Commit bf488752 authored by Yadd's avatar Yadd
Browse files

Documentation update

parent 9d1f39b2
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
<html xmlns="" lang="fr" xml:lang="fr">
<meta name="generator" content=
"HTML Tidy for Linux/x86 (vers 7 December 2008), see" />
<title>Lemonldap::NG documentation:
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
<style type="text/css">
background: #ddd;
font-family: sans-serif;
font-size: 11pt;
padding: 0 50px;
padding: 10px;
background: #fff;
border: 2px #ccc solid;
text-decoration: none;
text-align: center;
margin: 5px 0 0 0;
text-align: center;
color: orange;
font-variant: small-caps;
font-size: 20pt;
color: orange;
font-size: 14pt;
border-bottom: 2px #ccc solid;
background: #eee;
border: 2px #ccc solid;
padding: 5px;
border-left: 10px #ccc solid;
} li{
list-style-type: square;
<div class="main-content">
Since version 0.9.5, Lemonldap::NG is able to transfer authentication
credentials to another Lemonldap::NG portal (reverse-proxy).
<p class="paragraph"></p>The difference with <span class=
"wikilink"><a href="4.5-Remote-authentication-backend.html">Remote
authentication module</a></span> is that the client will never be redirect
to the main Lemonldap::NG portal. This configuration is usable if you want
to expose your internal SSO to another network (DMZ).
<h3 class="heading-1-1"><span id=
<h4 class="heading-1-1-1"><span id="HExternalportal">External
<p class="paragraph"></p>You just have to set both authentication and
userDB to "Proxy" and to set the internal SOAP service address:
<p class="paragraph"></p>
<div class="code">
authentication =&gt; 'Proxy',
userDB =&gt; 'Proxy',
soapAuthService =&gt; '',
# If cookie names deffer, set it here:
#remoteCookieName =&gt; 'lemonldap',
# If SOAP session service is not ${soapAuthService}, set it here:
#soapSessionService =&gt; '',
<h4 class="heading-1-1-1"><span id="HInternalportal">Internal
portal</span></h4><br />
<br />
The portal must be configured to accept SOAP authentication requests
:<br />
<br />
<div class="code">
Soap =&gt; 1,
</div><br />
<br />
Don't forget to accept SOAP session request in your apache.conf file
:<br />
<br />
<div class="code">
&lt;Directory /<span class=
Order deny,allow
Deny from all
Allow from my.external.portal
<p class="footer"><a href="index.html">Index</a></p>
......@@ -153,8 +153,11 @@
<h3 class="heading-1-1"><span id=
"HVersion1028plannedfordecember200929">Version 1.0 (planned for december
2009)</span></h3><img src="warning_triangle.png" alt=
"warning_triangle.png" /> Monitoring scripts (MRTG, Cacti, Nagios)<br />
2009)</span></h3><img src="ok.png" alt="ok.png" /> Proxy authentication
module (<span class="wikilink"><a href=
"/xwiki/bin/view/NG/AuthProxy">learn more</a></span>)<br />
<img src="warning_triangle.png" alt="warning_triangle.png" /> Monitoring
scripts (MRTG, Cacti, Nagios)<br />
<img src="warning_triangle.png" alt="warning_triangle.png" /> Handler POST
functionnalities, to fill authentication forms with login/password<br />
<img src="error.png" alt="error.png" /> Portal and Manager trigger system,
......@@ -78,6 +78,7 @@
<li><a href="4.5-LDAP-authentication-backend.html">4.5 LDAP authentication backend</a></li>
<li><a href="4.5-Liberty-Alliance-authentication-backend-fr.html">4.5 Liberty Alliance authentication backend (FR)</a></li>
<li><a href="4.5-Multiple-authentication-backend.html">4.5 Multiple authentication backend</a></li>
<li><a href="4.5-Proxy-authentication-module.html">4.5 Proxy authentication module</a></li>
<li><a href="4.5-Remote-authentication-backend.html">4.5 Remote authentication backend</a></li>
<li><a href="4.5-SAML-authentication-backend.html">4.5 SAML authentication backend</a></li>
<li><a href="4.5-SSL-authentication-backend.html">4.5 SSL authentication backend</a></li>
......@@ -44,6 +44,7 @@ my $docs = {
'' => '4.5-CAS-authentication-backend.html',
'' => '4.5-Remote-authentication-backend.html',
'' => '4.5-Multiple-authentication-backend.html',
'' => '4.5-Proxy-authentication-module.html',
'' => '4.5-SAML-authentication-backend.html',
'' => '4.5-Liberty-Alliance-authentication-backend-fr.html',
# User backends
......@@ -38,6 +38,10 @@ __END__
Lemonldap::NG::Portal::AuthProxy - Authentication module for Lemonldap::NG
that delegates authentication to a remote Lemonldap::NG portal.
The difference with Remote authentication module is that the client will never
be redirect to the main Lemonldap::NG portal. This configuration is usable if
you want to expose your internal SSO to another network (DMZ).
use Lemonldap::NG::Portal::SharedConf;
......@@ -46,14 +50,14 @@ that delegates authentication to a remote Lemonldap::NG portal.
authentication => 'Proxy',
userDB => 'Proxy',
soapAuthService => '',
soapAuthService => '',
# remoteCookieName (default: same name)
remoteCookieName => 'lemonldap',
# soapSessionService (default ${soapAuthService}
soapSessionService =>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment