Commit b5bff0c5 authored by Xavier Guimard's avatar Xavier Guimard

LEMONLDAP::NG : (holidays) little bug corrections

parent 57bb1df1
...@@ -360,7 +360,8 @@ sub defaultValuesInit { ...@@ -360,7 +360,8 @@ sub defaultValuesInit {
$cookieSecured = $args->{cookieSecured} || 0; $cookieSecured = $args->{cookieSecured} || 0;
$whatToTrace = $args->{whatToTrace} || '$uid'; $whatToTrace = $args->{whatToTrace} || '$uid';
$whatToTrace =~ s/\$//g; $whatToTrace =~ s/\$//g;
$https = $args->{https} || 1 unless defined($https); $https = $args->{https} unless defined($https);
$https = 1 unless defined($https);
$port = $args->{port} || 0 unless defined($port); $port = $args->{port} || 0 unless defined($port);
1; 1;
} }
......
...@@ -260,7 +260,7 @@ sub buildTree { ...@@ -260,7 +260,7 @@ sub buildTree {
$globalStorageOptions = $globalStorageOptions =
$tree->{item}->{item}->{generalParameters}->{item}->{sessionStorage}->{item}->{globalStorageOptions}->{item}; $tree->{item}->{item}->{generalParameters}->{item}->{sessionStorage}->{item}->{globalStorageOptions}->{item};
foreach my $n ( sort keys %{ $config->{globalStorageOptions} } ) { foreach my $n ( sort keys %{ $config->{globalStorageOptions} } ) {
$globalStorageOptions->{ sprintf( "go_%010d", $indice) } = $self->xmlField( "both", $config->{globalStorageOptions}->{n}, $n ); $globalStorageOptions->{ sprintf( "go_%010d", $indice) } = $self->xmlField( "both", $config->{globalStorageOptions}->{$n}, $n );
$indice++; $indice++;
} }
} }
......
...@@ -34,8 +34,17 @@ sub help_authParams_en { ...@@ -34,8 +34,17 @@ sub help_authParams_en {
<h3>Authentication Parameters</h3> <h3>Authentication Parameters</h3>
<dl> <dl>
<dt> Authentication type </dt> <dt> Authentication type </dt>
<dd> By default,Lemonldap::NG uses ldap authentication scheme. You can change <dd> By default,Lemonldap::NG uses ldap authentication scheme using user
this by 'SSL' for example.</dd> password. You can change&nbsp;:
<ul>
<li>"SSL" : authentication is done by Apache and the portal checks if SSL
variables are set (mail by default),</li>
<li>"Apache" : authentication is done by Apache with any mechanism that set
<tt>REMOTE_USER</tt> environment variabme. this permits to use any Apache
authentication module as Basic, Kerberos, Pam,...</li>
<li>"CAS" : authentication is done using CAS library.</li>
</ul>
</dd>
<dt> Portal </dt> <dt> Portal </dt>
<dd> Set here the URL used to authenticate users (portal). The portal has to <dd> Set here the URL used to authenticate users (portal). The portal has to
...@@ -55,8 +64,19 @@ sub help_authParams_fr { ...@@ -55,8 +64,19 @@ sub help_authParams_fr {
<dl> <dl>
<dt> Type d'authentification </dt> <dt> Type d'authentification </dt>
<dd> Le sch&eacute;ma classique d'authentification Lemonldap::NG consiste <dd> Le sch&eacute;ma classique d'authentification Lemonldap::NG consiste
&agrave; utiliser une authentification par LDAP. Vous pouvez changer ceci en &agrave; utiliser une authentification par v&eacute;rification de mot de passe
"SSL" par exemple.</dd> sur un annuaire LDAP. Vous pouvez changer ceci en&nbsp;
<ul>
<li>"SSL" : l'authentification est confi&eacute;e &agrave; Apache et le
portail v&eacute;rifie les variables SSL (mail par d&eacute;faut),</li>
<li>"Apache" : l'authentication est confi&eacute;e &agrave; Apache par un
m&eacute;canisme quelconque renseignant la variable d'environnement
<tt>REMOTE_USER</tt>. Ce m&eacute;canise permet d'utiliser tous les modules
d'authentification d'Apache tels Basic, Kerberos, Pam,...</li>
<li>"CAS" : l'authentification est d&eacute;l&eacute;gu&eacute;e &agrave; la
librairie CAS.</li>
</ul>
</dd>
<dt> Portail </dt> <dt> Portail </dt>
<dd> Indiquez ici l'URL ou seront renvoy&eacute;s les utilisateurs non <dd> Indiquez ici l'URL ou seront renvoy&eacute;s les utilisateurs non
...@@ -276,6 +296,7 @@ sub help_macros_en { ...@@ -276,6 +296,7 @@ sub help_macros_en {
<h3>Macros</h3> <h3>Macros</h3>
<p> Macros are used to add new variables to user variables attributes). Those <p> Macros are used to add new variables to user variables attributes). Those
new variables are calculated from other variables issued from LDAP attributes. new variables are calculated from other variables issued from LDAP attributes.
They can be used anywhere and are seen as LDAP attributes.
This mechanism avoid to do more than one time the same operation in the This mechanism avoid to do more than one time the same operation in the
authentication phase. Example&nbsp;:</p> authentication phase. Example&nbsp;:</p>
<pre> <pre>
...@@ -295,9 +316,10 @@ sub help_macros_fr { ...@@ -295,9 +316,10 @@ sub help_macros_fr {
print <<EOT; print <<EOT;
<h3>Macros</h3> <h3>Macros</h3>
<p> Les macros permettent d'ajouter des variables calcul&eacute;es &agrave; <p> Les macros permettent d'ajouter des variables calcul&eacute;es &agrave;
partir des attributs LDAP (variables export&eacute;es). Elles &eacute;vitent partir des attributs LDAP (variables export&eacute;es). Elles sont ensuite vues
de r&eacute;p&eacute;ter le m&ecirc;me calcul plusieurs fois dans la phase comme des attributs LDAP.
d'authentification. Exemple&nbsp;:</p> Elles &eacute;vitent de r&eacute;p&eacute;ter le m&ecirc;me calcul plusieurs
fois dans la phase d'authentification. Exemple&nbsp;:</p>
<pre> <pre>
# macros # macros
nom_complet => \$givenname . " " . \$surname nom_complet => \$givenname . " " . \$surname
......
...@@ -3,7 +3,7 @@ package Lemonldap::NG::Portal::AuthSSL; ...@@ -3,7 +3,7 @@ package Lemonldap::NG::Portal::AuthSSL;
use strict; use strict;
use Lemonldap::NG::Portal::Simple; use Lemonldap::NG::Portal::Simple;
our $VERSION = '0.05'; our $VERSION = '0.06';
# Authentication is made by Apache with SSL and here before searching the LDAP # Authentication is made by Apache with SSL and here before searching the LDAP
# Directory. # Directory.
...@@ -14,7 +14,7 @@ our $OVERRIDE = { ...@@ -14,7 +14,7 @@ our $OVERRIDE = {
# variable is present. Adapt it if you want # variable is present. Adapt it if you want
extractFormInfo => sub { extractFormInfo => sub {
my $self = shift; my $self = shift;
$self->{user} = $self->https('SSL_CLIENT_S_DN_Email'); $self->{user} = $self->https( $self->{SSLVar} || 'SSL_CLIENT_S_DN_Email' );
return PE_BADCREDENTIALS unless ( $self->{user} ); return PE_BADCREDENTIALS unless ( $self->{user} );
PE_OK; PE_OK;
}, },
...@@ -60,6 +60,9 @@ With Lemonldap::NG::Portal::Simple: ...@@ -60,6 +60,9 @@ With Lemonldap::NG::Portal::Simple:
ldapServer => 'ldap.domaine.com', ldapServer => 'ldap.domaine.com',
securedCookie => 1, securedCookie => 1,
authentication => 'SSL', authentication => 'SSL',
# SSLVar : default SSL_CLIENT_S_DN_Email the mail address
SSLVar => 'SSL_CLIENT_S_DN_CN',
); );
if($portal->process()) { if($portal->process()) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment