documentation:2.1:ldapsessionbackend

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

documentation:2.1:ldapsessionbackend [2019/01/15 15:55] (current)
Line 1: Line 1:
 +====== LDAP session backend ======
 +
 +An Apache session module was created by LL::NG team to store sessions in an LDAP directory.
 +
 +<note important>This module is not part of LL::NG distribution, and can be found on CPAN: [[http://search.cpan.org/dist/Apache-Session-LDAP/|Apache::Session::LDAP]].</note>
 +
 +<note tip>This module is also available on [[https://github.com/coudot/apache-session-ldap|GitHub]].</note>
 +
 +Sessions will be stored as LDAP entries, like this:
 +
 +<file>
 +dn: cn=6fb7c4a170a04668771f03b0a4747f46,ou=sessions,dc=example,dc=com
 +objectClass: applicationProcess
 +cn: 6fb7c4a170a04668771f03b0a4747f46
 +description: [Base64 serialized data]
 +</file>
 +
 +===== Setup =====
 +
 +Go in the Manager and set the LDAP session module ([[http://search.cpan.org/dist/Apache-Session-LDAP/|Apache::Session::LDAP]]) in ''General parameters'' » ''Sessions'' » ''Session storage'' » ''Apache::Session module'' and add the following parameters (case sensitive):
 +
 +^  Required parameters  ^^^
 +^  Name  ^  Comment  ^  Example  ^
 +|  **ldapServer**  | URI of the server | %%ldap://localhost%% |
 +|  **ldapConfBase**  | DN of sessions branch | ou=sessions,dc=example,dc=com |
 +|  **ldapBindDN**  | Connection login | cn=admin,dc=example,dc=password |
 +|  **ldapBindPassword**  | Connection password | secret |
 +^  Optional parameters  ^^^
 +^  Name  ^  Comment  ^  Default value  ^
 +|  **ldapObjectClass**  | Objectclass of the entry | applicationProcess |
 +|  **ldapAttributeId**  | Attribute storing session ID | cn |
 +|  **ldapAttributeContent**  | Attribute storing session content | description |
 +===== Security =====
 +
 +Restrict network access to the LDAP directory, and add specific ACL to session branch.
 +
 +You can also use different user/password for your servers by overriding parameters ''globalStorage'' and ''globalStorageOptions'' in lemonldap-ng.ini file.