The Portal

The Portal is the main component of LL::NG. It provides many features:

  • Authentication service of course
  • Identity provider: LL::NG is able to provide identity service using:
  • Identity provider proxy: LL::NG can be used as proxy translator between systems talking SAML, OpenID, CAS, …
  • Internal SOAP server used by SOAP configuration backend and usable for specific development (see SOAP services for more)
  • Internal REST server used by REST configuration backend and usable for specific development (see REST services for more)
  • Interactive management of user passwords:
    • Password change form (in menu)
    • Self service reset (send a mail to the user with a to change the password)
    • Force password change with LDAP password policy password reset flag
  • Application menu: display authorized applications in categories
  • Notifications: prompt users with a message if found in the notification database
  • Second factors management


LL::NG portal is a modular component. It needs 4 modules to work:


Each module can be disabled using the Null backend.


  1. Check if URL asked is valid
  2. Check if user is already authenticated
    • If not authenticated (or authentication is forced), try to find (userDB module) and authenticate him (auth module), collect user data, compute groups and macros, ask for second factor if required, create a session and store it. LL::NG affords a captcha feature which can be enabled.
  3. Modify password if asked (password module)
  4. Provide identity if asked (IdP module)
  5. Build cookie(s)
  6. Redirect user to the asked URL or display dynamic menu

URL parameters

Some parameters in URL can change the behavior of the portal:

  • logout: Launch the logout process (for example: logout=1)
  • tab: Preselect a tab (Choice or Menu) (for example: tab=password)
  • llnglanguage: Force lang used to display the page (for example: llnglanguage=fr)
  • setCookieLang: Update lang cookie to persist the language set with llnglanguage parameter (for example: setCookieLang=1)