Commit f6a64535 authored by Xavier Guimard's avatar Xavier Guimard

New dependencies and documentation update

parent 81950e0b
......@@ -4,7 +4,7 @@ Priority: extra
Maintainer: Xavier Guimard <x.guimard@free.fr>
DM-Upload-Allowed: yes
Build-Depends: debhelper (>= 4.1.16), po-debconf
Build-Depends-Indep:libapache-session-perl, libnet-ldap-perl, libdbi-perl, libwww-perl, libcache-cache-perl, libxml-simple-perl, libcgi-session-perl, libcrypt-rijndael-perl, libxml-libxslt-perl, libio-string-perl, libregexp-assemble-perl, liburi-perl
Build-Depends-Indep:libapache-session-perl, libnet-ldap-perl, libdbi-perl, libwww-perl, libcache-cache-perl, libxml-simple-perl, libcgi-session-perl, libcrypt-rijndael-perl, libxml-libxslt-perl, libio-string-perl, libregexp-assemble-perl, liburi-perl, libstring-random-perl
Standards-Version: 3.8.0
Package: lemonldap-ng
......@@ -42,7 +42,7 @@ Package: liblemonldap-ng-conf-perl
Architecture: all
Depends: ${misc:Depends}, libdbi-perl, debconf, libcache-cache-perl, libregexp-assemble-perl, libcrypt-rijndael-perl
Recommends: libsoap-lite-perl
Description: Lemonldap::NG Apache administration interface part
Description: Lemonldap::NG administration interface part
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
or directly on application Apache servers.
.
......@@ -53,7 +53,7 @@ Package: liblemonldap-ng-manager-perl
Architecture: all
Depends: ${misc:Depends}, libxml-simple-perl, liblemonldap-ng-conf-perl (= ${binary:Version}), libjs-jquery, liblemonldap-ng-handler-perl (= ${binary:Version})
Recommends: libcache-cache-perl, libapache-session-perl, libsoap-lite-perl
Description: Lemonldap::NG Apache manager part
Description: Lemonldap::NG manager part
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
or directly on application Apache servers.
.
......@@ -61,9 +61,9 @@ Description: Lemonldap::NG Apache manager part
Package: liblemonldap-ng-portal-perl
Architecture: all
Depends: ${misc:Depends}, libapache-session-perl, libnet-ldap-perl, liblemonldap-ng-conf-perl (= ${binary:Version}), libhtml-template-perl, libjs-jquery, liblemonldap-ng-handler-perl (= ${binary:Version}), libxml-libxml-perl, libxml-libxslt-perl
Depends: ${misc:Depends}, libapache-session-perl, libnet-ldap-perl, liblemonldap-ng-conf-perl (= ${binary:Version}), libhtml-template-perl, libjs-jquery, liblemonldap-ng-handler-perl (= ${binary:Version}), libxml-libxml-perl, libxml-libxslt-perl, libstring-random-perl
Suggests: liblasso-perl, libcgi-session-perl, slapd
Description: Lemonldap::NG Apache authentication portal part
Description: Lemonldap::NG authentication portal part
Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
or directly on application Apache servers.
.
......
......@@ -730,16 +730,6 @@ level1Key =&gt; { level2Key =&gt; 'value' },
</tr>
<tr class="table-even">
<td>Groups base</td>
<td>ldapGroupBase</td>
<td>0</td>
<td>Yes</td>
</tr>
<tr class="table-odd">
<td>Main search filter</td>
<td>LDAPFilter</td>
......@@ -749,7 +739,7 @@ level1Key =&gt; { level2Key =&gt; 'value' },
<td>No</td>
</tr>
<tr class="table-even">
<tr class="table-odd">
<td>Authentication search filter</td>
<td>AuthLDAPFilter</td>
......@@ -759,7 +749,7 @@ level1Key =&gt; { level2Key =&gt; 'value' },
<td>No</td>
</tr>
<tr class="table-odd">
<tr class="table-even">
<td>Mail search filter</td>
<td>mailLDAPFilter</td>
......@@ -769,7 +759,7 @@ level1Key =&gt; { level2Key =&gt; 'value' },
<td>No</td>
</tr>
<tr class="table-even">
<tr class="table-odd">
<td>Password policy control</td>
<td>ldapPpolicyControl</td>
......@@ -779,7 +769,7 @@ level1Key =&gt; { level2Key =&gt; 'value' },
<td>No</td>
</tr>
<tr class="table-odd">
<tr class="table-even">
<td>Extended SetPassword modify</td>
<td>ldapSetPassword</td>
......@@ -788,6 +778,56 @@ level1Key =&gt; { level2Key =&gt; 'value' },
<td>No</td>
</tr>
<tr class="table-odd">
<td>Groups base</td>
<td>ldapGroupBase</td>
<td>0.8</td>
<td>No</td>
</tr>
<tr class="table-even">
<td>Groups objectClass</td>
<td>ldapGroupObjectClass</td>
<td>0.9.4</td>
<td>No</td>
</tr>
<tr class="table-odd">
<td>Groups member attribute</td>
<td>ldapGroupAttributeName</td>
<td>0.9.4</td>
<td>No</td>
</tr>
<tr class="table-even">
<td>Groups member link value</td>
<td>ldapGroupAttributeNameUser</td>
<td>0.9.4</td>
<td>No</td>
</tr>
<tr class="table-odd">
<td>Groups name attribute</td>
<td>ldapGroupAttributeNameSearch</td>
<td>0.9.4</td>
<td>No</td>
</tr>
</table>
<h4 class="heading-1-1-1"><span id="HSSL">SSL</span></h4><br />
......
......@@ -59,6 +59,10 @@
<h2 class="heading-1"><span id="HSOAPconfigurationbackend">SOAP
configuration backend</span></h2>
<p class="paragraph"></p>This documentation is available only for version
0.9.4 and later. For earlier versions, see the documentation in the source
tree.
<p class="paragraph"></p>
<ul>
......@@ -127,14 +131,14 @@ SOAP =&gt; 1,
<div class="code">
<pre>
type = SOAP
proxy = <span class="nobr"><a href=
"http://auth.example.com/index.pl/config">http://auth.example.com/index.pl/config</a></span>
</pre>
</div><br />
<br />
It will automatically send SOAP request to portal URL, for example
<span class="nobr"><a href=
"http://auth.example.com/index.pl/config">http://auth.example.com/index.pl/config</a></span><br />
</div>
<br />
<p class="paragraph"></p>It will send SOAP request to proxy URL.
<p class="paragraph"></p>
</div>
<p class="footer"><a href="index.html">Index</a></p>
......
......@@ -58,6 +58,10 @@
<h2 class="heading-1"><span id="HSOAPSessionbackend">SOAP Session
backend</span></h2>
<p class="paragraph"></p>This documentation is available only for version
0.9.4 and later. For earlier versions, see the documentation in the source
tree.
<p class="paragraph"></p>
<ul>
......@@ -140,9 +144,16 @@ Lemonldap::NG::Common::Apache::Session::SOAP
</pre>
</div><br />
<br />
No other parameters needed. It will automatically send SOAP request to
portal URL, for example <span class="nobr"><a href=
"http://auth.example.com/index.pl/sessions">http://auth.example.com/index.pl/sessions</a></span>
Set also this Session Storage option:
<div class="code">
<pre>
proxy =&gt; 'http://auth.example.com/index.pl/sessions'
</pre>
</div><br />
<br />
No other parameters needed. It will send SOAP request to configured proxy
URL.
</div>
<p class="footer"><a href="index.html">Index</a></p>
......
......@@ -101,35 +101,57 @@ userDB =&gt; LDAP,
<h3 class="heading-1-1"><span id="HGroups">Groups</span></h3><br />
<br />
You can set the search base of your groups branch. LemonLDAP::NG will find
all groups containing the authenticated user as a member. The filter used
is:
<div class="code">
<pre>
(|(member=<span class=
"java-quote">" . $self-&gt;{dn} . "</span>)(uniqueMember=<span class=
"java-quote">" . $self-&gt;{dn} . "</span>))
</pre>
</div><br />
LemonLDAP::NG can browse the directory and find the groups containing the
authenticated user as a member.<br />
<br />
Just set the ldapGroupBase parameter:
Parameters are:
<ul class="star">
<li>ldapGroupBase: DN of groups branch (can be the suffix)</li>
<li>ldapGroupObjectClass: objectClass of the groups</li>
<li>ldapGroupAttributeName: name of the attribute in the groups storing
the link to the user</li>
<li>ldapGroupAttributeNameUser: name of the attribute in users entries
used in the link</li>
<li>ldapGroupAttributeNameSearch: name(s) of the attribute storing the
name of the group (this should be a list reference)</li>
</ul>You can edit portal/index.pl to modify the values, for example:
<div class="code">
<pre>
ldapGroupBase =&gt; 'ou=groups,dc=example,dc=com',
ldapGroupObjectClass =&gt; 'groupOfUniqueNames',
ldapGroupAttributeName =&gt; 'uniqueMember',
ldapGroupAttributeNameUser =&gt; 'dn',
ldapGroupAttributeNameSearch =&gt; '[<span class="java-quote">"cn"</span>]',
</pre>
</div>
<h3 class="heading-1-1"><span id="HActiveDirectory">Active
Directory</span></h3><br />
<br />
As for LDAP authentication, just modify LDAPfitler:<br />
Directory</span></h3>
<p class="paragraph"></p>As for LDAP authentication, just modify
LDAPfitler:
<div class="code">
<pre>
LDAPFilter =&gt; '(&amp;(sAMAccountName=$user)(objectClass=user))',
</pre>
</div><br />
<br />
And for groups:
<div class="code">
<pre>
LDAPFilter =&gt; '(&amp;(sAMAccountName=$user)(ojectClass=person))',
ldapGroupBase =&gt; 'ou=groups,dc=example,dc=com',
ldapGroupObjectClass =&gt; 'group',
ldapGroupAttributeName =&gt; 'member',
ldapGroupAttributeNameUser =&gt; 'dn',
ldapGroupAttributeNameSearch =&gt; '[<span class="java-quote">"cn"</span>]',
</pre>
</div>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment