The Portal¶
The Portal is the main component of LL::NG. It provides many features:
Authentication service of course
Web based for normal users:
SOAP based and REST based for client-server software, specific development, …
Identity provider: LL::NG is able to provide identity service using:
Identity provider proxy: LL::NG can be used as proxy translator between systems talking SAML, OpenID, CAS, …
Internal SOAP server used by SOAP configuration backend and usable for specific development (see SOAP services for more)
Internal REST server used by REST configuration backend and usable for specific development (see REST services for more)
Interactive management of user passwords:
Password change form (in menu)
Self service reset (send a mail to the user with a to change the password)
Force password change with LDAP password policy password reset flag
Application menu: display authorized applications in categories
Notifications: prompt users with a message if found in the notification database
Second factors management
How it works¶
LL::NG portal is a modular component. It needs 4 modules to work:
Authentication: how to check user credentials
User database: where to collect user information
Password database: where to change password
Identity provider: how to forward user identity
Tip
Each module can be disabled using the Null
backend.
Kinematics¶
Check if requested URL is valid
Check if user is already authenticated
If not authenticated (or authentication is forced), try to find (userDB module) and authenticate him (auth module), collect user data, compute groups and macros, ask for second factor if required, create a session and store it. LL::NG affords a captcha feature which can be enabled.
Modify password if asked (password module)
Provide identity if asked (IdP module)
Build cookie(s)
Redirect user to the asked URL or display dynamic menu
Note
See also general kinematics presentation.
URL parameters¶
Some parameters in URL can change Portal behaviour:
confirm: Bypass confirmation page (for example:
confirm=1
)llnglanguage: Force lang used to display the page (for example:
llnglanguage=fr
)logout: Launch logout process (for example:
logout=1
)tab: Preselect a tab (Choice or Menu) (for example:
tab=password
)setCookieLang: Update lang cookie to keep language set with
llnglanguage
parameter (for example:setCookieLang=1
)