GRR¶
HTTP header¶
Configuration¶
GRR has a SSO configuration page in its administration panel.
Do not use Lemonldap mode, which is for a very old Lemonldap version, but HTTP authentication.
Set the default profile of connected users and which headers contains surname, firstname and mail.
GRR will check the username in REMOTE_USER, so use remote header conversion if you are in proxy mode.
GRR virtual host in LL::NG¶
Access rules:
^/index.php => accept
default => unprotect
Headers:
Auth-User $uid
Auth-Sn: $sn
Auth-GivenName: $givenName
Auth-Mail: $mail