Differences

This shows you the differences between two versions of the page.

Link to this comparison view

documentation:2.1:ldapsessionbackend [2019/01/15 15:55] (current)
Line 1: Line 1:
 +====== LDAP session backend ======
 +
 +An Apache session module was created by LL::NG team to store sessions in an LDAP directory.
 +
 +<note important>​This module is not part of LL::NG distribution,​ and can be found on CPAN: [[http://​search.cpan.org/​dist/​Apache-Session-LDAP/​|Apache::​Session::​LDAP]].</​note>​
 +
 +<note tip>This module is also available on [[https://​github.com/​coudot/​apache-session-ldap|GitHub]].</​note>​
 +
 +Sessions will be stored as LDAP entries, like this:
 +
 +<​file>​
 +dn: cn=6fb7c4a170a04668771f03b0a4747f46,​ou=sessions,​dc=example,​dc=com
 +objectClass:​ applicationProcess
 +cn: 6fb7c4a170a04668771f03b0a4747f46
 +description:​ [Base64 serialized data]
 +</​file>​
 +
 +===== Setup =====
 +
 +Go in the Manager and set the LDAP session module ([[http://​search.cpan.org/​dist/​Apache-Session-LDAP/​|Apache::​Session::​LDAP]]) in ''​General parameters''​ » ''​Sessions''​ » ''​Session storage''​ » ''​Apache::​Session module''​ and add the following parameters (case sensitive):
 +
 +^  Required parameters ​ ^^^
 +^  Name  ^  Comment ​ ^  Example ​ ^
 +|  **ldapServer** ​ | URI of the server | %%ldap://​localhost%% |
 +|  **ldapConfBase** ​ | DN of sessions branch | ou=sessions,​dc=example,​dc=com |
 +|  **ldapBindDN** ​ | Connection login | cn=admin,​dc=example,​dc=password |
 +|  **ldapBindPassword** ​ | Connection password | secret |
 +^  Optional parameters ​ ^^^
 +^  Name  ^  Comment ​ ^  Default value  ^
 +|  **ldapObjectClass** ​ | Objectclass of the entry | applicationProcess |
 +|  **ldapAttributeId** ​ | Attribute storing session ID | cn |
 +|  **ldapAttributeContent** ​ | Attribute storing session content | description |
 +===== Security =====
 +
 +Restrict network access to the LDAP directory, and add specific ACL to session branch.
 +
 +You can also use different user/​password for your servers by overriding parameters ''​globalStorage''​ and ''​globalStorageOptions''​ in lemonldap-ng.ini file.