Documentation for LemonLDAP::NG 1.3
Installation
Configuration
First steps
Portal
Authentication, users and password databases
| Backend | Authentication | Users | Password |
|---|---|---|---|
| Active Directory | ✔ | ✔ | |
| Apache (Kerberos, NTLM, OTP, ...) | ✔ | ||
| Backend choice by users | ✔ | ✔ | ✔ |
| BrowserID (Mozilla Persona) | ✔ | ||
| CAS | ✔ | ||
| Databases (DBI) | ✔ | ✔ | ✔ |
| Demonstration | ✔ | ✔ | ✔ |
| ✔ | ✔ | ||
| ✔ | ✔ | ||
| LDAP | ✔ | ✔ | ✔ |
| Null | ✔ | ✔ | ✔ |
| OpenID | ✔ | ✔ | |
| Proxy LL::NG | ✔ | ✔ | |
| Radius | ✔ | ||
| Remote LL::NG | ✔ | ✔ | |
| SAML 2.0 / Shibboleth | ✔ | ✔ | |
| Slave | ✔ | ✔ | |
| SSL | ✔ | ||
| Stack multiple backends | ✔ | ✔ | |
| ✔ | |||
| WebID | ✔ | ✔ | |
| Yubikey | ✔ |
Configuration database
LL::NG needs a storage system to store its own configuration (managed by the manager). Choose one of the following:
| Backend | Shareable | Comment |
|---|---|---|
| File configuration backend | Not shareable between servers except if used in conjunction with SOAP configuration backend or with a shared file system (NFS,…). Selected by default during installation. | |
| JSON File configuration backend | Not shareable between servers except if used in conjunction with SOAP configuration backend or with a shared file system (NFS,…). | |
| SQL configuration backend (called RDBI or CDBI) | ✔ | |
| LDAP configuration backend | ✔ | |
| SOAP configuration backend | ✔ | Proxy backend to be used in conjunction with another configuration backend. Can be used to secure another backend for remote servers. |
You can not start with an empty configuration, so read how to change configuration backend to convert your existing configuration into another one.
Sessions database
Sessions are stored using Apache::Session modules family. All Apache::Session style modules are useable except for some features.
| Backend | Shareable | Session explorer | Session restrictions | Session expiration | Comment |
|---|---|---|---|---|---|
| File | ✔ | ✔ | ✔ | Not shareable between servers except if used in conjunction with SOAP session backend or with a shared file system (NFS,…). Selected by default during installation. | |
| SQL | ✔ | ✔ | ✔ | ✔ | Unoptimized for session explorer and single session features. |
| LDAP | ✔ | ✔ | ✔ | ✔ | |
| Memcached | ✔ | Must be secured by network access control. | |||
| NoSQL (Redis) | ✔ | ✔ | ✔ | ✔ | The faster. Must be secured by network access control. |
| Browseable (SQL, Redis or LDAP) | ✔ | ✔ | ✔ | ✔ | Optimized for session explorer and single session features. |
| SOAP | ✔ | ✔ | ✔ | ✔ | Proxy backend to be used in conjunction with another session backend. Can be used to secure another backend for remote servers. |
Identity provider
- All identity provider protocols can be used simultaneously
Applications protection
Advanced features
