Commit 1aa1c188 authored by Xavier Guimard's avatar Xavier Guimard

LEMONLDAP::NG : documentation update

parent 61e0ac6d
......@@ -95,6 +95,9 @@
<a href="#HAutres">Autres</a>
<ul>
<li><a href="#HDocumentationpourlesdC3A9veloppeurs">Documentation
pour les d&eacute;veloppeurs</a></li>
<li><a href="#HFAQ">FAQ</a></li>
<li><a href="#HErreurs">Erreurs</a></li>
......@@ -125,6 +128,10 @@
"3.3-Install-from-debian-packages.html">Installation sous Debian/Ubuntu
&agrave; partir des paquets</a></span> (en)</li>
<li><span class="wikilink"><a href=
"3.3-Install-from-redhat-packages.html">Installation sous RHEL/CentOS
&agrave; partir des paquets</a></span> (en)</li>
<li><span class="wikilink"><a href=
"3.4-Install-of-MySQL-storage.html">Utilisation de MySQL pour le
stockage des sessions et/ou de la configuration</a></span> (en)</li>
......@@ -297,6 +304,19 @@
<span class="wikiexternallink"><a href=
"http://tomcat.apache.org/">Site web officiel</a></span></td>
</tr>
<tr class="table-even">
<td><strong class="strong">HTTP Basic</strong><br />
<img src="NG/Documentation/http_logo.png" alt="http_logo.png" /></td>
<td>HTTP Basic Autentication est un m&eacute;canisme
d'authentification standard utilis&eacute; par de nombreux serveurs
Web (Apache, IIS, ...)<br />
<br />
<span class="wikilink"><a href=
"5-Appli-HTTP-Basic-Authentication.html">SSO procedure</a></span>
(en)</td>
</tr>
</table>
<h4 class="heading-1-1-1"><span id="HApplications22maison22">Applications
......@@ -309,6 +329,14 @@
<h3 class="heading-1-1"><span id="HAutres">Autres</span></h3><img src=
"tux_clemente_01.png" alt="tux_clemente_01.png" />
<h4 class="heading-1-1-1"><span id=
"HDocumentationpourlesdC3A9veloppeurs">Documentation pour les
d&eacute;veloppeurs</span></h4>
<p class="paragraph"></p>Voir la <span class="wikiexternallink"><a href=
"http://lemonldap.objectweb.org/NG/devel-doc/">documentation
Doxygen</a></span>
<h4 class="heading-1-1-1"><span id="HFAQ">FAQ</span></h4>
<p class="paragraph"></p>Voir la page <span class="wikilink"><a href=
......
......@@ -91,6 +91,9 @@
<a href="#HOthers">Others</a>
<ul>
<li><a href="#HDevelopersdocumentation">Developers
documentation</a></li>
<li><a href="#HFAQ">FAQ</a></li>
<li><a href="#HErrors">Errors</a></li>
......@@ -121,6 +124,10 @@
"3.3-Install-from-debian-packages.html">Installation on Debian/Ubuntu
with packages</a></span> (en)</li>
<li><span class="wikilink"><a href=
"3.3-Install-from-redhat-packages.html">Installation on RHEL/CentOS with
packages</a></span> (en)</li>
<li><span class="wikilink"><a href=
"3.4-Install-of-MySQL-storage.html">Use of MySQL for sessions and/or
configuration storage</a></span> (en)</li>
......@@ -283,6 +290,18 @@
<span class="wikiexternallink"><a href=
"http://tomcat.apache.org/">Official website</a></span></td>
</tr>
<tr class="table-even">
<td><strong class="strong">HTTP Basic</strong><br />
<img src="NG/Documentation/http_logo.png" alt="http_logo.png" /></td>
<td>HTTP Basic Autentication is a standard scheme used on many Web
servers (Apache, IIS, ...)<br />
<br />
<span class="wikilink"><a href=
"5-Appli-HTTP-Basic-Authentication.html">SSO procedure</a></span>
(en)</td>
</tr>
</table>
<h4 class="heading-1-1-1"><span id="HSelfmade">Self-made</span></h4>
......@@ -294,6 +313,13 @@
<h3 class="heading-1-1"><span id="HOthers">Others</span></h3><img src=
"tux_clemente_01.png" alt="tux_clemente_01.png" />
<h4 class="heading-1-1-1"><span id="HDevelopersdocumentation">Developers
documentation</span></h4>
<p class="paragraph"></p>See <span class="wikiexternallink"><a href=
"http://lemonldap.objectweb.org/NG/devel-doc/">Doxygen
documentation</a></span>
<h4 class="heading-1-1-1"><span id="HFAQ">FAQ</span></h4>
<p class="paragraph"></p>See <span class="wikilink"><a href=
......
......@@ -74,6 +74,9 @@
dpkg</a></li>
<li><a href="#HFilelocation">File location</a></li>
<li><a href="#HChangedefaultDNSdomain">Change default DNS
domain</a></li>
</ul>
<h3 class="heading-1-1"><span id="HGetthepackages">Get the
......@@ -171,12 +174,31 @@ $ debuild
<h3 class="heading-1-1"><span id="HFilelocation">File location</span></h3>
<ul class="star">
<li>All configuration is in /etc/lemonldap-ng</li>
<li>Configuration is in /etc/lemonldap-ng</li>
<li>LemonLDAP::NG configuration (edited by the Manager) is in
/var/lib/lemonldap-ng/conf/</li>
<li>All Perl modules are in /usr/share/perl5/Lemonldap/NG/</li>
<li>All Perl modules are in the VENDOR perl directory</li>
<li>All Perl scripts/pages are in /var/lib/lemonldap-ng/</li>
<li>All static content (examples, CSS, images, etc.) is in
/usr/share/lemonldap-ng/</li>
</ul>
<h3 class="heading-1-1"><span id="HChangedefaultDNSdomain">Change default
DNS domain</span></h3><br />
<br />
By default, DNS domain is "example.com". You can change it quick with a
sed command. For example, we change it to ow2.org:<br />
<br />
<div class="code">
<pre>
# sed -i 's/example.com/ow2.org/g' /etc/lemonldap-ng/apache2.conf /etc/lemonldap-ng/apps-list.xml /<span class="java-keyword">var</span>/lib/lemonldap-ng/conf/lmConf-1 /etc/lemonldap-ng/apply.conf /<span class="java-keyword">var</span>/lib/lemonldap-ng/test/index.pl
</pre>
</div>
</div>
<p class="footer"><a href="index.html">Index</a></p>
......
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr">
<head>
<meta name="generator" content=
"HTML Tidy for Linux/x86 (vers 6 November 2007), see www.w3.org" />
<title>Lemonldap::NG documentation:
3.3-Install-from-redhat-packages.html</title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
<style type="text/css">
/*<![CDATA[*/
body{
background: #ddd;
font-family: sans-serif;
font-size: 11pt;
padding: 0 50px;
}
div.main-content{
padding: 10px;
background: #fff;
border: 2px #ccc solid;
}
a{
text-decoration: none;
}
p.footer{
text-align: center;
margin: 5px 0 0 0;
}
.heading-1{
text-align: center;
color: orange;
font-variant: small-caps;
font-size: 20pt;
}
.heading-1-1{
color: orange;
font-size: 14pt;
border-bottom: 2px #ccc solid;
}
pre{
background: #eee;
border: 2px #ccc solid;
padding: 5px;
border-left: 10px #ccc solid;
}
ul.star li{
list-style-type: square;
}
/*]]>*/
</style>
</head>
<body>
<div class="main-content">
<h2 class="heading-1"><span id=
"HInstallationonRedHat2FCentOS">Installation on RedHat/CentOS</span></h2>
<p class="paragraph"></p>
<ul>
<li><a href="#HRPMsorganization">RPMs organization</a></li>
<li><a href="#HGetthepackages">Get the packages</a></li>
<li><a href="#HBuildyourpackages">Build your packages</a></li>
<li><a href="#HInstallpackageswithyum">Install packages with
yum</a></li>
<li><a href="#HInstallpackageswithrpm">Install packages with
rpm</a></li>
<li><a href="#HInstalljustonecomponent">Install just one
component</a></li>
<li><a href="#HFilelocation">File location</a></li>
<li><a href="#HChangedefaultDNSdomain">Change default DNS
domain</a></li>
</ul>
<h3 class="heading-1-1"><span id="HRPMsorganization">RPMs
organization</span></h3>
<p class="paragraph"></p>LemonLDAP::NG provides many RPMs :
<ul class="star">
<li>lemonldap-ng: meta-package, contains no file but dependencies on
other packages</li>
<li>lemonldap-ng-doc: contains HTML documentation and project docs
(README, etc.)</li>
<li>lemonldap-ng-conf: contains default configuration (DNS domain:
example.com)</li>
<li>lemonldap-ng-test: containts sampel CGI test page</li>
<li>lemonldap-ng-handler: contains Apache Handler implementation
(agent)</li>
<li>lemonldap-ng-manager: contains administration interface and session
explorer</li>
<li>lemonldap-ng-portal: contains authentication portal and menu</li>
<li>perl-Lemonldap-NG-Common: CPAN - Shared modules</li>
<li>perl-Lemonldap-NG-Handler: CPAN - Handler modules</li>
<li>perl-Lemonldap-NG-Manager: CPAN - Manager modules</li>
<li>perl-Lemonldap-NG-Portal: CPAN - Portal modules</li>
</ul>This schema shows the dependencies between modules:
<p class="paragraph"></p><img src="lemonldap-ng-packages.png" alt=
"lemonldap-ng-packages.png" />
<h3 class="heading-1-1"><span id="HGetthepackages">Get the
packages</span></h3>
<p class="paragraph"></p>For now, RPMS are only available in the
<span class="wikiexternallink"><a href=
"http://forge.objectweb.org/project/showfiles.php?group_id=274">download
section of lemonldap project on OW2 forge</a></span>. The first RPMS came
with version 0.9.3.
<h3 class="heading-1-1"><span id="HBuildyourpackages">Build your
packages</span></h3><br />
<br />
Download the source RPM, and install it:<br />
<br />
<div class="code">
<pre>
# rpm -Uvh lemonldap-ng-VERSION-RELEASE.DIST.src.rpm
</pre>
</div><br />
<br />
Rebuild:<br />
<br />
<div class="code">
<pre>
# rpmbuild -ba /usr/src/redhat/SPECS/lemonldap-ng.spec
</pre>
</div>
<h3 class="heading-1-1"><span id="HInstallpackageswithyum">Install
packages with yum</span></h3><br />
<br />
If the packages are stored in a yum repository:<br />
<br />
<div class="code">
<pre>
# yum install lemonldap-ng
</pre>
</div>
<h3 class="heading-1-1"><span id="HInstallpackageswithrpm">Install
packages with rpm</span></h3><br />
<br />
Before installing the packages, install <span class="wikilink"><a href=
"3.1-Install-prerequesites.html">dependencies</a></span>.<br />
<br />
You have then to install all the downloaded packages:
<div class="code">
<pre>
# rpm -Uvh lemonldap-ng-* perl-Lemonldap-NG-*
</pre>
</div>
<h3 class="heading-1-1"><span id="HInstalljustonecomponent">Install just
one component</span></h3><br />
<br />
You can choose to install only one component by choosing the package
lemonldap-ng-portal, lemonldap-ng-handler or lemonldap-ng-manager. Install
the package lemonldap-ng-conf only on the server which stores
configuration.
<h3 class="heading-1-1"><span id="HFilelocation">File location</span></h3>
<ul class="star">
<li>Configuration is in /etc/lemonldap-ng</li>
<li>LemonLDAP::NG configuration (edited by the Manager) is in
/var/lib/lemonldap-ng/conf/</li>
<li>All Perl modules are in the VENDOR perl directory</li>
<li>All Perl scripts/pages are in /var/lib/lemonldap-ng/</li>
<li>All static content (examples, CSS, images, etc.) is in
/usr/share/lemonldap-ng/</li>
</ul>
<h3 class="heading-1-1"><span id="HChangedefaultDNSdomain">Change default
DNS domain</span></h3><br />
<br />
By default, DNS domain is "example.com". You can change it quick with a
sed command. For example, we change it to ow2.org:<br />
<br />
<div class="code">
<pre>
# sed -i 's/example.com/ow2.org/g' /etc/lemonldap-ng/apache2.conf /etc/lemonldap-ng/apps-list.xml /<span class="java-keyword">var</span>/lib/lemonldap-ng/conf/lmConf-1 /etc/lemonldap-ng/apply.conf /<span class="java-keyword">var</span>/lib/lemonldap-ng/test/index.pl
</pre>
</div>
</div>
<p class="footer"><a href="index.html">Index</a></p>
</body>
</html>
......@@ -65,8 +65,11 @@
<li><a href="#HActivatethemenuintheportal">Activate the menu in the
portal</a></li>
<li><a href="#HSetthevisibilityofeachmodules">Set the visibility of each
modules</a></li>
<li>
<a href="#HXMLapplicationslist">XML applications list</a>
<a href="#HConfigureapplicationslist">Configure applications list</a>
<ul>
<li><a href="#HDTD">DTD</a></li>
......@@ -150,8 +153,42 @@
</pre>
</div>
<h3 class="heading-1-1"><span id="HXMLapplicationslist">XML applications
list</span></h3>
<h3 class="heading-1-1"><span id="HSetthevisibilityofeachmodules">Set the
visibility of each modules</span></h3>
<p class="paragraph"></p>In the source code of the portal, you have :
<p class="paragraph"></p>
<div class="code">
<pre>
modules =&gt; {
appslist =&gt; 1,
password =&gt; 1,
logout =&gt; 1,
},
</pre>
</div>
<p class="paragraph"></p>"1" means the module is always displayed, and "0"
means never. But you can adapt it to the user profile, for example display
the password modification form only to user with employeeType equal to
"internal" :
<p class="paragraph"></p>
<div class="code">
<pre>
modules =&gt; {
appslist =&gt; 1,
password =&gt; '$employeeType =~ /binternalb/',
logout =&gt; 1,
},
</pre>
</div>
<h3 class="heading-1-1"><span id="HConfigureapplicationslist">Configure
applications list</span></h3>
<h4 class="heading-1-1-1"><span id="HDTD">DTD</span></h4>
......
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr">
<head>
<meta name="generator" content=
"HTML Tidy for Linux/x86 (vers 6 November 2007), see www.w3.org" />
<title>Lemonldap::NG documentation:
5-Appli-HTTP-Basic-Authentication.html</title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
<style type="text/css">
/*<![CDATA[*/
body{
background: #ddd;
font-family: sans-serif;
font-size: 11pt;
padding: 0 50px;
}
div.main-content{
padding: 10px;
background: #fff;
border: 2px #ccc solid;
}
a{
text-decoration: none;
}
p.footer{
text-align: center;
margin: 5px 0 0 0;
}
.heading-1{
text-align: center;
color: orange;
font-variant: small-caps;
font-size: 20pt;
}
.heading-1-1{
color: orange;
font-size: 14pt;
border-bottom: 2px #ccc solid;
}
pre{
background: #eee;
border: 2px #ccc solid;
padding: 5px;
border-left: 10px #ccc solid;
}
ul.star li{
list-style-type: square;
}
/*]]>*/
</style>
</head>
<body>
<div class="main-content">
<h2 class="heading-1"><span id="HHTTPBasicAuthentication">HTTP Basic
Authentication</span></h2>
<p class="paragraph"></p>
<ul>
<li><a href="#HPresentation">Presentation</a></li>
<li><a href="#HConfigurationinLemonLDAP3A3ANG">Configuration in
LemonLDAP::NG</a></li>
</ul>
<h3 class="heading-1-1"><span id="HPresentation">Presentation</span></h3>
<p class="paragraph"></p>Extract from the <span class=
"wikiexternallink"><a href=
"http://en.wikipedia.org/wiki/Basic_access_authentication">Wikipedia
article</a></span>:
<p class="paragraph"></p>In the context of an HTTP transaction, the basic
access authentication is a method designed to allow a web browser, or
other client program, to provide credentials &acirc;&euro;&ldquo; in the
form of a user name and password &acirc;&euro;&ldquo; when making a
request.
<p class="paragraph"></p>Before transmission, the username and password
are encoded as a sequence of base-64 characters. For example, the user
name Aladdin and password open sesame would be combined as Aladdin:open
sesame &acirc;&euro;&ldquo; which is equivalent to
QWxhZGRpbjpvcGVuIHNlc2FtZQ== when encoded in Base64. Little effort is
required to translate the encoded string back into the user name and
password, and many popular security tools will decode the strings "on the
fly".
<h3 class="heading-1-1"><span id=
"HConfigurationinLemonLDAP3A3ANG">Configuration in
LemonLDAP::NG</span></h3><br />
<br />
The Basic Authentication relies on a specific HTTP header, as described
above. So you have just to declare this header for the virtual host in
LemonLDAP::NG Manager:<br />
<br />
<div class="code">
<pre>
Authorization =&gt; <span class=
"java-quote">"Basic "</span>.encode_base64(<span class="java-quote">"<i class=
"italic">login</i>:<i class="italic">password</i>"</span>)
</pre>
</div><br />
<br />
The problem is to have correct values in <i class="italic">login</i> and
<i class="italic">password</i>.<br />
<br />
We suppose for example that the login is the attribute "uid" and the
password is the password used to authenticate on LemonLDAP::NG portal. To
store this password into session, you first have to modify the
/var/lib/lemonldap-ng/portal/index.pl:<br />
<br />
<div class="code">
<pre>
# Remove comment to store password in session (use with caution)
storePassword =&gt; 1,
</pre>
</div><br />
<br />
<strong class="strong">Warning</strong>: this will store the password in
cleartext, so if an attacker achieve to read the session on the server, he
can read the password.<br />
<br />
With the storePassword parameter, the password is available in
LemonLDAP::NG in $_password.<br />
<br />
So to configure basic authentication:<br />
<br />
<div class="code">
<pre>
Authorization =&gt; <span class=
"java-quote">"Basic "</span>.encode_base64(<span class=
"java-quote">"$uid:$_password"</span>)
</pre>
</div>
</div>
<p class="footer"><a href="index.html">Index</a></p>
</body>
</html>
......@@ -63,8 +63,8 @@
<ul>
<li><a href="#HVersion0928200829">Version 0.9 (2008)</a></li>
<li><a href="#HVersion09328end20082Fbegin200929">Version 0.9.3 (end
2008/begin 2009)</a></li>
<li><a href="#HVersion09328published29">Version 0.9.3
(published)</a></li>
<li><a href="#HVersion1028200929">Version 1.0 (2009)</a></li>
......@@ -84,9 +84,8 @@
sessions (<span class="wikilink"><a href=
"4.3-Configure-SOAP-fr.html">learn more</a></span>)<br />
<h3 class="heading-1-1"><span id=
"HVersion09328end20082Fbegin200929">Version 0.9.3 (end 2008/begin
2009)</span></h3><img src="ok.png" alt="ok.png" /> Dissociate
<h3 class="heading-1-1"><span id="HVersion09328published29">Version 0.9.3
(published)</span></h3><img src="ok.png" alt="ok.png" /> Dissociate
authentication and user backend capabilities (for example, to choose LDAP
for authentication, and MySQL for reading user's information)<br />
<img src="ok.png" alt="ok.png" /> Add a Menu.pm to portal modules, to
......@@ -101,16 +100,18 @@
manager<br />
<img src="ok.png" alt="ok.png" /> Shared functions for macros, groups,
access rules and headers.<br />
<img src="warning_triangle.png" alt="warning_triangle.png" /> Production
installation script<br />
<img src="ok.png" alt="ok.png" /> Production installation script<br />
<img src="ok.png" alt="ok.png" /> Doxygen documentation (<span class=
"wikiexternallink"><a href=
"http://lemonldap.objectweb.org/NG/devel-doc/">learn
more</a></span>)<br />
<h3 class="heading-1-1"><span id="HVersion1028200929">Version 1.0
(2009)</span></h3><img src="warning_triangle.png" alt=
"warning_triangle.png" /> Packages for Debian/Ubuntu, RedHat/CentOS<br />
<img src="warning_triangle.png" alt="warning_triangle.png" /> Date and
time parameters in access rules<br />
"warning_triangle.png" /> Date and time parameters in access rules<br />
<img src="warning_triangle.png" alt="warning_triangle.png" /> Monitoring
scripts (MRTG, Cacti, Nagios)<br />
<img src="ok.png" alt="ok.png" /> Packages for RedHat/CentOS<br />
<img src="error.png" alt="error.png" /> Handler POST functionnalities, to
fill authentication forms with login/password<br />
<img src="error.png" alt="error.png" /> Portal and Manager trigger system,
......@@ -122,6 +123,7 @@
scripts<br />
<img src="error.png" alt="error.png" /> Change configuration storage to
XML<br />
<img src="error.png" alt="error.png" /> Normalize logs messages<br />
<h3 class="heading-1-1"><span id="HVersion2028201029">Version 2.0
(2010)</span></h3><img src="error.png" alt="error.png" /> Rewrite Manager
......
......@@ -58,6 +58,7 @@
<li><a href="3.1-Install-prerequesites.html">3.1 Install prerequesites</a></li>
<li><a href="3.2-Install-from-tarball.html">3.2 Install from tarball</a></li>
<li><a href="3.3-Install-from-debian-packages.html">3.3 Install from debian packages</a></li>
<li><a href="3.3-Install-from-redhat-packages.html">3.3 Install from redhat packages</a></li>
<li><a href="3.4-Install-of-MySQL-storage.html">3.4 Install of MySQL storage</a></li>
<li><a href="3.5-Install-of-example.html">3.5 Install of example</a></li>
<li><a href="3.5-Install-of-example-fr.html">3.5 Install of example (FR)</a></li>
......@@ -71,6 +72,7 @@
<li><a href="4.3-Configure-Liberty-Alliance-fr.html">4.3 Configure Liberty Alliance (FR)</a></li>
<li><a href="4.3-Configure-SOAP-fr.html">4.3 Configure SOAP (FR)</a></li>
<li><a href="5-Appli-Dokuwiki.html">5 Appli Dokuwiki</a></li>
<li><a href="5-Appli-HTTP-Basic-Authentication.html">5 Appli HTTP Basic Authentication</a></li>
<li><a href="5-Appli-Sympa.html">5 Appli Sympa</a></li>
<li><a href="5-Appli-Tomcat-Valve.html">5 Appli Tomcat Valve</a></li>
<li><a href="5-Appli-phpLDAPadmin.html">5 Appli phpLDAPadmin</a></li>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment