<!DOCTYPE html>
< html lang = "en" dir = "ltr" >
< head >
< meta charset = "utf-8" / >
< title > documentation:2.0:restsessionbackend< / title >
< meta name = "generator" content = "DokuWiki" / >
< meta name = "robots" content = "index,follow" / >
< meta name = "keywords" content = "documentation,2.0,restsessionbackend" / >
< link rel = "search" type = "application/opensearchdescription+xml" href = "lib/exe/opensearch.html" title = "LemonLDAP::NG" / >
< link rel = "start" href = "restsessionbackend.html" / >
< link rel = "contents" href = "restsessionbackend.html" title = "Sitemap" / >
< link rel = "stylesheet" type = "text/css" href = "lib/exe/css.php.t.bootstrap3.css" / >
<!-- //if:usedebianlibs
< link rel = "stylesheet" type = "text/css" href = "/javascript/bootstrap/css/bootstrap.min.css" / >
//elsif:useexternallibs
< link rel = "stylesheet" type = "text/css" href = "https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" > < / script >
//elsif:cssminified
< link rel = "stylesheet" type = "text/css" href = "/static/bwr/bootstrap/dist/css/bootstrap.min.css" / >
//else -->
< link rel = "stylesheet" type = "text/css" href = "/static/bwr/bootstrap/dist/css/bootstrap.css" / >
<!-- //endif -->
< script type = "text/javascript" > / * < ! [ C D A T A [ * / v a r N S = ' d o c u m e n t a t i o n : 2 . 0 ' ; v a r J S I N F O = { " i d " : " d o c u m e n t a t i o n : 2 . 0 : r e s t s e s s i o n b a c k e n d " , " n a m e s p a c e " : " d o c u m e n t a t i o n : 2 . 0 " } ;
/*!]]>*/< / script >
< script type = "text/javascript" charset = "utf-8" src = "lib/exe/js.php.t.bootstrap3.js" > < / script >
<!-- //if:usedebianlibs
< script type = "text/javascript" src = "/javascript/jquery/jquery.min.js" > < / script >
//elsif:useexternallibs
< script type = "text/javascript" src = "http://code.jquery.com/jquery-2.2.0.min.js" > < / script >
//elsif:jsminified
< script type = "text/javascript" src = "/static/bwr/jquery/dist/jquery.min.js" > < / script >
//else -->
< script type = "text/javascript" src = "/static/bwr/jquery/dist/jquery.js" > < / script >
<!-- //endif -->
<!-- //if:usedebianlibs
< script type = "text/javascript" src = "/javascript/jquery-ui/jquery-ui.min.js" > < / script >
//elsif:useexternallibs
< script type = "text/javascript" src = "http://code.jquery.com/ui/1.10.4/jquery-ui.min.js" > < / script >
//elsif:jsminified
< script type = "text/javascript" src = "/static/bwr/jquery-ui/jquery-ui.min.js" > < / script >
//else -->
< script type = "text/javascript" src = "/static/bwr/jquery-ui/jquery-ui.js" > < / script >
<!-- //endif -->
< / head >
< body >
< div class = "dokuwiki export container" >
<!-- TOC START -->
< div id = "dw__toc" >
< h3 class = "toggle" > Table of Contents< / h3 >
< div >
< ul class = "toc" >
< li class = "level1" > < div class = "li" > < a href = "#setup" > Setup< / a > < / div >
< ul class = "toc" >
< li class = "level2" > < div class = "li" > < a href = "#manager" > Manager< / a > < / div > < / li >
< li class = "level2" > < div class = "li" > < a href = "#apache" > Apache< / a > < / div > < / li >
< li class = "level2" > < div class = "li" > < a href = "#real_session_backend" > Real session backend< / a > < / div > < / li >
< / ul > < / li >
< / ul >
< / div >
< / div >
<!-- TOC END -->
< h1 class = "sectionedit1" id = "rest_session_backend" > REST session backend< / h1 >
< div class = "level1" >
< p >
< abbr title = "LemonLDAP::NG" > LL::NG< / abbr > portal provides REST end points for sessions management:
< / p >
< ul >
< li class = "level1" > < div class = "li" > GET /sessions/< type> /< session-id> : get session datas< / div >
< / li >
< li class = "level1" > < div class = "li" > GET /sessions/< type> /< session-id> /< key> : get a session key value< / div >
< / li >
< li class = "level1" > < div class = "li" > GET /sessions/< type> /< session-id> /[k1,k2] : get some session key value< / div >
< / li >
< li class = "level1" > < div class = "li" > POST /sessions/< type> : create a session< / div >
< / li >
< li class = "level1" > < div class = "li" > PUT /sessions/< type> /< session-id> : update some keys< / div >
< / li >
< li class = "level1" > < div class = "li" > DELETE /sessions/< type> /< session-id> : delete a session< / div >
< / li >
< / ul >
< p >
Sessions for connected users < em > (used by < a href = "authproxy.html" class = "wikilink1" title = "documentation:2.0:authproxy" > LLNG Proxy< / a > )< / em > :
< / p >
< ul >
< li class = "level1" > < div class = "li" > GET /session/my/< type> : get session datas< / div >
< / li >
< li class = "level1" > < div class = "li" > GET /session/my/< type> /key : get session key< / div >
< / li >
< li class = "level1" > < div class = "li" > DELETE /session/my : ask for logout< / div >
< / li >
< / ul >
< p >
Authorizations for connected users (always enabled):
< / p >
< ul >
< li class = "level1" > < div class = "li" > GET /mysession/?authorizationfor=< base64-encoded-url> : ask if url is authorizated< / div >
< / li >
< / ul >
< p >
This session backend can be used to share sessions stored in a non-network backend (like < a href = "filesessionbackend.html" class = "wikilink1" title = "documentation:2.0:filesessionbackend" > file session backend< / a > ) or in a network backend protected with a firewall that only accepts HTTP flows.
< / p >
< p >
Most of the time, REST session backend is used by Handlers installed on external servers.
< / p >
< p >
To configure it, REST session backend will be set trough Manager in global configuration (used by all Handlers), and the real session backend will be configured for local components in lemonldap-ng.ini.
< / p >
< / div >
<!-- EDIT1 SECTION "REST session backend" [1 - 1432] -->
< h2 class = "sectionedit2" id = "setup" > Setup< / h2 >
< div class = "level2" >
< / div >
<!-- EDIT2 SECTION "Setup" [1433 - 1451] -->
< h3 class = "sectionedit3" id = "manager" > Manager< / h3 >
< div class = "level3" >
< p >
First, activate REST in < code > General parameters< / code > » < code > Plugins< / code > » < code > Portal servers< / code > » < code > REST session server< / code > .
< / p >
< p >
Then, set < code > Lemonldap::NG::Common::Apache::Session::REST< / code > in < code > General parameters< / code > » < code > Sessions< / code > » < code > Session storage< / code > » < code > Apache::Session module< / code > and add the following parameters (case sensitive):
< / p >
< div class = "table sectionedit4" > < table class = "inline table table-bordered table-striped" >
< thead >
< tr class = "row0 roweven" >
< th class = "col0 centeralign" colspan = "3" > Required parameters < / th >
< / tr >
< tr class = "row1 rowodd" >
< th class = "col0 centeralign" > Name < / th > < th class = "col1 centeralign" > Comment < / th > < th class = "col2 centeralign" > Example < / th >
< / tr >
< / thead >
< tr class = "row2 roweven" >
< td class = "col0 centeralign" > < strong > baseUrl< / strong > < / td > < td class = "col1" > < abbr title = "Uniform Resource Locator" > URL< / abbr > of sessions REST end point < / td > < td class = "col2" > http://auth.example.com/index.fcgi/sessions/global < / td >
< / tr >
< tr class = "row3 rowodd" >
< th class = "col0 centeralign" colspan = "3" > Optional parameters < / th >
< / tr >
< tr class = "row4 roweven" >
< td class = "col0 centeralign" > < strong > user< / strong > < / td > < td class = "col1" > Username to use for auth basic mechanism < / td > < td class = "col2 leftalign" > < / td >
< / tr >
< tr class = "row5 rowodd" >
< td class = "col0 centeralign" > < strong > password< / strong > < / td > < td class = "col1" > Password to use for auth basic mechanism < / td > < td class = "col2 leftalign" > < / td >
< / tr >
< / table > < / div >
<!-- EDIT4 TABLE [1790 - 2116] -->
< / div >
<!-- EDIT3 SECTION "Manager" [1452 - 2117] -->
< h3 class = "sectionedit5" id = "apache" > Apache< / h3 >
< div class = "level3" >
< p >
Sessions REST end points access must be allowed in Apache portal configuration (for example, access by < abbr title = "Internet Protocol" > IP< / abbr > range):
< / p >
< pre class = "code file apache" > < span class = "co1" > # REST/SOAP functions for sessions access (disabled by default)< / span >
< < span class = "kw3" > Location< / span > /index.fcgi/sessions>
< span class = "kw1" > Require< / span > 192.168.2.0/< span class = "nu0" > 24< / span >
< /< span class = "kw3" > Location< / span > > < / pre >
< / div >
<!-- EDIT5 SECTION "Apache" [2118 - 2408] -->
< h3 class = "sectionedit6" id = "real_session_backend" > Real session backend< / h3 >
< div class = "level3" >
< p >
Real session backend will be configured in < code > lemonldap-ng.ini< / code > , in < code > portal< / code > section (the portal hosts the REST service for sessions, and will do the link between REST requests and real sessions).
< / p >
< p >
For example, if real sessions are stored in < a href = "filesessionbackend.html" class = "wikilink1" title = "documentation:2.0:filesessionbackend" > files< / a > :
< / p >
< pre class = "code file ini" > < span class = "re0" > < span class = "br0" > [ < / span > portal< span class = "br0" > ] < / span > < / span >
< span class = "re1" > globalStorage< / span > < span class = "sy0" > =< / span > < span class = "re2" > Apache::Session::File< / span >
< span class = "re1" > globalStorageOptions< / span > < span class = "sy0" > =< / span > < span class = "re2" > < span class = "br0" > { < / span > 'Directory' < span class = "sy0" > =< / span > > '/var/lib/lemonldap-ng/sessions/', 'LockDirectory' < span class = "sy0" > =< / span > > '/var/lib/lemonldap-ng/sessions/lock/', < span class = "br0" > } < / span > < / span > < / pre >
< div class = "notetip" > Session explorer and “single session” features can' t be used using this backend. Session explorer and portal must be launched with real backend.
< / div >
< / div >
<!-- EDIT6 SECTION "Real session backend" [2409 - ] --> < / div >
< / body >
< / html >
