Commit bf6230c5 authored by Xavier Guimard's avatar Xavier Guimard

VERSION 0.9.4.1

parent 49cc5930
lemonldap-ng (0.9.5) unstable; urgency=low
* Bugs :
- bad XML filter when embedding <application> in <application> tags
- testUri() not usable in Lemonldap::NG::Handler::CGI
* TODO
-- Xavier Guimard <x.guimard@free.fr> Sun, 11 Oct 2009 09:08:46 +0200
lemonldap-ng (0.9.4.1) unstable; urgency=low
* Safe jail update
* Many little bugs in Handler/CGI.pm
* Apache::Session::LDAP was not usable with session explorer
* syslog facility was not taken in account in Common/CGI.pm
* require failed in _Multi.pm
* doc update
* ru debconf translation (Closes: #550552 / bugs.debian.org)
-- Xavier Guimard <x.guimard@free.fr> Thu, 20 Aug 2009 16:20:26 +0200
-- Xavier Guimard <x.guimard@free.fr> Sun, 11 Oct 2009 09:36:35 +0200
lemonldap-ng (0.9.4) unstable; urgency=low
......
# translation of lemonldap-ng_0.9.4-1_ru.po to Russian
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
# This file is distributed under the same license as the PACKAGE package.
#
# Yuri Kozlov <yuray@komyakino.ru>, 2009.
msgid ""
msgstr ""
"Project-Id-Version: lemonldap-ng 0.9.4-1\n"
"Report-Msgid-Bugs-To: x.guimard@free.fr\n"
"POT-Creation-Date: 2007-09-22 13:08+0200\n"
"PO-Revision-Date: 2009-10-01 09:27+0400\n"
"Last-Translator: Yuri Kozlov <yuray@komyakino.ru>\n"
"Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: KBabel 1.11.4\n"
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
#. Type: string
#. Description
#: ../liblemonldap-ng-conf-perl.templates:1001
msgid "LDAP server:"
msgstr "Сервер LDAP:"
#. Type: string
#. Description
#: ../liblemonldap-ng-conf-perl.templates:1001
msgid ""
"Set here name or IP address of the LDAP server that has to be used by "
"Lemonldap::NG. You can modify this value later using the Lemonldap::NG "
"manager."
msgstr ""
"Введите имя или IP-адрес сервера LDAP, который будет "
"использовать Lemonldap::NG. Позже вы можете изменить это значение "
"через менеджер Lemonldap::NG."
#. Type: string
#. Description
#: ../liblemonldap-ng-conf-perl.templates:2001
msgid "Lemonldap::NG DNS domain:"
msgstr "DNS домен Lemonldap::NG:"
#. Type: string
#. Description
#: ../liblemonldap-ng-conf-perl.templates:2001
msgid ""
"Set here the main domain protected by Lemonldap::NG. You can modify this "
"value later using the Lemonldap::NG manager."
msgstr ""
"Введите главный домен, защищаемый Lemonldap::NG. Позже вы можете изменить "
"это значение через менеджер Lemonldap::NG."
#. Type: string
#. Description
#: ../liblemonldap-ng-conf-perl.templates:3001
msgid "Lemonldap::NG portal:"
msgstr "Портал Lemonldap::NG:"
#. Type: string
#. Description
#: ../liblemonldap-ng-conf-perl.templates:3001
msgid ""
"Set here the Lemonldap::NG portal URL. You can modify this value later using "
"the Lemonldap::NG manager."
msgstr ""
"Введите URL портала Lemonldap::NG. Позже вы можете изменить "
"это значение через менеджер Lemonldap::NG."
#. Type: string
#. Description
#: ../liblemonldap-ng-conf-perl.templates:4001
msgid "LDAP server port:"
msgstr "Порт сервера LDAP:"
#. Type: string
#. Description
#: ../liblemonldap-ng-conf-perl.templates:4001
msgid ""
"Set here the port used by the LDAP server. You can modify this value later "
"using the Lemonldap::NG manager."
msgstr ""
"Введите используемый порт сервера LDAP. Позже вы можете изменить "
"это значение через менеджер Lemonldap::NG."
#. Type: string
#. Description
#: ../liblemonldap-ng-conf-perl.templates:5001
msgid "LDAP search base:"
msgstr "База поиска LDAP:"
#. Type: string
#. Description
#: ../liblemonldap-ng-conf-perl.templates:5001
msgid ""
"Set here the search base to use in LDAP queries. You can modify this value "
"later using the Lemonldap::NG manager."
msgstr ""
"Введите поисковую базу, используемую в запросах LDAP. Позже вы можете изменить "
"это значение через менеджер Lemonldap::NG."
#. Type: string
#. Description
#: ../liblemonldap-ng-conf-perl.templates:6001
msgid "LDAP account:"
msgstr "Учётная запись в LDAP:"
#. Type: string
#. Description
#: ../liblemonldap-ng-conf-perl.templates:6001
msgid ""
"Set here the account that Lemonldap::NG has to use for its LDAP requests. "
"Leaving it blank causes Lemonldap::NG to use anonymous connections. You can "
"modify this value later using the Lemonldap::NG manager."
msgstr ""
"Введите имя учётной записи, которое Lemonldap::NG будет использовать в "
"запросах LDAP. Оставьте поле пустым, если Lemonldap::NG должен подключаться "
"анонимно. Позже вы можете изменить это значение через менеджер Lemonldap::NG."
#. Type: string
#. Description
#: ../liblemonldap-ng-conf-perl.templates:7001
msgid "LDAP password:"
msgstr "Пароль к LDAP:"
#. Type: string
#. Description
#: ../liblemonldap-ng-conf-perl.templates:7001
msgid ""
"Set here the password for the Lemonldap::NG LDAP account. You can modify "
"this value later using the Lemonldap::NG manager."
msgstr ""
"Введите пароль к учётной записи Lemonldap::NG в LDAP. "
"Позже вы можете изменить это значение через менеджер Lemonldap::NG."
......@@ -190,7 +190,7 @@ MyGroup =&gt; { $uid eq <span class=
<ul class="star">
<li>You can use DocumentRoot to protect a local application, or use
mod_proxy to use LemonLDAP::NG as a reverse proxy</li>
mod_proxy to use LemonLDAP::NG as a reverse proxy (see below)</li>
<li>You have to declare only one "reload" target on a physical server,
because only one Handler can be instancied on a physical server</li>
......@@ -198,11 +198,45 @@ MyGroup =&gt; { $uid eq <span class=
<li>Of course you must already have a virtualhost for the portal and
another for the manager; These hosts are only in Apache, and not in
LemonLDAP::NG configuration.</li>
</ul>
</ul>To transform your VirtualHost into a reverse proxy, use for example:
<div class="code">
<pre>
# Application Test
&lt;VirtualHost *:80&gt;
ServerName test1.example.com
ServerAlias test2.example.com<br /><br /> # SSO protection
PerlHeaderParserHandler My::Package<br /><br /> ProxyPreserveHost on
ProxyPass / <span class="nobr"><a href=
"http://APPLICATION_IP/">http://APPLICATION_IP/</a></span>
ProxyPassReverse / <span class="nobr"><a href=
"http://APPLICATION_IP/">http://APPLICATION_IP/</a></span><br /><br />&lt;/VirtualHost&gt;
</pre>
</div>
<h3 class="heading-1-1"><span id="HTogofurther">To go further</span></h3>
<p class="paragraph"></p><strong class="strong">Remarks</strong>:
<ul class="star">
<li>The ProxyPreserveHost directive will forward the Host header to the
protected application</li>
</ul>Using the reverse proxy mode, you will not have the REMOTE_USER
environment variable set. Indeed, this variable is set by the Handler on
the physical server hosting the Handlers, and not on other servers where
the Handler is not installed. But this magic Apache configuration will let
you transform the Auth-User HTTP header in REMOTE_USER envronment
varibale:<br />
<br />
<div class="code">
<pre>
SetEnvIfNoCase Auth-User <span class="java-quote">"(.*)"</span> REMOTE_USER=$1
</pre>
</div>
<p class="paragraph"></p>See the <span class="wikilink"><a href=
<h3 class="heading-1-1"><span id="HTogofurther">To go
further</span></h3><br />
<br />
See the <span class="wikilink"><a href=
"4.1-Configuration-parameter-list.html">full parameters list</a></span>.
</div>
......
......@@ -66,14 +66,25 @@
<li><a href="#HConfiguration">Configuration</a></li>
<li>
<a href="#HKnownproblems">Known problems</a>
<ul>
<li><a href="#HAuthApacheauthentication">AuthApache
authentication</a></li>
<li><a href="#HSSLauthentication">SSL authentication</a></li>
</ul>
</li>
<li><a href="#HSeealso">See also</a></li>
</ul>
<h3 class="heading-1-1"><span id="HPresentation">Presentation</span></h3>
<p class="paragraph"></p>This backend allows to chain authentication
method, for example to failback to LDAP authentication if Kerberos
authentication failed.
method, for example to failback to LDAP authentication if Remote
authentication failed&hellip;
<h3 class="heading-1-1"><span id=
"HConfiguration">Configuration</span></h3>
......@@ -99,6 +110,23 @@ authentication =&gt; 'Multi Remote $ENV{REMOTE_ADDR}=~/^192/;LDAP $ENV{REMOTE_AD
</pre>
</div>
<h3 class="heading-1-1"><span id="HKnownproblems">Known
problems</span></h3>
<h4 class="heading-1-1-1"><span id="HAuthApacheauthentication">AuthApache
authentication</span></h4><br />
<br />
When using this module, Lemonldap::NG portal will be called only if Apache
does not return "401 Authentication required", but this is not the Apache
behaviour: if the auth module fails, Apache returns 401. We're studying a
future solutuion for this&hellip;
<h4 class="heading-1-1-1"><span id="HSSLauthentication">SSL
authentication</span></h4><br />
<br />
To chain SSL, you have to set "SSLRequire optional" in Apache
configuration, else users will be authenticated by SSL only.
<h3 class="heading-1-1"><span id="HSeealso">See also</span></h3>
<ul class="star">
......
......@@ -10,7 +10,7 @@ package Lemonldap::NG::Common::Apache::Session;
use strict;
use Storable qw(thaw);
our $VERSION = 0.2;
our $VERSION = 0.21;
BEGIN {
......
......@@ -13,7 +13,7 @@ use CGI;
#parameter syslog Indicates syslog facility for logging user actions
our $VERSION = '0.5';
our $VERSION = '0.51';
use base qw(CGI);
......
......@@ -11,7 +11,7 @@ use Crypt::Rijndael;
use MIME::Base64;
use base qw(Crypt::Rijndael);
our $VERSION = '0.1';
our $VERSION = '0.2';
our $msg;
......
......@@ -17,7 +17,7 @@ use Lemonldap::NG::Handler::SharedConf qw(:all);
#link Lemonldap::NG::Handler::_CGI protected _handler
our $VERSION = '0.3';
our $VERSION = '0.4';
## @cmethod Lemonldap::NG::Handler::CGI new(hashRef args)
# Constructor.
......
......@@ -26,7 +26,7 @@ require POSIX;
#inherits Apache::Session
#link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
our $VERSION = '0.91';
our $VERSION = '0.92';
our %EXPORT_TAGS;
......
......@@ -26,7 +26,7 @@ use MIME::Base64;
use base qw(Lemonldap::NG::Common::CGI);
our @ISA;
our $VERSION = '0.90';
our $VERSION = '0.91';
# Secure jail
our $msafe;
......
......@@ -9,7 +9,7 @@ use strict;
use Lemonldap::NG::Portal::Simple;
use AuthCAS;
our $VERSION = '0.1';
our $VERSION = '0.11';
## @apmethod int authInit()
# Does nothing.
......
......@@ -20,7 +20,7 @@ use Lemonldap::NG::Portal::PasswordDBLDAP; #inherits
*_modifyPassword = *Lemonldap::NG::Portal::PasswordDBLDAP::modifyPassword;
*_passwordDBInit = *Lemonldap::NG::Portal::PasswordDBLDAP::passwordDBInit;
our $VERSION = '0.11';
our $VERSION = '0.2';
### ACCESS CONTROL DISPLAY SYSTEM
......
......@@ -34,7 +34,7 @@ use Safe;
#inherits Apache::Session
#link Lemonldap::NG::Common::Apache::Session::SOAP protected globalStorage
our $VERSION = '0.89';
our $VERSION = '0.90';
use base qw(Lemonldap::NG::Common::CGI Exporter);
our @ISA;
......
......@@ -12,7 +12,7 @@ package Lemonldap::NG::Portal::_Multi;
use Lemonldap::NG::Portal::Simple;
our $VERSION = '0.1';
our $VERSION = '0.11';
## @cmethod Lemonldap::NG::Portal::_Multi new(Lemonldap::NG::Portal::Simple portal)
# Constructor
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment