Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
documentation:quickstart [2018/05/17 15:25]
xguimard [Apache] 		documentation:quickstart [2019/04/26 15:41] (current)
coudot
Line 3: Line 3:
 <note important>​ <note important>​
 This tutorial will guide you into a minimal installation and configuration procedure. You need some prerequisites:​ This tutorial will guide you into a minimal installation and configuration procedure. You need some prerequisites:​
-  * A computer with a GNU/​Linux ​or recent ​UNIX system +  * A computer with a GNU/Linux recent ​distribution (Debian, Ubuntu, CentOS, RHEL, ...) with root privileges 
-  * A web browser ​launched from the computer (to access ​localhost)+  * A web browser 
 +  * The possibility ​to update your local ''​hosts''​ file, or an easy access ​to your DNS server
   * A cup of coffee (or tea, we are open minded)   * A cup of coffee (or tea, we are open minded)
 </​note>​ </​note>​
Line 10: Line 11:
 ===== Installation ===== ===== Installation =====
  
-You can install Lemonldap::​NG using [[:download|packages]] (rpm or deb) or by hand as described below.+You should ​install Lemonldap::​NG using packages, but you can also install it from [[:documentation::​latest:​installtarball|the tarball]].
  
-LemonLDAP::​NG is written in Perl and requires a lot of Perl dependencies. [[:​documentation:​latest:​prereq|You must install them first]]. +==== Debian / Ubuntu ​====
- +
-Get the tarball on [[:​download|download page]] and follow next steps (or install using [[:​documentation:​latest:​installrpm|RPM]] or [[:​documentation:​latest:​installdeb|Debian]] packages):​ +
- +
-==== Extract ​====+
  
 <​code>​ <​code>​
-tar zxvf lemonldap-ng-*.tar.gz +apt install apt-transport-https 
-cd lemonldap-ng-*+wget -O - https://lemonldap-ng.org/​_media/​rpm-gpg-key-ow2 | apt-key add - 
 +echo "deb https://​lemonldap-ng.org/deb stable main" > /​etc/​apt/​sources.list.d/lemonldap-ng.list 
 +apt update 
 +apt install lemonldap-ng
 </​code>​ </​code>​
  
-==== Build ====+==== CentOS / RHEL ====
  
 <​code>​ <​code>​
-make +curl https://​lemonldap-ng.org/​_media/​rpm-gpg-key-ow2 > /​etc/​pki/​rpm-gpg/​RPM-GPG-KEY-OW2 
-make test+echo "​[lemonldap-ng] 
 +name=LemonLDAP::​NG packages 
 +baseurl=https://​lemonldap-ng.org/​redhat/​stable/​$releasever/​noarch 
 +enabled=1 
 +gpgcheck=1 
 +gpgkey=file:///​etc/​pki/​rpm-gpg/​RPM-GPG-KEY-OW2"​ > /​etc/​yum.repos.d/​lemonldap-ng.repo 
 +yum update 
 +yum install lemonldap-ng
 </​code>​ </​code>​
  
-==== Install ​====+===== SSO domain configuration =====
  
 +The defaut SSO domain is ''​example.com''​. You can keep it for your tests or change it, for example for ''​mydomain.com'':​
 <​code>​ <​code>​
-sudo make install+sed -i '​s/​example\.com/​mydomain.com/​g'​ /​etc/​lemonldap-ng/​* /​var/​lib/​lemonldap-ng/​conf/​lmConf-1.json 
 +sed -i '​s/​example\.com/​mydomain.com/​g'​ /​etc/​nginx/​conf.d/​* 
 +sed -i '​s/​example\.com/​mydomain.com/​g'​ /​etc/​httpd/​conf.d/​* 
 +sed -i '​s/​example\.com/​mydomain.com/​g'​ /​etc/​apache2/​sites-available/​*
 </​code>​ </​code>​
  
-===== Configuration =====+In order to be able to test, update your DNS or your local ''​hosts''​ file to map this names to the SSO server IP: 
 +  * auth.mydomain.com 
 +  * manager.mydomain.com 
 +  * test1.mydomain.com 
 +  * test2.mydomain.com
  
-==== System ==== +For example on your local computer:
- +
-Update ​your /etc/hosts to map SSO URLs to localhost:+
 <​code>​ <​code>​
-sudo make postconf+echo "​192.168.1.30 auth.mydomain.com manager.mydomain.com test1.mydomain.com test2.mydomain.com"​ >> /​etc/​hosts ​
 </​code>​ </​code>​
  
-==== Apache ​====+===== Run =====
  
-Include ​LemonLDAP::​NG ​configuration in your main Apache configuration:​ +Since LemonLDAP::​NG ​1.2, the [[:documentation:latest:authdemo|demonstration backend]] is configured by default
- +
-<file apache>​ +
-include /​usr/​local/​lemonldap-ng/​etc/​portal-apache2.conf +
-include /​usr/​local/​lemonldap-ng/​etc/​handler-apache2.conf +
-include /​usr/​local/​lemonldap-ng/​etc/​manager-apache2.conf +
-include /​usr/​local/​lemonldap-ng/​etc/​test-apache2.conf +
-</​file>​ +
- +
-Restart Apache: +
-<​code>​ +
-sudo apachectl configtest +
-sudo apachectl restart +
-</​code>​ +
- +
-==== Nginx ==== +
- +
-Include LemonLDAP::NG configuration in your Nginx configuration +
- +
-<file nginx> +
-include /​usr/​local/​lemonldap-ng/​etc/​portal-nginx.conf; +
-include /​usr/​local/​lemonldap-ng/​etc/​handler-nginx.conf;​ +
-include /​usr/​local/​lemonldap-ng/​etc/​manager-nginx.conf;​ +
-include /​usr/​local/​lemonldap-ng/​etc/​test-nginx.conf;​ +
-</​file>​ +
- +
-Restart Nginx: +
-<​code>​ +
-sudo nginx -t +
-sudo service nginx restart +
-</​code>​ +
-===== Run =====+
  
-Since LemonLDAP::​NG 1.2, the [[:​documentation:​latest:​authdemo|demonstration backend]] is configured by default. ​Demonstration backend has hard coded user accounts:+Demonstration backend has hard coded user accounts:
  
 ^ Login  ^ Password ^ Role ^ ^ Login  ^ Password ^ Role ^
Line 90: Line 72:
 ==== Open SSO session ==== ==== Open SSO session ====
  
-Go on http://​auth.example.com and log with one of the demonstration account.+Go on http://​auth.mydomain.com and log with one of the demonstration account.
  
 ==== Access protected application ==== ==== Access protected application ====
  
-Try http://​test1.example.com or http://​test2.example.com+Try http://​test1.mydomain.com or http://​test2.mydomain.com
  
 ==== Edit configuration ==== ==== Edit configuration ====
  
-Log with the dwho account and go on http://​manager.example.com +Log with the dwho account and go on http://​manager.mydomain.com