaml.html" class="wikilink1" title="documentation:1.0:idpsaml">SAML</a>, <a href="../../documentation/1.0/idpopenid.html" class="wikilink2" title="documentation:1.0:idpopenid" rel="nofollow">OpenID</a> or <a href="../../documentation/1.0/idpcas.html" class="wikilink2" title="documentation:1.0:idpcas" rel="nofollow">CAS</a>.
</div></p>
</p>
</div>
<!-- SECTION "Remote" [1-263] -->
<h2><a name="presentation" id="presentation">Presentation</a></h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> The main portal is configured to use <acronym title="Cross Domain Authentication">CDA</acronym>. The secondary portal is declared in the Manager of the main <acronym title="LemonLDAP::NG">LL::NG</acronym> structure (else user will be rejected).</div>
</li>
<li class="level1"><div class="li"> The portal of the secondary <acronym title="LemonLDAP::NG">LL::NG</acronym> structure is configured to delegate authentication to a remote portal. A request to the main session database is done (trough <a href="../../documentation/1.0/soapsessionbackend.html" class="wikilink1" title="documentation:1.0:soapsessionbackend">SOAP session backend</a>) to be sure that the session exists.</div>
</li>
<li class="level1"><div class="li"> If <code>exportedAttr</code> is set, only those attributes are copied in the session database of the secondary <acronym title="LemonLDAP::NG">LL::NG</acronym> structure. Else, all data are copied in the session database.</div>
</li>
</ul>
<p>
<a href="/_detail/documentation/remote-principle.png?id=documentation%3A1.0%3Aauthremote" class="media" title="documentation:remote-principle.png"><img src="../../../media/documentation/remote-principle.png" class="mediacenter" alt="" /></a>
</p>
<ol>
<li class="level1"><div class="li"> User tries to access to an application in the secondary <acronym title="LemonLDAP::NG">LL::NG</acronym> structure without having a session in this area</div>
</li>
<li class="level1"><div class="li"> Redirection to the portal of the secondary area (transparent)</div>
</li>
<li class="level1"><div class="li"> Redirection to the portal of the main area and normal authentication (if not done before)</div>
</li>
<li class="level1"><div class="li"> Redirection to the portal of the secondary area (transparent)</div>
</li>
<li class="level1"><div class="li"> Secondary portal check if remote session is available. It can be done via direct access to the session database or using <acronym title="Simple Object Access Protocol">SOAP</acronym> access. Then it creates the session (with attribute filter)</div>
</li>
<li class="level1"><div class="li"> User can now access to the protected application</div>
</li>
</ol>
<p>
<p><div class="noteclassic">Note that if the user is already authenticated on the first portal, all redirections are transparent.
</div></p>
</p>
</div>
<!-- SECTION "Presentation" [264-1609] -->
<h2><a name="configuration" id="configuration">Configuration</a></h2>
<div class="level2">
</div>
<!-- SECTION "Configuration" [1610-1636] -->
<h3><a name="main_llng_structure" id="main_llng_structure">Main LL::NG structure</a></h3>
<div class="level3">
<p>
Go in Manager, and:
</p>
<ul>
<li class="level1"><div class="li"> activate <acronym title="Cross Domain Authentication">CDA</acronym> in <code>General Parameters</code> » <code>Cookies</code> » <code>Multiple domains</code></div>
</li>
<li class="level1"><div class="li"> declare secondary portal in <code>General Parameters</code> » <code>Advanced Parameters</code> » <code>Security</code> » <code>Trusted domains</code></div>
</li>
</ul>
</div>
<!-- SECTION "Main LL::NG structure" [1637-1893] -->
<h3><a name="secondary_llng_structure" id="secondary_llng_structure">Secondary LL::NG structure</a></h3>
<div class="level3">
<p>
Configure the portal to use the remote <acronym title="LemonLDAP::NG">LL::NG</acronym> structure.
</p>
<p>
In Manager, go in <code>General Parameters</code> » <code>Authentication modules</code> and choose Proxy for authentication and users.
</p>
<p>
Then, go in <code>Remote parameters</code>:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Portal <acronym title="Uniform Resource Locator">URL</acronym></strong>: remote portal <acronym title="Uniform Resource Locator">URL</acronym></div>
</li>
<li class="level1"><div class="li"> <strong>Cookie name</strong> (optional): name of the cookie of primary portal, if different from secondary portal</div>
</li>
<li class="level1"><div class="li"> <strong>Sessions module</strong>: set <code>Lemonldap::NG::Common::Apache::Session::<acronym title="Simple Object Access Protocol">SOAP</acronym></code> for <a href="../../documentation/1.0/soapsessionbackend.html" class="wikilink1" title="documentation:1.0:soapsessionbackend">SOAP session backend</a>.</div>
</li>
<li class="level1"><div class="li"> <strong>Sessions module options</strong>:</div>
<ul>
<li class="level2"><div class="li"> <strong>proxy</strong>: <acronym title="Simple Object Access Protocol">SOAP</acronym> sessions end point (see <a href="../../documentation/1.0/soapsessionbackend.html" class="wikilink1" title="documentation:1.0:soapsessionbackend">SOAP session backend</a> documentation)</div>
</li>
</ul>
</li>
</ul>
</div>
<!-- SECTION "Secondary LL::NG structure" [1894-2553] -->
<h3><a name="exampleinteroperability_between_2_organizations" id="exampleinteroperability_between_2_organizations">Example: interoperability between 2 organizations</a></h3>
<div class="level3">
<p>
Using this, we can do a very simple interoperability system between 2 organizations using two <acronym title="LemonLDAP::NG">LL::NG</acronym> structures:
</p>
<ul>
<li class="level1"><div class="li"> each area has 2 portals:</div>
<ul>
<li class="level2"><div class="li"> One standard portal</div>