Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
documentation:latest:portal [2010/11/24 22:20]
127.0.0.1 external edit
documentation:latest:portal [2019/01/15 15:54] (current)
Line 4: Line 4:
   * **Authentication service** of course   * **Authentication service** of course
     * Web based for normal users:     * Web based for normal users:
-      * using own database (LDAP, SQL, ...) +      * using own database ([[authldap|LDAP]][[authdbi|SQL]], ...) 
-      * using Apache ​authentication system (used for SSL, Kerberos, HTTP basic authentication,​ ...) +      * using web server ​authentication system (used for [[authssl|SSL]][[authapache|Kerberos]][[authapache|HTTP basic authentication]], ...) 
-      * using external identity provider (SAML, OpenID, CAS, Twitter, other LL::NG system, ...) +      * using external identity provider ([[authsaml|SAML]][[authopenid|OpenID]][[authcas|CAS]][[authtwitter|Twitter]], other LL::NG system, ...) 
-      * all together (based on user choice, rules, ...) +      * all together (based on user [[authchoice|choice]][[authmulti|rules]], ...) 
-    * SOAP based for client-server software, specific development,​ ...+    * [[soapservices|SOAP based]] and [[restservices|REST based]] for client-server software, specific development,​ ...
   * **Identity provider**: LL::NG is able to provide identity service using:   * **Identity provider**: LL::NG is able to provide identity service using:
-    * SAML +    * [[idpsaml|SAML]] 
-    * OpenID +    * [[idpopenidconnect|OpenID ​Connect]] 
-    * CAS +    * [[idpcas|CAS]] 
-  * **Identity provider proxy**: LL::NG can be used as proxy translator between systems talking SAML, OpenID, CAS, ... +  * **[[federationproxy|Identity provider proxy]]**: LL::NG can be used as proxy translator between systems talking SAML, OpenID, CAS, ... 
-  * **Internal SOAP server** used by [[soapconfbackend|SOAP configuration backend]] and usable for specific development (see [[soapServices|SOAP services]] for more)+  * **Internal SOAP server** used by [[soapconfbackend|SOAP configuration backend]] and usable for specific development (see [[soapservices|SOAP services]] for more) 
 +  * **Internal REST server** used by [[restconfbackend|REST configuration backend]] and usable for specific development (see [[restservices|REST ​services]] for more)
   * Interactive **management of user passwords**:​   * Interactive **management of user passwords**:​
     * Password change form (in menu)     * Password change form (in menu)
Line 36: Line 37:
   - Check if URL asked is valid   - Check if URL asked is valid
   - Check if user is already authenticated   - Check if user is already authenticated
-    * If not authenticated (or authentication is forced) try to find it (userDB module) and to authenticate it (auth module), create session, calculate groups and macros and store them +    * If not authenticated (or authentication is forced) try to find it (userDB module) and to authenticate it (auth module), create session, ask for second factor if required, calculate groups and macros and store them. In 1.3, LL::NG has got a captcha feature which is used in this case. 
-  - Modify password if asked +  - Modify password if asked (password module) 
-  - Provides identity if asked+  - Provides identity if asked (IdP module)
   - Build [[ssocookie|cookie(s)]]   - Build [[ssocookie|cookie(s)]]
   - Redirect user to the asked URL or display menu   - Redirect user to the asked URL or display menu
  
 <​note>​See also [[:​documentation:​presentation#​kinematics|general kinematics presentation]].</​note>​ <​note>​See also [[:​documentation:​presentation#​kinematics|general kinematics presentation]].</​note>​