Commit f51a9c3f authored by Clément OUDOT's avatar Clément OUDOT

Doc update: form replay(#4)

parent 3f0a27a6
......@@ -389,6 +389,9 @@
<li><span class="wikilink"><a href="4.10-Multiple-cookies.html">Cookies
multiples</a></span> (en)</li>
<li><span class="wikilink"><a href="4.10-Form-replay.html">Rejeu de
formulaires avec donn&eacute;es POST</a></span> (en)</li>
<h3 class="heading-1-1"><span id="HProtectiondesapplications">Protection
......@@ -644,7 +647,7 @@
<span class="wikilink"><a href=
"5-Appli-Google-Apps.html">Proc&eacute;dure SSO</a></span> (en)<br />
<span class="wikiexternallink"><a href=
"">[Site officiel</a></span></td>
"">Site officiel</a></span></td>
......@@ -377,6 +377,9 @@
<li><span class="wikilink"><a href="4.10-Multiple-cookies.html">Multiple
cookies</a></span> (en)</li>
<li><span class="wikilink"><a href="4.10-Form-replay.html">Replay forms
with POST data</a></span> (en)</li>
<h3 class="heading-1-1"><span id="HApplicationprotection">Application
......@@ -625,7 +628,7 @@
<span class="wikilink"><a href="5-Appli-Google-Apps.html">SSO
procedure</a></span> (en)<br />
<span class="wikiexternallink"><a href=
"">[Official website</a></span></td>
"">Official website</a></span></td>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
<html xmlns="" lang="fr" xml:lang="fr">
<meta name="generator" content=
"HTML Tidy for Linux/x86 (vers 25 March 2009), see" />
<title>Lemonldap::NG documentation: 4.10-Form-replay.html</title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
<style type="text/css">
background: #ddd;
font-family: sans-serif;
font-size: 11pt;
padding: 0 50px;
padding: 10px;
background: #fff;
border: 2px #ccc solid;
text-decoration: none;
text-align: center;
margin: 5px 0 0 0;
text-align: center;
color: orange;
font-variant: small-caps;
font-size: 20pt;
color: orange;
font-size: 14pt;
border-bottom: 2px #ccc solid;
background: #eee;
border: 2px #ccc solid;
padding: 5px;
border-left: 10px #ccc solid;
} li{
list-style-type: square;
<div class="main-content">
<h2 class="heading-1"><span id="HFormreplay">Form replay</span></h2>
<p class="paragraph"></p>
<a href="#HPresentation">Presentation</a>
<li><a href="#HHowitworks">How it works</a></li>
<li><a href="#HReplayuser27spassword">Replay user's
<li><a href="#HKnownlimitationsinLemonLDAP3A3ANG094">Known
limitations in LemonLDAP::NG 0.9.4</a></li>
<li><a href="#HConfiguration">Configuration</a></li>
</ul><strong class="strong">Since LemonLDAP::NG 0.9.4</strong>
<h3 class="heading-1-1"><span id="HPresentation">Presentation</span></h3>
<p class="paragraph"></p>Form replay allows you to open a session on a
protected application by replaying the form POST without asking anything
to the user.
<p class="paragraph"></p><strong class="strong">Warning</strong>: this
kind of SSO mechanism is not clean, and can lead to problems, like local
password blocking, local session not well closed, etc. Please always try
to find another solution to protect your application with LemonLDAP::NG.
<h4 class="heading-1-1-1"><span id="HHowitworks">How it works</span></h4>
<p class="paragraph"></p>If you configure form replay with LemonLDAP::NG,
the Handler will catch configured POST urls and send a POST query to the
target page (which can be different of the catched page). Each field can
be filled with static values or data from user's session (like $uid, $cn,
<p class="paragraph"></p>LemonLDAP::NG can catch a GET request and
transform it internally in a POST request. All this works is transparent
for the user, he cannot see what data are posted by LemonLDAP::NG.
<h4 class="heading-1-1-1"><span id="HReplayuser27spassword">Replay user's
<p class="paragraph"></p>To post user's password, you should have set up
the <strong class="strong">storePassword</strong> parameter. In this case
you will be able to use $_password to fill any password POST field.
<h4 class="heading-1-1-1"><span id=
"HKnownlimitationsinLemonLDAP3A3ANG094">Known limitations in LemonLDAP::NG
<ul class="star">
<li>POST configuration takes place in <strong class=
<li>POST does not work with mod_proxy: you must use a local Handler to
use it</li>
<h3 class="heading-1-1"><span id=
<p class="paragraph"></p>You should grab some informations:
<ul class="star">
<li>URI of the page which contains the form</li>
<li>URI of the page which receive POST data</li>
<li>All fields name and values</li>
</ul>For example:
<ul class="star">
<li>Form page URI: /login.php</li>
<li>POST data URI: /process.php</li>
<ul class="star">
<li>login: $uid (uid of the user)</li>
<li>password: $_password 'password of the user)</li>
<li>static: 'StaticValue' (a static value)</li>
<li>remember: '1' (checked box)</li>
</ul>Then edit <strong class="strong">handler/</strong> and
<p class="paragraph"></p>
<div class="code">
post =&gt; {
'/login.php' =&gt; {
postUrl =&gt; '/process.php',
expr =&gt; 'login =&gt; $uid, password =&gt; $_password, <span class=
"java-keyword">static</span> =&gt; StaticValue, remember =&gt; 1',
<p class="paragraph"></p>You can add other form replay inside post
<p class="paragraph"></p>
<div class="code">
post =&gt; {
'/uri1' =&gt; {
'/uri2' =&gt; {
'/uri3' =&gt; {
<p class="footer"><a href="index.html">Index</a></p>
......@@ -65,6 +65,7 @@
<li><a href="4.1-RBAC-model.html">4.1 RBAC model</a></li>
<li><a href="4.10-Cross-domain-authentication.html">4.10 Cross domain authentication</a></li>
<li><a href="4.10-Custom-functions.html">4.10 Custom functions</a></li>
<li><a href="4.10-Form-replay.html">4.10 Form replay</a></li>
<li><a href="4.10-Multiple-cookies.html">4.10 Multiple cookies</a></li>
<li><a href="4.10-Notification-system.html">4.10 Notification system</a></li>
<li><a href="4.10-Reset-password-by-mail.html">4.10 Reset password by mail</a></li>
......@@ -142,6 +142,8 @@ my $docs = {
'' =>
'' =>
# Applications
'' =>
......@@ -363,6 +365,7 @@ s#/xwiki/bin/view/NG/SeveralIndependantPortals#4.10-Several-independant-portals.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment