Differences

This shows you the differences between two versions of the page.

Link to this comparison view

documentation:latest:soapsessionbackend [2016/07/19 12:10]
127.0.0.1 external edit
documentation:latest:soapsessionbackend [2019/04/04 20:34]
Line 1: Line 1:
-====== SOAP session backend ====== 
  
-LL::NG portal provides SOAP end points for sessions management: 
-  * **sessions/​**:​ read only access to sessions (enough for distant Handlers) 
-  * **adminSessions/​**:​ read/write access to sessions (required for distant Portal, distant Manager or distant Handlers which modify sessions) 
- 
-This session backend can be used to share sessions stored in a non-network backend (like [[filesessionbackend|file session backend]]) or in a network backend protected with a firewall that only accepts HTTP flows. 
- 
-Most of the time, SOAP session backend is used by Handlers installed on external servers. 
- 
-To configure it, SOAP session backend will be set trough Manager in global configuration (used by all Hanlders), and the real session backend will be configured for local components in lemonldap-ng.ini. 
- 
-===== Setup ===== 
- 
-==== Manager ==== 
- 
-First, active SOAP in ''​General parameters''​ » ''​Advanced parameters''​ » ''​SOAP''​. 
- 
-Then, set ''​Lemonldap::​NG::​Common::​Apache::​Session::​SOAP''​ in ''​General parameters''​ » ''​Sessions''​ » ''​Session storage''​ » ''​Apache::​Session module''​ and add the following parameters (case sensitive): 
- 
-^  Required parameters ​ ^^^ 
-^  Name  ^  Comment ​ ^  Example ​ ^ 
-|  **proxy** ​ | URL of sessions SOAP end point | %%http://​auth.example.com/​index.pl/​sessions%% | 
- 
-<note tip>Use /​adminSessions if the Handler need to modify the session, for example if you configured an idle timeout.</​note>​ 
- 
-==== Apache ==== 
- 
-Sessions SOAP end points access must be allowed in Apache portal configuration (for example, access by IP range): 
- 
-<file apache> 
-# SOAP functions for sessions management (disabled by default) 
-<​Location /​index.pl/​adminSessions>​ 
-    Order deny,allow 
-    Deny from all 
-    Allow from 192.168.2.0/​24 
-</​Location>​ 
- 
-# SOAP functions for sessions access (disabled by default) 
-<​Location /​index.pl/​sessions>​ 
-    Order deny,allow 
-    Deny from all 
-    Allow from 192.168.2.0/​24 
-</​Location>​ 
-</​file>​ 
- 
-==== Real session backend ==== 
- 
-Real session backend will be configured in ''​lemonldap-ng.ini'',​ in ''​portal''​ section (the portal hosts the SOAP service for sessions, and will do the link between SOAP requests and real sessions). 
- 
-For example, if real sessions are stored in [[filesessionbackend|files]]:​ 
- 
-<file ini> 
-[portal] 
-globalStorage = Apache::​Session::​File 
-globalStorageOptions = { '​Directory'​ => '/​var/​lib/​lemonldap-ng/​sessions/',​ '​LockDirectory'​ => '/​var/​lib/​lemonldap-ng/​sessions/​lock/',​ } 
-</​file>​ 
- 
-<note tip>If your sessions explorer is on the same server that the portal, either use the **adminSessions** end point in Manager configuration,​ or override the ''​globalStorage''​ and ''​globalStorageOptions''​ parameters in section all (and not portal) of ''​lemonldap-ng.ini''​. </​note>​