moved part of the documentation from INSTALL to doc/manual.txt.
This commit is contained in:
parent
244c53a6cf
commit
bcfb981810
45
INSTALL
45
INSTALL
|
@ -52,51 +52,6 @@ places for CGI. You can copy them (they are the executables in src/) in your
|
|||
favourite place. Note that if you want to use HTTP authentication;
|
||||
``singleSignOn`` should be installed in a different directory.
|
||||
|
||||
Apache Configuration
|
||||
====================
|
||||
|
||||
Imagine ``soapEndPoint`` has been installed in ``/usr/lib/cgi-bin/idpc/`` and
|
||||
``singleSignOn`` in ``/usr/lib/cgi-bin/idpc/auth/``. Apache configuration will
|
||||
look as follow::
|
||||
|
||||
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
|
||||
|
||||
<Directory /usr/lib/cgi-bin/>
|
||||
AllowOverride None
|
||||
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
</Directory>
|
||||
|
||||
<Directory /usr/lib/cgi-bin/idpc/auth>
|
||||
AuthType Basic
|
||||
AuthName "IdPc"
|
||||
AuthUserFile /etc/apache/passwd
|
||||
Require valid-user
|
||||
</Directory>
|
||||
|
||||
|
||||
Database configuration
|
||||
======================
|
||||
|
||||
PostgreSQL
|
||||
----------
|
||||
|
||||
.. include:: create-db.sql
|
||||
|
||||
Be sure it is possible to connect using TCP/IP to the database; somethink like
|
||||
the next line will do (you may have to disable ``ident`` authentication first)::
|
||||
|
||||
# TYPE DATABASE USER IP-ADDRESS IP-MASK METHOD
|
||||
host idpc idpc 127.0.0.1 255.255.255.255 password
|
||||
|
||||
|
||||
MySQL
|
||||
-----
|
||||
|
||||
.. note:: Support not yet implemented.
|
||||
|
||||
|
||||
|
||||
.. _libxml2: http://www.xmlsoft.org/
|
||||
.. _neon: http://www.webdav.org/neon/
|
||||
|
|
|
@ -57,9 +57,18 @@ dd {
|
|||
}
|
||||
|
||||
table.table {
|
||||
margin-top: 1em;
|
||||
margin: 1ex 0;
|
||||
border-spacing: 0px;
|
||||
}
|
||||
|
||||
|
||||
table.table th {
|
||||
padding: 0px 1ex;
|
||||
background: #eef;
|
||||
font-weight: normal;
|
||||
}
|
||||
|
||||
|
||||
table.table td {
|
||||
padding: 0 0.5ex;
|
||||
}
|
||||
|
@ -68,6 +77,7 @@ div.note, div.warning {
|
|||
padding: 0.3ex;
|
||||
padding-left: 60px;
|
||||
min-height: 50px;
|
||||
margin: 1ex 1em;
|
||||
}
|
||||
|
||||
div.note {
|
||||
|
|
|
@ -19,12 +19,13 @@ of several CGI C programs.
|
|||
|
||||
It supports the following IDFF-1.2 profiles:
|
||||
|
||||
- Single Sign-On and Federation
|
||||
- Single Sign-On and Federation (Liberty Artifact and Liberty-Enabled Client
|
||||
and Proxy)
|
||||
- Single Logout (SOAP, initiated by SP)
|
||||
- Federation Termination
|
||||
- Liberty-Enabled Client and Proxy
|
||||
- Federation Termination (SOAP, initiated by SP)
|
||||
|
||||
It will implement other core profiles in the future.
|
||||
It will complete existing profiles and implement other core profiles in the
|
||||
future.
|
||||
|
||||
IdPC can authenticate users through several means including HTTP authentication
|
||||
and client certificates.
|
||||
|
@ -141,6 +142,52 @@ Additionally if you have set OCSP options in the configuration file, a OCSP
|
|||
connection will be made to check certificate validity.
|
||||
|
||||
|
||||
Apache Configuration
|
||||
====================
|
||||
|
||||
Imagine ``soapEndPoint`` has been installed in ``/usr/lib/cgi-bin/idpc/`` and
|
||||
``singleSignOn`` in ``/usr/lib/cgi-bin/idpc/auth/``. Apache configuration will
|
||||
look as follow::
|
||||
|
||||
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
|
||||
|
||||
<Directory /usr/lib/cgi-bin/>
|
||||
AllowOverride None
|
||||
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
</Directory>
|
||||
|
||||
<Directory /usr/lib/cgi-bin/idpc/auth>
|
||||
AuthType Basic
|
||||
AuthName "IdPc"
|
||||
AuthUserFile /etc/apache/passwd
|
||||
Require valid-user
|
||||
</Directory>
|
||||
|
||||
|
||||
Database configuration
|
||||
======================
|
||||
|
||||
PostgreSQL
|
||||
----------
|
||||
|
||||
.. include:: ../create-db.sql
|
||||
|
||||
Be sure it is possible to connect using TCP/IP to the database; somethink like
|
||||
the next line will do (you may have to disable ``ident`` authentication first)::
|
||||
|
||||
# TYPE DATABASE USER IP-ADDRESS IP-MASK METHOD
|
||||
host idpc idpc 127.0.0.1 255.255.255.255 password
|
||||
|
||||
|
||||
MySQL
|
||||
-----
|
||||
|
||||
.. note:: Support not yet implemented.
|
||||
|
||||
|
||||
|
||||
Copyright and License
|
||||
=====================
|
||||
|
||||
|
|
|
@ -63,6 +63,15 @@ int federation_termination_http(LassoFederationTermination *termination)
|
|||
return error_page("save_profile_dumps failed");
|
||||
}
|
||||
|
||||
rc = lasso_federation_termination_build_notification_msg(termination);
|
||||
if (rc) {
|
||||
return error_page("build notification msg");
|
||||
}
|
||||
|
||||
/* XXX: redirect to SP return URL */
|
||||
/* missing lasso support; impossible to get return URL */
|
||||
printf("Location: %s\n\nRedirected", "XXX");
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
@ -293,6 +293,7 @@ int single_sign_on()
|
|||
} else {
|
||||
/* POST profile (lassoLoginProtocolProfileBrwsPost) */
|
||||
/* XXX not supported by Lasso yet */
|
||||
rc = 1;
|
||||
}
|
||||
|
||||
lasso_login_destroy(login);
|
||||
|
|
Reference in New Issue