Commit d2acdd3e authored by Xavier Guimard's avatar Xavier Guimard

Update documentation

parent 772a69d9
......@@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=5e53528a309f1afd578fccb6a5f04cf7" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=a8e117edbbbe45106ea023b3c5ef2ae5" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
......@@ -220,7 +220,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1526585770" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1528371119" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>
......
......@@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=5e53528a309f1afd578fccb6a5f04cf7" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=a8e117edbbbe45106ea023b3c5ef2ae5" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
......@@ -220,7 +220,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1526585770" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1528371119" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>
......
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:authkerberos</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authkerberos"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authkerberos.html"/>
......
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:authrest</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,authrest"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authrest.html"/>
......@@ -117,7 +117,7 @@ Then you just have to set REST <abbr title="Uniform Resource Locator">URL</abbr>
<div class="level2">
<p>
REST web services just have to respond with a “result” key in a JSON file. Auth/UserDB can add a “info” array to will be copied is session data (without reading “Exported variables”).
REST web services just have to respond with a “result” key in a JSON file. Auth/UserDB can add an “info” array that will be stored in session data (without reading “Exported variables”).
</p>
<div class="table sectionedit7"><table class="inline table table-bordered table-striped">
<thead>
......@@ -138,7 +138,7 @@ REST web services just have to respond with a “result” key in a JSON file. A
<td class="col0 centeralign"> Password change <abbr title="Uniform Resource Locator">URL</abbr> </td><td class="col1"> JSON file: <code>{“user”:$user,“password”:$password}</code> </td><td class="col2"> JSON file: <code>{“result”:true/false}</code> </td>
</tr>
</table></div>
<!-- EDIT7 TABLE [824-1345] --><div class="notetip">To have only one call, you can set only REST authentication, set datas in “info” key response and set Null as User Database.
<!-- EDIT7 TABLE [827-1348] --><div class="notetip">To have just one call, you can only set REST authentication, set datas in “info” key response and set Null as User Database.
</div>
</div>
<!-- EDIT6 SECTION "REST Dialog" [614-] --></div>
......
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:checkstate</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,checkstate"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="checkstate.html"/>
......
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:cli_examples</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,cli_examples"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="cli_examples.html"/>
......
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:configapache</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,configapache"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="configapache.html"/>
......
......@@ -48,11 +48,11 @@
<div class="level1">
<p>
<a href="https://metacpan.org/release/Plack" class="urlextern" title="https://metacpan.org/release/Plack" rel="nofollow">Plack</a> is a powerful engine that powers many very fast <a href="http://plackperl.org/#servers" class="urlextern" title="http://plackperl.org/#servers" rel="nofollow">servers</a>. LLNG uses some Plack libraries to run as FastCGI server. It can so easily be launched on these servers. See also <a href="psgi.html" class="wikilink1" title="documentation:2.0:psgi">Advanced PSGI usage</a> if you want to replace LLNG FastCGI server.
<a href="https://metacpan.org/release/Plack" class="urlextern" title="https://metacpan.org/release/Plack" rel="nofollow">Plack</a> is a powerful engine that powers many very fast <a href="http://plackperl.org/#servers" class="urlextern" title="http://plackperl.org/#servers" rel="nofollow">servers</a>. LLNG uses some Plack libraries to run as FastCGI server. So, It can be easily run on these servers. See also <a href="psgi.html" class="wikilink1" title="documentation:2.0:psgi">Advanced PSGI usage</a> if you want to replace LLNG FastCGI server.
</p>
</div>
<!-- EDIT1 SECTION "Deploy LemonLDAP::NG on a Plack server" [1-377] -->
<!-- EDIT1 SECTION "Deploy LemonLDAP::NG on a Plack server" [1-373] -->
<h2 class="sectionedit2" id="complete_example">Complete example</h2>
<div class="level2">
<dl class="file">
......@@ -116,6 +116,6 @@ Launch it with <a href="https://github.com/miyagawa/Starman" class="urlextern" t
<pre class="code :bash"><span class="co4">$ </span>starman <span class="re5">--port</span> <span class="nu0">80</span> <span class="re5">--workers</span> <span class="nu0">32</span> llapp.psgi</pre>
</div>
<!-- EDIT2 SECTION "Complete example" [378-] --></div>
<!-- EDIT2 SECTION "Complete example" [374-] --></div>
</body>
</html>
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:configvhost</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,configvhost"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="configvhost.html"/>
......@@ -206,7 +206,7 @@ Then you can take any virtual host and modify it:
# Keep original hostname
fastcgi_param HOST $http_host;
&nbsp;
# Keep original request (LLNG server will received /llauth)
# Keep original request (LLNG server will receive /lmauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}</pre>
<ul>
......@@ -253,7 +253,7 @@ Then you can take any virtual host and modify it:
}</pre>
</div>
<!-- EDIT6 SECTION "Nginx configuration" [3049-4936] -->
<!-- EDIT6 SECTION "Nginx configuration" [3049-4935] -->
<h3 class="sectionedit7" id="hosted_application1">Hosted application</h3>
<div class="level3">
......@@ -312,7 +312,7 @@ server {
}</pre>
</div>
<!-- EDIT7 SECTION "Hosted application" [4937-6566] -->
<!-- EDIT7 SECTION "Hosted application" [4936-6565] -->
<h3 class="sectionedit8" id="reverse_proxy1">Reverse proxy</h3>
<div class="level3">
......@@ -363,7 +363,7 @@ server {
}</pre>
</div>
<!-- EDIT8 SECTION "Reverse proxy" [6567-7861] -->
<!-- EDIT8 SECTION "Reverse proxy" [6566-7860] -->
<h2 class="sectionedit9" id="lemonldapng_configuration">LemonLDAP::NG configuration</h2>
<div class="level2">
......@@ -390,7 +390,7 @@ A virtual host contains:
</ul>
</div>
<!-- EDIT9 SECTION "LemonLDAP::NG configuration" [7862-8461] -->
<!-- EDIT9 SECTION "LemonLDAP::NG configuration" [7861-8460] -->
<h3 class="sectionedit10" id="access_rules_and_http_headers">Access rules and HTTP headers</h3>
<div class="level3">
......@@ -399,7 +399,7 @@ See <strong><a href="writingrulesand_headers.html" class="wikilink1" title="docu
</p>
</div>
<!-- EDIT10 SECTION "Access rules and HTTP headers" [8462-8654] -->
<!-- EDIT10 SECTION "Access rules and HTTP headers" [8461-8653] -->
<h3 class="sectionedit11" id="post_data">POST data</h3>
<div class="level3">
......@@ -408,7 +408,7 @@ See <strong><a href="formreplay.html" class="wikilink1" title="documentation:2.0
</p>
</div>
<!-- EDIT11 SECTION "POST data" [8655-8789] -->
<!-- EDIT11 SECTION "POST data" [8654-8788] -->
<h3 class="sectionedit12" id="options">Options</h3>
<div class="level3">
......@@ -435,6 +435,6 @@ Some options are available:
</p>
</div>
<!-- EDIT12 SECTION "Options" [8790-] --></div>
<!-- EDIT12 SECTION "Options" [8789-] --></div>
</body>
</html>
......@@ -48,7 +48,7 @@
<div class="level1">
<p>
The goal of this handler is to read vhost configuration from the website itself and not in LLNG configuration. Rules and headers are set in a <strong>rules.json</strong> file available at the root of the website (ie <a href="http://website/rules.json" class="urlextern" title="http://website/rules.json" rel="nofollow">http://website/rules.json</a>). This file looks like:
This handler is designed to read vhost configuration from the website itself not from LL:NG configuration. Rules and headers are set in a <strong>rules.json</strong> file stored at the website root directory (ie <code>http://website/rules.json</code>). This file looks like:
</p>
<dl class="file">
<dt><a href="_export/code/documentation/2.0/devopshandler/codeblock.0.code" title="Download Snippet" class="mediafile mf_json">rules.json</a></dt>
......@@ -64,16 +64,16 @@ The goal of this handler is to read vhost configuration from the website itself
</dd></dl>
<p>
If this file is not found, a default rule is applied (accept) and 1 header is sent (Auth-User ⇒ $uid)
If this file is not found, the default rule “accept” is applied and just “Auth-User” header is sent (Auth-User ⇒ $uid).
</p>
<p>
There is nothing to configure to use it except that:
No specific configuration is required except that:
</p>
<ul>
<li class="level1"><div class="li"> you have to choose this handler <em>(directly using VHOSTTYPE environment variable [see below] or using manager if your websites are declared)</em></div>
<li class="level1"><div class="li"> you have to choose this specific handler <em>(directly by using <code>VHOSTTYPE</code> environment variable)</em></div>
</li>
<li class="level1"><div class="li"> you can set the loopback <abbr title="Uniform Resource Locator">URL</abbr> needed by the DevOps handler to get /rules.json. Default to <a href="http://127.0.0.1" class="urlextern" title="http://127.0.0.1" rel="nofollow">http://127.0.0.1</a>:&lt;server-port&gt;</div>
<li class="level1"><div class="li"> you can set the loopback <abbr title="Uniform Resource Locator">URL</abbr> needed by the DevOps handler to get <code>/rules.json</code> or use <code>RULES_<abbr title="Uniform Resource Locator">URL</abbr></code> parameter to set JSON file path <em>(see <a href="ssoaas.html" class="wikilink1" title="documentation:2.0:ssoaas">SSO as a Service</a>)</em>. Default to <code>http://127.0.0.1:&lt;server-port&gt;</code></div>
</li>
</ul>
<div class="noteimportant">Note that DevOps handler will refuse to compile rules.json if <a href="safejail.html" class="wikilink1" title="documentation:2.0:safejail">Safe Jail</a> isn&#039;t enabled.
......
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:handlerarch</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,handlerarch"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="handlerarch.html"/>
......
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:handlerauthbasic</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,handlerauthbasic"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="handlerauthbasic.html"/>
......@@ -127,7 +127,7 @@ Since 1.9.6, LLNG FastCGI server can handle AuthBasic handler. To call it, you j
# Keep original hostname
fastcgi_param HOST $http_host;
# Keep original request (LLNG server will received /llauth)
# Keep original request (LLNG server will receive /lmauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
location / {
......@@ -144,7 +144,7 @@ location / {
}</pre>
</div>
<!-- EDIT5 SECTION "Nginx" [1091-2114] -->
<!-- EDIT5 SECTION "Nginx" [1091-2113] -->
<h3 class="sectionedit6" id="handler_parameters">Handler parameters</h3>
<div class="level3">
......@@ -153,6 +153,6 @@ No parameters needed. But you have to allow sessions web services, see <a href="
</p>
</div>
<!-- EDIT6 SECTION "Handler parameters" [2115-] --></div>
<!-- EDIT6 SECTION "Handler parameters" [2114-] --></div>
</body>
</html>
......@@ -142,7 +142,7 @@ handler.<span class="me1">nginxServer</span><span class="br0">&#40;</span><span
# Keep original hostname
fastcgi_param HOST $http_host;
&nbsp;
# Keep original request (LLNG server will received /lmauth)
# Keep original request (LLNG server will receive /lmauth)
fastcgi_param X_ORIGINAL_URI $request_uri;
}
&nbsp;
......@@ -158,7 +158,7 @@ handler.<span class="me1">nginxServer</span><span class="br0">&#40;</span><span
</dd></dl>
</div>
<!-- EDIT3 SECTION "Use it as FastCGI server (application protection only)" [732-1913] -->
<!-- EDIT3 SECTION "Use it as FastCGI server (application protection only)" [732-1912] -->
<h3 class="sectionedit4" id="use_it_to_protect_an_express_app">Use it to protect an express app</h3>
<div class="level3">
<dl class="file">
......@@ -188,6 +188,6 @@ app.<span class="me1">listen</span><span class="br0">&#40;</span><span class="nu
</dd></dl>
</div>
<!-- EDIT4 SECTION "Use it to protect an express app" [1914-] --></div>
<!-- EDIT4 SECTION "Use it to protect an express app" [1913-] --></div>
</body>
</html>
......@@ -183,7 +183,7 @@ Natively, Nginx supportes FastCGI and uWSGI protocoles.
<p>
Therefore, LLNG services can be provided by compatible external servers.
</p>
<div class="notetip">FastCGI or uWSGI server(s) can be installed on separate hosts. Also you can imagine a global cloud-FastCGI/uWSGI-service for all your Nginx servers. See <a href="ssoaas.html" class="wikilink1" title="documentation:2.0:ssoaas">SSO as a service (SSOaaS)</a> for more.
<div class="notetip">FastCGI or uWSGI server(s) can be installed on separate hosts. Also you can imagine a global cloud-FastCGI/uWSGI-service for all your Nginx servers. See more at <a href="ssoaas.html" class="wikilink1" title="documentation:2.0:ssoaas">SSO as a service (SSOaaS)</a>.
</div>
</div>
......@@ -191,7 +191,7 @@ Therefore, LLNG services can be provided by compatible external servers.
<div class="level4">
<p>
By default, LLNG provides a Plack based FastCGI server able to afford all LLNG services using <a href="https://metacpan.org/pod/Plack::Handler::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI" rel="nofollow">FCGI</a> engine <strong>(default)</strong>.
By default, LLNG provides a Plack based FastCGI server able to afford all LLNG services using <a href="https://metacpan.org/pod/Plack::Handler::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI" rel="nofollow">FCGI</a> engine.
</p>
<p>
......@@ -211,7 +211,7 @@ However, you can use some other FastCGI server engines:
<li class="level1"><div class="li"> <a href="https://github.com/LemonLDAPNG/node-lemonldap-ng-handler#nginx-authorization-server" class="urlextern" title="https://github.com/LemonLDAPNG/node-lemonldap-ng-handler#nginx-authorization-server" rel="nofollow">LLNG FastCGI server for Node.js</a>(*)</div>
</li>
</ul>
<div class="notewarning">(*) LLNG Node.js handler can be used only as Nginx `auth_request` server, not to serve Portal or Manager
<div class="notewarning">(*) LLNG Node.js handler can only be used as Nginx `auth_request` server, not to serve Portal or Manager
</div>
</div>
......
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:portal</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,portal"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="portal.html"/>
......@@ -57,7 +57,7 @@ The portal is the main component of <abbr title="LemonLDAP::NG">LL::NG</abbr>. I
<ul>
<li class="level3"><div class="li"> using own database (<a href="authldap.html" class="wikilink1" title="documentation:2.0:authldap">LDAP</a>, <a href="authdbi.html" class="wikilink1" title="documentation:2.0:authdbi">SQL</a>, …)</div>
</li>
<li class="level3"><div class="li"> using Apache authentication system (used for <a href="authssl.html" class="wikilink1" title="documentation:2.0:authssl">SSL</a>, <a href="authapache.html" class="wikilink1" title="documentation:2.0:authapache">Kerberos</a>, <a href="authapache.html" class="wikilink1" title="documentation:2.0:authapache">HTTP basic authentication</a>, …)</div>
<li class="level3"><div class="li"> using web server authentication system (used for <a href="authssl.html" class="wikilink1" title="documentation:2.0:authssl">SSL</a>, <a href="authapache.html" class="wikilink1" title="documentation:2.0:authapache">Kerberos</a>, <a href="authapache.html" class="wikilink1" title="documentation:2.0:authapache">HTTP basic authentication</a>, …)</div>
</li>
<li class="level3"><div class="li"> using external identity provider (<a href="authsaml.html" class="wikilink1" title="documentation:2.0:authsaml">SAML</a>, <a href="authopenid.html" class="wikilink1" title="documentation:2.0:authopenid">OpenID</a>, <a href="authcas.html" class="wikilink1" title="documentation:2.0:authcas">CAS</a>, <a href="authtwitter.html" class="wikilink1" title="documentation:2.0:authtwitter">Twitter</a>, other <abbr title="LemonLDAP::NG">LL::NG</abbr> system, …)</div>
</li>
......@@ -102,7 +102,7 @@ The portal is the main component of <abbr title="LemonLDAP::NG">LL::NG</abbr>. I
</ul>
</div>
<!-- EDIT1 SECTION "The portal" [1-1812] -->
<!-- EDIT1 SECTION "The portal" [1-1816] -->
<h2 class="sectionedit2" id="functioning">Functioning</h2>
<div class="level2">
......@@ -122,7 +122,7 @@ The portal is the main component of <abbr title="LemonLDAP::NG">LL::NG</abbr>. I
<div class="notetip">Each module can be disabled using the <code>Null</code> backend.
</div>
</div>
<!-- EDIT2 SECTION "Functioning" [1813-2359] -->
<!-- EDIT2 SECTION "Functioning" [1817-2363] -->
<h2 class="sectionedit3" id="kinematics">Kinematics</h2>
<div class="level2">
<ol>
......@@ -130,13 +130,13 @@ The portal is the main component of <abbr title="LemonLDAP::NG">LL::NG</abbr>. I
</li>
<li class="level1"><div class="li"> Check if user is already authenticated</div>
<ul>
<li class="level2"><div class="li"> If not authenticated (or authentication is forced) try to find it (userDB module) and to authenticate it (auth module), create session, calculate groups and macros and store them. In 1.3, <abbr title="LemonLDAP::NG">LL::NG</abbr> have a captcha feature which is used in this case.</div>
<li class="level2"><div class="li"> If not authenticated (or authentication is forced) try to find it (userDB module) and to authenticate it (auth module), create session, ask for second factor if required, calculate groups and macros and store them. In 1.3, <abbr title="LemonLDAP::NG">LL::NG</abbr> has got a captcha feature which is used in this case.</div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> Modify password if asked</div>
<li class="level1"><div class="li"> Modify password if asked (password module)</div>
</li>
<li class="level1"><div class="li"> Provides identity if asked</div>
<li class="level1"><div class="li"> Provides identity if asked (IdP module)</div>
</li>
<li class="level1"><div class="li"> Build <a href="ssocookie.html" class="wikilink1" title="documentation:2.0:ssocookie">cookie(s)</a></div>
</li>
......@@ -146,6 +146,6 @@ The portal is the main component of <abbr title="LemonLDAP::NG">LL::NG</abbr>. I
<div class="noteclassic">See also <a href="documentation/presentation.html#kinematics" class="wikilink1" title="documentation:presentation">general kinematics presentation</a>.
</div>
</div>
<!-- EDIT3 SECTION "Kinematics" [2360-] --></div>
<!-- EDIT3 SECTION "Kinematics" [2364-] --></div>
</body>
</html>
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:prereq</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,prereq"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="prereq.html"/>
......@@ -103,10 +103,10 @@ For Apache2, you can use all workers mpm-worker, mpm-prefork and mpm-event. Mpm-
<!-- EDIT2 SECTION "Web Server" [48-610] -->
<h2 class="sectionedit3" id="perl">Perl</h2>
<div class="level2">
<div class="noteclassic">Here is the list of Perl modules used in LemonLDAP::NG. Core modules must be installed on the system. Other modules must be installed only if you planned to use the related feature.
<div class="noteclassic">Here the list of Perl modules used in LemonLDAP::NG. Core modules must be installed on the system. Other modules must be installed only if you planned to use the related feature.
</div>
</div>
<!-- EDIT3 SECTION "Perl" [611-824] -->
<!-- EDIT3 SECTION "Perl" [611-821] -->
<h3 class="sectionedit4" id="core">Core</h3>
<div class="level3">
<ul>
......@@ -181,7 +181,7 @@ For Apache2, you can use all workers mpm-worker, mpm-prefork and mpm-event. Mpm-
</ul>
</div>
<!-- EDIT4 SECTION "Core" [825-1448] -->
<!-- EDIT4 SECTION "Core" [822-1445] -->
<h3 class="sectionedit5" id="deprecated_features">Deprecated features</h3>
<div class="level3">
<ul>
......@@ -204,7 +204,7 @@ For Apache2, you can use all workers mpm-worker, mpm-prefork and mpm-event. Mpm-
</ul>
</div>
<!-- EDIT5 SECTION "Deprecated features" [1449-1617] -->
<!-- EDIT5 SECTION "Deprecated features" [1446-1614] -->
<h3 class="sectionedit6" id="saml2">SAML2</h3>
<div class="level3">
<ul>
......@@ -217,7 +217,7 @@ For Apache2, you can use all workers mpm-worker, mpm-prefork and mpm-event. Mpm-
</ul>
</div>
<!-- EDIT6 SECTION "SAML2" [1618-1703] -->
<!-- EDIT6 SECTION "SAML2" [1615-1700] -->
<h3 class="sectionedit7" id="specific_authentication_backends">Specific authentication backends</h3>
<div class="level3">
<ul>
......@@ -260,7 +260,7 @@ For Apache2, you can use all workers mpm-worker, mpm-prefork and mpm-event. Mpm-
</ul>
</div>
<!-- EDIT7 SECTION "Specific authentication backends" [1704-1932] -->
<!-- EDIT7 SECTION "Specific authentication backends" [1701-1929] -->
<h3 class="sectionedit8" id="smtpreset_password_by_mail">SMTP / Reset password by mail</h3>
<div class="level3">
<ul>
......@@ -271,7 +271,7 @@ For Apache2, you can use all workers mpm-worker, mpm-prefork and mpm-event. Mpm-
</ul>
</div>
<!-- EDIT8 SECTION "SMTP / Reset password by mail" [1933-2011] -->
<!-- EDIT8 SECTION "SMTP / Reset password by mail" [1930-2008] -->
<h3 class="sectionedit9" id="unit_tests">Unit tests</h3>
<div class="level3">
<ul>
......@@ -284,7 +284,7 @@ For Apache2, you can use all workers mpm-worker, mpm-prefork and mpm-event. Mpm-
</ul>
</div>
<!-- EDIT9 SECTION "Unit tests" [2012-2078] -->
<!-- EDIT9 SECTION "Unit tests" [2009-2075] -->
<h2 class="sectionedit10" id="other">Other</h2>
<div class="level2">
<ul>
......@@ -295,19 +295,19 @@ For Apache2, you can use all workers mpm-worker, mpm-prefork and mpm-event. Mpm-
</ul>
</div>
<!-- EDIT10 SECTION "Other" [2079-2295] -->
<!-- EDIT10 SECTION "Other" [2076-2292] -->
<h2 class="sectionedit11" id="install_dependencies_on_your_system">Install dependencies on your system</h2>
<div class="level2">
</div>
<!-- EDIT11 SECTION "Install dependencies on your system" [2296-2345] -->
<!-- EDIT11 SECTION "Install dependencies on your system" [2293-2342] -->
<h3 class="sectionedit12" id="apt-get">APT-GET</h3>
<div class="level3">
<p>
Perl dependencies:
</p>
<pre class="code">apt install libapache-session-perl libcache-cache-perl libclone-perl libconfig-inifiles-perl libconvert-pem-perl libcrypt-openssl-bignum-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libcrypt-rijndael-perl libdbi-perl libdigest-hmac-perl libemail-sender-perl libgd-securityimage-perl libhtml-template-perl libio-string-perl libjson-perl libmime-tools-perl libmouse-perl libnet-ldap-perl libplack-perl libregexp-assemble-perl libregexp-common-perl libsoap-lite-perl libstring-random-perl libunicode-string-perl liburi-perl libwww-perl libxml-simple-perl</pre>
<pre class="code">apt install libapache-session-perl libcache-cache-perl libclone-perl libconfig-inifiles-perl libconvert-pem-perl libcrypt-openssl-bignum-perl libcrypt-openssl-rsa-perl libcrypt-openssl-x509-perl libcrypt-rijndael-perl libdbi-perl libdigest-hmac-perl libemail-sender-perl libgd-securityimage-perl libhtml-template-perl libio-string-perl libjson-perl libmime-tools-perl libmouse-perl libnet-ldap-perl libplack-perl libregexp-assemble-perl libregexp-common-perl libsoap-lite-perl libstring-random-perl libunicode-string-perl liburi-perl libwww-perl libxml-simple-perl libxml-libxslt-perl</pre>
<p>
For Apache:
......@@ -320,7 +320,7 @@ For Nginx:
<pre class="code">apt install nginx nginx-extras</pre>
</div>
<!-- EDIT12 SECTION "APT-GET" [2346-3108] -->
<!-- EDIT12 SECTION "APT-GET" [2343-3125] -->
<h3 class="sectionedit13" id="yum">YUM</h3>
<div class="level3">
<div class="notetip">You need <a href="http://fedoraproject.org/wiki/EPEL/" class="urlextern" title="http://fedoraproject.org/wiki/EPEL/" rel="nofollow">EPEL</a> repository. See how you can activate this repository: <a href="http://fedoraproject.org/wiki/EPEL/FAQ#howtouse" class="urlextern" title="http://fedoraproject.org/wiki/EPEL/FAQ#howtouse" rel="nofollow">http://fedoraproject.org/wiki/EPEL/FAQ#howtouse</a>
......@@ -342,6 +342,6 @@ For Nginx:
<div class="noteimportant">As you need a recent version of Nginx, the best is to install <a href="https://www.nginx.com/resources/wiki/start/topics/tutorials/install/#official-red-hat-centos-packages" class="urlextern" title="https://www.nginx.com/resources/wiki/start/topics/tutorials/install/#official-red-hat-centos-packages" rel="nofollow">Nginx official packages</a>.
</div>
</div>
<!-- EDIT13 SECTION "YUM" [3109-] --></div>
<!-- EDIT13 SECTION "YUM" [3126-] --></div>
</body>
</html>
......@@ -43,6 +43,28 @@
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#fastcgi_server_replacement">FastCGI server replacement</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#llng_fastcgi_server">LLNG FastCGI Server</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#some_examples">Some examples</a></div></li>
</ul>
</li>
<li class="level2"><div class="li"><a href="#using_uwsgi">Using uWSGI</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#using_debian_lemonldap-ng-uwsgi-app_package">Using Debian lemonldap-ng-uwsgi-app package</a></div></li>
</ul></li>
</ul></li>
</ul>
</div>
</div>
<!-- TOC END -->
<h1 class="sectionedit1" id="advanced_psgi_usage">Advanced PSGI usage</h1>
<div class="level1">
......@@ -80,7 +102,15 @@ A <code>llng-server.psgi</code> is provided in example directory. It is designed
<ul>
<li class="level1"><div class="li"> with a FCGI Plack server, but you just have to change llng-fastcgi-server engine <em>(in /etc/default/llng-fastcgi-server)</em> to have the same result. Available engines:</div>
<ul>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI" rel="nofollow">FCGI</a> <strong>(default)</strong></div>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::FCGI" rel="nofollow">FCGI</a> <strong>(default)</strong>. It can use the following managers:</div>
<ul>
<li class="level3"><div class="li"> <a href="https://metacpan.org/pod/FCGI::ProcManager" class="urlextern" title="https://metacpan.org/pod/FCGI::ProcManager" rel="nofollow">FCGI::ProcManager</a> (default)</div>
</li>
<li class="level3"><div class="li"> <a href="https://metacpan.org/pod/FCGI::ProcManager::Constrained" class="urlextern" title="https://metacpan.org/pod/FCGI::ProcManager::Constrained" rel="nofollow">FCGI::ProcManager::Constrained</a></div>
</li>
<li class="level3"><div class="li"> <a href="https://metacpan.org/pod/FCGI::ProcManager::Dynamic" class="urlextern" title="https://metacpan.org/pod/FCGI::ProcManager::Dynamic" rel="nofollow">FCGI::ProcManager::Dynamic</a></div>
</li>
</ul>
</li>
<li class="level2"><div class="li"> <a href="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" class="urlextern" title="https://metacpan.org/pod/Plack::Handler::AnyEvent::FCGI" rel="nofollow">AnyEvent::FCGI</a></div>
</li>
......@@ -97,7 +127,7 @@ A <code>llng-server.psgi</code> is provided in example directory. It is designed
<li class="level1"><div class="li"> with uWSGI <em><strong>(see below)</strong></em></div>
</li>
</ul>
<div class="noteimportant">Starman, Twiggy,… are HTTP servers, not FCGI ones !
<div class="noteimportant">Starman, Twiggy,… are HTTP servers, not FastCGI ones !
</div>
<p>
You can also replace only a part of it to create a specialized FastCGI server (portal,…). Look at <code>llng-server.psgi</code> example and take the part you want to use.
......@@ -107,25 +137,104 @@ You can also replace only a part of it to create a specialized FastCGI server (p
There are also some other psgi files in examples directory.
</p>
</div>
<!-- EDIT2 SECTION "FastCGI server replacement" [636-2102] -->
<h3 class="sectionedit3" id="llng_fastcgi_server">LLNG FastCGI Server</h3>
<div class="level3">
<p>
<code>llng-fastcgi-server</code> can be launched with the following options:
</p>
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign" colspan="2"> Command-line options </th><th class="col2 centeralign"> Environment variable </th><th class="col3 centeralign"> Explanation </th>
</tr>
<tr class="row1 rowodd">
<th class="col0 centeralign"> Short </th><th class="col1 centeralign"> Long </th><th class="col2 leftalign"> </th><th class="col3 leftalign"> </th>
</tr>
</thead>
<tr class="row2 roweven">
<td class="col0 centeralign"> -p </td><td class="col1 centeralign"> –pid </td><td class="col2 centeralign"> PID </td><td class="col3 leftalign"> Process PID </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> -u </td><td class="col1 centeralign"> –user </td><td class="col2 centeralign"> USER </td><td class="col3"> Unix uid </td>
</tr>
<tr class="row4 roweven">
<td class="col0 centeralign"> -g </td><td class="col1 centeralign"> –group </td><td class="col2 centeralign"> GROUP </td><td class="col3"> Unix gid </td>
</tr>
<tr class="row5 rowodd">
<td class="col0 centeralign"> -n </td><td class="col1 centeralign"> –proc </td><td class="col2 centeralign"> NPROC </td><td class="col3"> Number of process to launch <em>(FCGI::ProcManager*)</em> </td>
</tr>
<tr class="row6 roweven">
<td class="col0 centeralign"> -s </td><td class="col1 centeralign"> –socket </td><td class="col2 centeralign"> SOCKET </td><td class="col3"> Socket to listen to </td>
</tr>
<tr class="row7 rowodd">
<td class="col0 centeralign"> -l </td><td class="col1 centeralign"> –listen </td><td class="col2 centeralign"> LISTEN </td><td class="col3"> Listening address. Examples: <code>host:port</code>, <code>:port</code>, <code>/socket/path</code> </td>
</tr>
<tr class="row8 roweven">
<td class="col0 centeralign"> -f </td><td class="col1 centeralign"> –customFunctionsFile </td><td class="col2 centeralign"> CUSTOM_FUNCTIONS_FILE </td><td class="col3"> File to load for custom functions </td>
</tr>
<tr class="row9 rowodd">
<td class="col0 centeralign"> -e </td><td class="col1 centeralign"> –engine </td><td class="col2 centeralign"> ENGINE </td><td class="col3"> Plack::Handler engine, default to FCGI <em>(see below)</em> </td>
</tr>
<tr class="row10 roweven">
<td class="col0 leftalign"> </td><td class="col1 centeralign"> –plackOptions </td><td class="col2 leftalign"> </td><td class="col3"> Other options to path to Plack. Can bu multi-valued. Values must look like <code>key=value</code> </td>
</tr>
</table></div>
<!-- EDIT4 TABLE [2202-2973] -->
<p>
See <code>llng-fastcgi-server(1)</code> manpage.
</p>
</div>
<h4 id="some_examples">Some examples</h4>
<div class="level4">
<p>
See also <a href="highperfnginxhandler.html" class="wikilink1" title="documentation:2.0:highperfnginxhandler">High performance handler for Nginx</a>
FCGI with FCGI::ProcManager::Constrained
</p>
<pre class="code shell">llng-fastcgi-server -u nobody -g nobody -s /run/llng.sock -n 10 -e FCGI \
--plackOptions manager=FCGI::ProcManager::Constrained</pre>
<p>
FCGI::Engine::ProcManager
</p>
<pre class="code shell">llng-fastcgi-server -u nobody -g nobody -s /run/llng.sock -n 10 \
-e FCGI::Engine::ProcManager</pre>
</div>
<!-- EDIT2 SECTION "FastCGI server replacement" [636-1878] -->
<h3 class="sectionedit3" id="using_uwsgi">Using uWSGI</h3>
<!-- EDIT3 SECTION "LLNG FastCGI Server" [2103-3412] -->
<h3 class="sectionedit5" id="using_uwsgi">Using uWSGI</h3>
<div class="level3">
<p>
You must install uWSGI PSGI plugin. Then for example, launch llng-server.psgi <em>(simple example)</em>:
</p>
<pre class="code">uwsgi --plugins psgi --socket :5000 --psgi e2e-tests/llng-server.psgi</pre>
<pre class="code">/usr/bin/uwsgi --plugins psgi --socket :5000 --uid www-data --gid www-data --psgi /usr/share/lemonldap-ng/llng-server/llng-server.psgi</pre>
<p>
You will find in LLNG Nginx configuration files some comments that explain how to configure Nginx to use uWSGI instead of LLNG FastCGI server.
</p>
</div>
<!-- EDIT3 SECTION "Using uWSGI" [1879-] --></div>
<h4 id="using_debian_lemonldap-ng-uwsgi-app_package">Using Debian lemonldap-ng-uwsgi-app package</h4>
<div class="level4">
<p>
lemonldap-ng-uwsgi-app installs a uWSGI application: <code>/etc/uwsgi/apps-available/llng-server.yaml</code>. To enable it, link it in <code>apps-enabled</code> and restart your uWSGI daemon:
</p>
<pre class="code shell">cd /etc/uwsgi/apps-enabled
ln -s ../apps-available/llng-server.yaml
service uwsgi restart</pre>
<p>
Then adapt your Nginx configuration to use this uWSGI app.
</p>
</div>
<!-- EDIT5 SECTION "Using uWSGI" [3413-] --></div>
</body>
</html>
......@@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:redirections</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,redirections"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="redirections.html"/>
......
......@@ -2,13 +2,13 @@
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:highperfnginxhandler</title>
<title>documentation:2.0:restminihowto</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,highperfnginxhandler"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,restminihowto"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="highperfnginxhandler.html"/>
<link rel="contents" href="highperfnginxhandler.html" title="Sitemap"/>
<link rel="start" href="restminihowto.html"/>
<link rel="contents" href="restminihowto.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
......@@ -19,7 +19,7 @@
//else -->
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:highperfnginxhandler","namespace":"documentation:2.0"};