worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update doc (#1379)

Browse Source
environments/ppa-mbqj77/deployments/1
Xavier Guimard 7 years ago
parent 7c4748b51c
commit cd3e50cb9f
9 changed files with 316 additions and 43 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      doc/pages/documentation/current/applications/img/icons.png
  2. 4
      doc/pages/documentation/current/applications/img/loader.gif
  3. 6
      doc/pages/documentation/current/authrest.html
  4. 125
      doc/pages/documentation/current/rest2f.html
  5. 4
      doc/pages/documentation/current/restserverplugin
  6. 35
      doc/pages/documentation/current/start.html
  7. 26
      doc/pages/documentation/current/totp2f.html
  8. 30
      doc/pages/documentation/current/u2f.html
  9. 125
      po-doc/fr/pages/documentation/current/rest2f.html

4
doc/pages/documentation/current/applications/img/icons.png
Unescape View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=cf4c71aa95ca9de8db78e281e71fa354" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=5121361b80183f088d9f748a8b127b90" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1519247446" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1519384896" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

4
doc/pages/documentation/current/applications/img/loader.gif
Unescape View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=cf4c71aa95ca9de8db78e281e71fa354" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=5121361b80183f088d9f748a8b127b90" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1519247446" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1519384896" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

6
doc/pages/documentation/current/authrest.html
Unescape View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:authrest</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,authrest"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authrest.html"/>
@ -122,7 +122,7 @@ REST web services just have to respond with a “result” key in a JSON file. A
<div class="table sectionedit7"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Parameter </th><th class="col1 centeralign"> Query </th><th class="col2 centeralign"> Response </th>
<th class="col0 centeralign"> <abbr title="Uniform Resource Locator">URL</abbr> </th><th class="col1 centeralign"> Query </th><th class="col2 centeralign"> Response </th>
</tr>
</thead>
<tr class="row1 rowodd">
@ -138,7 +138,7 @@ REST web services just have to respond with a “result” key in a JSON file. A
<td class="col0 centeralign"> Password change <abbr title="Uniform Resource Locator">URL</abbr> </td><td class="col1"> JSON file: <code>{“user”:$user,“password”:$password}</code> </td><td class="col2"> JSON file: <code>{“result”:true/false}</code> </td>
</tr>
</table></div>
<!-- EDIT7 TABLE [824-1351] --><div class="notetip">To have only one call, you can set only REST authentication, set datas in “info” key response and set Null as User Database.
<!-- EDIT7 TABLE [824-1345] --><div class="notetip">To have only one call, you can set only REST authentication, set datas in “info” key response and set Null as User Database.
</div>
</div>
<!-- EDIT6 SECTION "REST Dialog" [614-] --></div>

125
doc/pages/documentation/current/rest2f.html
Unescape View File

@ -0,0 +1,125 @@
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:rest2f</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,rest2f"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="rest2f.html"/>
<link rel="contents" href="rest2f.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:rest2f","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script>
<!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#configuration">Configuration</a></div></li>
<li class="level1"><div class="li"><a href="#arguments">Arguments</a></div></li>
<li class="level1"><div class="li"><a href="#rest_dialog">REST Dialog</a></div></li>
</ul>
</div>
</div>
<!-- TOC END -->
<h1 class="sectionedit1" id="rest_second_factor">REST Second Factor</h1>
<div class="level1">
<p>
This plugin can be used to add a second factor for authentication (SMS, OTP,…). It uses external web service to send and validate the second factor.
</p>
</div>
<!-- EDIT1 SECTION "REST Second Factor" [1-186] -->
<h3 class="sectionedit2" id="configuration">Configuration</h3>
<div class="level3">
<p>
All parameters are configured in “General Parameters » Portal Parameters » Second Factors » REST 2nd Factor”.
</p>
<ul>
<li class="level1"><div class="li"> <strong>Activation</strong></div>
</li>
<li class="level1"><div class="li"> <strong>Init <abbr title="Uniform Resource Locator">URL</abbr></strong> <em>(optional)</em>: REST <abbr title="Uniform Resource Locator">URL</abbr> to initialize dialog <em>(send OTP)</em>. Leave it blank if your <abbr title="Application Programming Interface">API</abbr> doesn&#039;t need any initialization</div>
</li>
<li class="level1"><div class="li"> <strong>Init arguments</strong>: list of arguments to send <em>(see below)</em></div>
</li>
<li class="level1"><div class="li"> <strong>Verify <abbr title="Uniform Resource Locator">URL</abbr></strong> <em>(required)</em>: REST <abbr title="Uniform Resource Locator">URL</abbr> to verify code</div>
</li>
<li class="level1"><div class="li"> <strong>Verify arguments</strong>: list of arguments to send <em>(see below)</em></div>
</li>
<li class="level1"><div class="li"> <strong>Authentication Level</strong>: if you want to overwrite the value sent by your authentication module, you can define here the new authentication level. Example: 5</div>
</li>
</ul>
</div>
<!-- EDIT2 SECTION "Configuration" [187-837] -->
<h2 class="sectionedit3" id="arguments">Arguments</h2>
<div class="level2">
<p>
Arguments are a list of key/value. Key is the name of JSON entry, value is attribute or macro name.
</p>
<div class="noteimportant">For Verify <abbr title="Uniform Resource Locator">URL</abbr>, you should send $code at least
</div>
</div>
<!-- EDIT3 SECTION "Arguments" [838-1032] -->
<h2 class="sectionedit4" id="rest_dialog">REST Dialog</h2>
<div class="level2">
<p>
REST web services just have to respond with a “result” key in a JSON file. Auth/UserDB can add a “info” array to will be copied is session data (without reading “Exported variables”).
</p>
<div class="table sectionedit5"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> <abbr title="Uniform Resource Locator">URL</abbr> </th><th class="col1 centeralign"> Query </th><th class="col2 centeralign"> Response </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> Init <abbr title="Uniform Resource Locator">URL</abbr> </td><td class="col1"> JSON file: <code>{“user”:$user,…}</code> </td><td class="col2"> JSON file: <code>{“result”:true/false}</code> </td>
</tr>
<tr class="row2 roweven">
<td class="col0 centeralign"> Verify <abbr title="Uniform Resource Locator">URL</abbr> </td><td class="col1"> JSON file: <code>{“user”:$user,“code”:“$code”,…}</code> </td><td class="col2"> JSON file: <code>{“result”:true/false}</code> </td>
</tr>
</table></div>
<!-- EDIT5 TABLE [1243-1472] -->
</div>
<!-- EDIT4 SECTION "REST Dialog" [1033-] --></div>
</body>
</html>

4
doc/pages/documentation/current/restserverplugin
Unescape View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/restserverplugin?do=login&amp;sectok=cf4c71aa95ca9de8db78e281e71fa354" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/restserverplugin?do=login&amp;sectok=5121361b80183f088d9f748a8b127b90" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Arestserverplugin&amp;1519247470" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Arestserverplugin&amp;1519384915" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

35
doc/pages/documentation/current/start.html
Unescape View File

@ -347,13 +347,16 @@
<td class="col0"> <a href="external2f.html" class="wikilink1" title="documentation:2.0:external2f">External Second Factor</a> <em>(OTP, SMS,…)</em> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign"></td><td class="col2"></td><td class="col3"></td>
</tr>
<tr class="row34 roweven">
<th class="col0"> Auth addons </th><th class="col1 centeralign"> Authentication </th><td class="col2"></td><td class="col3"></td>
<td class="col0"> <a href="rest2f.html" class="wikilink1" title="documentation:2.0:rest2f">REST Second Factor</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign"></td><td class="col2"></td><td class="col3"></td>
</tr>
<tr class="row35 rowodd">
<th class="col0"> Auth addons </th><th class="col1 centeralign"> Authentication </th><td class="col2"></td><td class="col3"></td>
</tr>
<tr class="row36 roweven">
<td class="col0"> <a href="autosignin.html" class="wikilink1" title="documentation:2.0:autosignin">Auto Signin</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign"></td><td class="col2"></td><td class="col3"></td>
</tr>
</table></div>
<!-- EDIT9 TABLE [2221-4313] -->
<!-- EDIT9 TABLE [2221-4378] -->
<p>
</div></div>
</p>
@ -397,13 +400,13 @@
<td class="col0"> <a href="issuerdbget.html" class="wikilink1" title="documentation:2.0:issuerdbget">Get parameters provider</a> <em>(for poor applications)</em> </td><td class="col1 leftalign"> </td><td class="col2 centeralign"></td>
</tr>
</table></div>
<!-- EDIT10 TABLE [4659-5020] -->
<!-- EDIT10 TABLE [4724-5085] -->
<p>
</div></div>
</p>
</div>
<!-- EDIT8 SECTION "Portal" [1685-5048] -->
<!-- EDIT8 SECTION "Portal" [1685-5113] -->
<h3 class="sectionedit11" id="handlers">Handlers</h3>
<div class="level3">
@ -444,7 +447,7 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
<td class="col0"> <a href="applications/zimbra.html" class="wikilink1" title="documentation:2.0:applications:zimbra">Zimbra PreAuth</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 leftalign"> </td><td class="col4 leftalign"> </td>
</tr>
</table></div>
<!-- EDIT12 TABLE [5287-6120] -->
<!-- EDIT12 TABLE [5352-6185] -->
<p>
<em>(*): <a href="nodehandler.html" class="wikilink1" title="documentation:2.0:nodehandler">Node.js handler</a> has not yet reached the same level of functionality.</em>
</p>
@ -454,7 +457,7 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
</p>
</div>
<!-- EDIT11 SECTION "Handlers" [5049-6243] -->
<!-- EDIT11 SECTION "Handlers" [5114-6308] -->
<h3 class="sectionedit13" id="llng_databases">LLNG databases</h3>
<div class="level3">
@ -500,7 +503,7 @@ Handlers are software control agents to install on your web servers <em>(Nginx,
<td class="col0 centeralign"> <a href="restconfbackend.html" class="wikilink1" title="documentation:2.0:restconfbackend">REST</a> <a href="new.png" class="media" title="documentation:2.0:new.png"><img src="new.edf565b3f89a0ad56df9a5e7a31a6de8.png" class="media" alt="" width="35" /></a> </td><td class="col1 centeralign"></td><td class="col2 leftalign"> Proxy backend to be used in conjunction with another configuration backend. <br/><strong>Can be used to secure another backend</strong> for remote servers. </td>
</tr>
</table></div>
<!-- EDIT14 TABLE [6542-7524] --><div class="notetip">You can not start with an empty configuration, so read <a href="changeconfbackend.html" class="wikilink1" title="documentation:2.0:changeconfbackend">how to change configuration backend</a> to convert your existing configuration into another one.
<!-- EDIT14 TABLE [6607-7589] --><div class="notetip">You can not start with an empty configuration, so read <a href="changeconfbackend.html" class="wikilink1" title="documentation:2.0:changeconfbackend">how to change configuration backend</a> to convert your existing configuration into another one.
</div>
<p>
</div></div>
@ -555,13 +558,13 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
<strong>Can be used to secure another backend</strong> for remote servers. </td>
</tr>
</table></div>
<!-- EDIT15 TABLE [8389-10068] -->
<!-- EDIT15 TABLE [8454-10133] -->
<p>
</div></div>
</p>
</div>
<!-- EDIT13 SECTION "LLNG databases" [6244-10096] -->
<!-- EDIT13 SECTION "LLNG databases" [6309-10161] -->
<h2 class="sectionedit16" id="applications_protection">Applications protection</h2>
<div class="level2">
@ -590,7 +593,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT16 SECTION "Applications protection" [10097-10587] -->
<!-- EDIT16 SECTION "Applications protection" [10162-10652] -->
<h3 class="sectionedit17" id="well_known_compatible_applications">Well known compatible applications</h3>
<div class="level3">
<div class="noteclassic">Here is a list of well known applications that are compatible with <abbr title="LemonLDAP::NG">LL::NG</abbr>. A full list is available on <a href="applications.html" class="wikilink1" title="documentation:2.0:applications">vendor applications page</a>.
@ -682,7 +685,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT17 SECTION "Well known compatible applications" [10588-12668] -->
<!-- EDIT17 SECTION "Well known compatible applications" [10653-12733] -->
<h2 class="sectionedit18" id="advanced_features">Advanced features</h2>
<div class="level2">
@ -735,7 +738,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT18 SECTION "Advanced features" [12669-13717] -->
<!-- EDIT18 SECTION "Advanced features" [12734-13782] -->
<h2 class="sectionedit19" id="mini_howtos">Mini howtos</h2>
<div class="level2">
@ -766,7 +769,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT19 SECTION "Mini howtos" [13718-14387] -->
<!-- EDIT19 SECTION "Mini howtos" [13783-14452] -->
<h2 class="sectionedit20" id="exploitation">Exploitation</h2>
<div class="level2">
@ -799,7 +802,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT20 SECTION "Exploitation" [14388-14808] -->
<!-- EDIT20 SECTION "Exploitation" [14453-14873] -->
<h2 class="sectionedit21" id="bug_report">Bug report</h2>
<div class="level2">
@ -808,7 +811,7 @@ See <a href="bugreport.html" class="wikilink1" title="bugreport">How to report a
</p>
</div>
<!-- EDIT21 SECTION "Bug report" [14809-14873] -->
<!-- EDIT21 SECTION "Bug report" [14874-14938] -->
<h2 class="sectionedit22" id="developer_corner">Developer corner</h2>
<div class="level2">
@ -879,6 +882,6 @@ To translate this doc (Manager help):
</ul>
</div>
<!-- EDIT22 SECTION "Developer corner" [14874-] --></div>
<!-- EDIT22 SECTION "Developer corner" [14939-] --></div>
</body>
</html>

26
doc/pages/documentation/current/totp2f.html
Unescape View File

@ -50,6 +50,7 @@
<ul class="toc">
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div></li>
<li class="level1"><div class="li"><a href="#enrollment">Enrollment</a></div></li>
<li class="level1"><div class="li"><a href="#assistance">Assistance</a></div></li>
<li class="level1"><div class="li"><a href="#developer_corner">Developer corner</a></div></li>
</ul>
@ -82,7 +83,7 @@ In the manager (advanced parameters), you just have to enable it:
</li>
<li class="level1"><div class="li"> TOTP ⇒ Self registration: set it to “on” <em>(to display this application on the menu, create an application that points to <a href="https://auth.your.domain/totpregister.html" class="urlextern" title="https://auth.your.domain/totpregister.html" rel="nofollow">https://auth.your.domain/totpregister.html</a>)</em></div>
</li>
<li class="level1"><div class="li"> TOTP ⇒ Authentication level: you can overwrite here auth level for TOTP registered users. Leave it blank keeps auth level provided by first authentication module <em>(default: 2 for user/password based modules)</em></div>
<li class="level1"><div class="li"> TOTP ⇒ Authentication level: you can overwrite here auth level for TOTP registered users. Leave it blank keeps auth level provided by first authentication module <em>(default: 2 for user/password based modules)</em>. <strong>It is recommended to set an higher value here if you want to give access to some apps only to users enrolled</strong></div>
</li>
<li class="level1"><div class="li"> TOTP ⇒ Issuer: default to portal hostname</div>
</li>
@ -96,8 +97,17 @@ In the manager (advanced parameters), you just have to enable it:
<div class="noteimportant">If you want to use a custom rule for “activation” and want to keep self-registration, you must include this in your rule that <code>$_totp2fSecret</code> is set, else TOTP will be required even if users are not registered. This is automatically done when “activation” is simply set to “on”.
</div>
</div>
<!-- EDIT2 SECTION "Configuration" [634-1701] -->
<h2 class="sectionedit3" id="assistance">Assistance</h2>
<!-- EDIT2 SECTION "Configuration" [634-1815] -->
<h2 class="sectionedit3" id="enrollment">Enrollment</h2>
<div class="level2">
<p>
If you&#039;ve enabled self registration, users can get their key using <a href="https://portal/totpregister.html" class="urlextern" title="https://portal/totpregister.html" rel="nofollow">https://portal/totpregister.html</a>
</p>
</div>
<!-- EDIT3 SECTION "Enrollment" [1816-1940] -->
<h2 class="sectionedit4" id="assistance">Assistance</h2>
<div class="level2">
<p>
@ -105,14 +115,14 @@ If a user lost its key, you may remove it&#039;s persistent session using the se
</p>
</div>
<!-- EDIT3 SECTION "Assistance" [1702-1817] -->
<h2 class="sectionedit4" id="developer_corner">Developer corner</h2>
<!-- EDIT4 SECTION "Assistance" [1941-2056] -->
<h2 class="sectionedit5" id="developer_corner">Developer corner</h2>
<div class="level2">
<p>
If you have another TOTP registration interface, you have to populate session (using exported variables) to set these keys:
</p>
<div class="table sectionedit5"><table class="inline table table-bordered table-striped">
<div class="table sectionedit6"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> Name </th><th class="col1"> Value </th>
@ -125,8 +135,8 @@ If you have another TOTP registration interface, you have to populate session (u
<td class="col0"> _u2fUserKey </td><td class="col1"> user key value, base64 encoded </td>
</tr>
</table></div>
<!-- EDIT5 TABLE [1973-2091] -->
<!-- EDIT6 TABLE [2212-2330] -->
</div>
<!-- EDIT4 SECTION "Developer corner" [1818-] --></div>
<!-- EDIT5 SECTION "Developer corner" [2057-] --></div>
</body>
</html>

30
doc/pages/documentation/current/u2f.html
Unescape View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:u2f</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,u2f"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="u2f.html"/>
@ -52,6 +52,7 @@
<li class="level1"><div class="li"><a href="#prerequisites_and_dependencies">Prerequisites and dependencies</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div></li>
<li class="level1"><div class="li"><a href="#browser_compatibility">Browser compatibility</a></div></li>
<li class="level1"><div class="li"><a href="#enrollment">Enrollment</a></div></li>
<li class="level1"><div class="li"><a href="#assistance">Assistance</a></div></li>
<li class="level1"><div class="li"><a href="#developer_corner">Developer corner</a></div></li>
</ul>
@ -94,13 +95,13 @@ In the manager (advanced parameters), you just have to enable it:
</li>
<li class="level1"><div class="li"> U2F ⇒ Self registration: set it to “on” <em>(to display this application on the menu, create an application that points to <a href="https://auth.your.domain/u2fregister.html" class="urlextern" title="https://auth.your.domain/u2fregister.html" rel="nofollow">https://auth.your.domain/u2fregister.html</a>)</em></div>
</li>
<li class="level1"><div class="li"> U2F ⇒ Authentication level: you can overwrite here auth level for U2F registered users. Leave it blank keeps auth level provided by first authentication module <em>(default: 2 for user/password based modules)</em></div>
<li class="level1"><div class="li"> U2F ⇒ Authentication level: you can overwrite here auth level for U2F registered users. Leave it blank keeps auth level provided by first authentication module <em>(default: 2 for user/password based modules)</em>. <strong>It is recommended to set an higher value here if you want to give access to some apps only to users enrolled</strong></div>
</li>
</ul>
<div class="noteimportant">If you want to use a custom rule for “activation” and want to keep self-registration, you must include this in your rule: <code>$_u2fKeyHandle and $_u2fUserKey</code>, else U2F will be required even if users are not registered. This is automatically done when “activation” is simply set to “on”.
</div>
</div>
<!-- EDIT3 SECTION "Configuration" [874-1701] -->
<!-- EDIT3 SECTION "Configuration" [874-1815] -->
<h2 class="sectionedit4" id="browser_compatibility">Browser compatibility</h2>
<div class="level2">
<ul>
@ -121,8 +122,17 @@ In the manager (advanced parameters), you just have to enable it:
</ul>
</div>
<!-- EDIT4 SECTION "Browser compatibility" [1702-2139] -->
<h2 class="sectionedit5" id="assistance">Assistance</h2>
<!-- EDIT4 SECTION "Browser compatibility" [1816-2253] -->
<h2 class="sectionedit5" id="enrollment">Enrollment</h2>
<div class="level2">
<p>
If you&#039;ve enabled self registration, users can register their FIDO key using <a href="https://portal/u2fregister.html" class="urlextern" title="https://portal/u2fregister.html" rel="nofollow">https://portal/u2fregister.html</a>
</p>
</div>
<!-- EDIT5 SECTION "Enrollment" [2254-2387] -->
<h2 class="sectionedit6" id="assistance">Assistance</h2>
<div class="level2">
<p>
@ -130,14 +140,14 @@ If a user lost its key, you may remove it&#039;s persistent session using the se
</p>
</div>
<!-- EDIT5 SECTION "Assistance" [2140-2255] -->
<h2 class="sectionedit6" id="developer_corner">Developer corner</h2>
<!-- EDIT6 SECTION "Assistance" [2388-2503] -->
<h2 class="sectionedit7" id="developer_corner">Developer corner</h2>
<div class="level2">
<p>
If you have another U2F registration interface, you have to populate session (using exported variables) to set these keys:
</p>
<div class="table sectionedit7"><table class="inline table table-bordered table-striped">
<div class="table sectionedit8"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0"> Name </th><th class="col1"> Value </th>
@ -150,12 +160,12 @@ If you have another U2F registration interface, you have to populate session (us
<td class="col0"> _u2fUserKey </td><td class="col1"> user key value, base64 encoded </td>
</tr>
</table></div>
<!-- EDIT7 TABLE [2410-2528] -->
<!-- EDIT8 TABLE [2658-2776] -->
<p>
Note that both “origin” and “appId” are fixed to portal <abbr title="Uniform Resource Locator">URL</abbr>.
</p>
</div>
<!-- EDIT6 SECTION "Developer corner" [2256-] --></div>
<!-- EDIT7 SECTION "Developer corner" [2504-] --></div>
</body>
</html>

125
po-doc/fr/pages/documentation/current/rest2f.html
Unescape View File

@ -0,0 +1,125 @@
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:rest2f</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,rest2f"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="rest2f.html"/>
<link rel="contents" href="rest2f.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:rest2f","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script>
<!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#configuration">Configuration</a></div></li>
<li class="level1"><div class="li"><a href="#arguments">Arguments</a></div></li>
<li class="level1"><div class="li"><a href="#rest_dialog">REST Dialog</a></div></li>
</ul>
</div>
</div>
<!-- TOC END -->
<h1 class="sectionedit1" id="rest_second_factor">REST Second Factor</h1>
<div class="level1">
<p>
This plugin can be used to add a second factor for authentication (SMS, OTP,…). It uses external web service to send and validate the second factor.
</p>
</div>
<!-- EDIT1 SECTION "REST Second Factor" [1-186] -->
<h3 class="sectionedit2" id="configuration">Configuration</h3>
<div class="level3">
<p>
All parameters are configured in “General Parameters » Portal Parameters » Second Factors » REST 2nd Factor”.
</p>
<ul>
<li class="level1"><div class="li"> <strong>Activation</strong></div>
</li>
<li class="level1"><div class="li"> <strong>Init <abbr title="Uniform Resource Locator">URL</abbr></strong> <em>(optional)</em>: REST <abbr title="Uniform Resource Locator">URL</abbr> to initialize dialog <em>(send OTP)</em>. Leave it blank if your <abbr title="Application Programming Interface">API</abbr> doesn&#039;t need any initialization</div>
</li>
<li class="level1"><div class="li"> <strong>Init arguments</strong>: list of arguments to send <em>(see below)</em></div>
</li>
<li class="level1"><div class="li"> <strong>Verify <abbr title="Uniform Resource Locator">URL</abbr></strong> <em>(required)</em>: REST <abbr title="Uniform Resource Locator">URL</abbr> to verify code</div>
</li>
<li class="level1"><div class="li"> <strong>Verify arguments</strong>: list of arguments to send <em>(see below)</em></div>
</li>
<li class="level1"><div class="li"> <strong>Authentication Level</strong>: if you want to overwrite the value sent by your authentication module, you can define here the new authentication level. Example: 5</div>
</li>
</ul>
</div>
<!-- EDIT2 SECTION "Configuration" [187-837] -->
<h2 class="sectionedit3" id="arguments">Arguments</h2>
<div class="level2">
<p>
Arguments are a list of key/value. Key is the name of JSON entry, value is attribute or macro name.
</p>
<div class="noteimportant">For Verify <abbr title="Uniform Resource Locator">URL</abbr>, you should send $code at least
</div>
</div>
<!-- EDIT3 SECTION "Arguments" [838-1032] -->
<h2 class="sectionedit4" id="rest_dialog">REST Dialog</h2>
<div class="level2">
<p>
REST web services just have to respond with a “result” key in a JSON file. Auth/UserDB can add a “info” array to will be copied is session data (without reading “Exported variables”).
</p>
<div class="table sectionedit5"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> <abbr title="Uniform Resource Locator">URL</abbr> </th><th class="col1 centeralign"> Query </th><th class="col2 centeralign"> Response </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> Init <abbr title="Uniform Resource Locator">URL</abbr> </td><td class="col1"> JSON file: <code>{“user”:$user,…}</code> </td><td class="col2"> JSON file: <code>{“result”:true/false}</code> </td>
</tr>
<tr class="row2 roweven">
<td class="col0 centeralign"> Verify <abbr title="Uniform Resource Locator">URL</abbr> </td><td class="col1"> JSON file: <code>{“user”:$user,“code”:“$code”,…}</code> </td><td class="col2"> JSON file: <code>{“result”:true/false}</code> </td>
</tr>
</table></div>
<!-- EDIT5 TABLE [1243-1472] -->
</div>
<!-- EDIT4 SECTION "REST Dialog" [1033-] --></div>
</body>
</html>
Write Preview
Loading…
Cancel
Save