<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="fr" xml:lang="fr">
<head>
<meta name="generator" content=
"HTML Tidy for Linux/x86 (vers 7 December 2008), see www.w3.org" />
<title>Lemonldap::NG documentation:
4.5-Multiple-authentication-backend.html</title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
<style type="text/css">
/*<![CDATA[*/
body{
background: #ddd;
font-family: sans-serif;
font-size: 11pt;
padding: 0 50px;
}
div.main-content{
padding: 10px;
background: #fff;
border: 2px #ccc solid;
}
a{
text-decoration: none;
}
p.footer{
text-align: center;
margin: 5px 0 0 0;
}
.heading-1{
text-align: center;
color: orange;
font-variant: small-caps;
font-size: 20pt;
}
.heading-1-1{
color: orange;
font-size: 14pt;
border-bottom: 2px #ccc solid;
}
pre{
background: #eee;
border: 2px #ccc solid;
padding: 5px;
border-left: 10px #ccc solid;
}
ul.star li{
list-style-type: square;
}
/*]]>*/
</style>
</head>
<body>
<div class="main-content">
<h2 class="heading-1"><span id="HMultipleauthenticationbackend">Multiple
authentication backend</span></h2>
<p class="paragraph"></p>
<ul>
<li><a href="#HPresentation">Presentation</a></li>
<li><a href="#HConfiguration">Configuration</a></li>
<li>
<a href="#HKnownproblems">Known problems</a>
<ul>
<li><a href="#HAuthApacheauthentication">AuthApache
authentication</a></li>
<li><a href="#HSSLauthentication">SSL authentication</a></li>
</ul>
</li>
<li><a href="#HSeealso">See also</a></li>
</ul>
<h3 class="heading-1-1"><span id="HPresentation">Presentation</span></h3>
<p class="paragraph"></p>This backend allows to chain authentication
method, for example to failback to LDAP authentication if Remote
authentication failed…
<h3 class="heading-1-1"><span id=
"HConfiguration">Configuration</span></h3>
<p class="paragraph"></p>You have to use "Multi" as authentication scheme.
This scheme expect a parameter, which is the authentication chain.
<p class="paragraph"></p>For example:
<div class="code">
<pre>
authentication => 'Multi CAS;LDAP',
</pre>
</div><br />
<br />
If CAS failed, LDAP will be used.<br />
<br />
You can also add a condition. Example:
<div class="code">
<pre>
authentication => 'Multi Remote $ENV{REMOTE_ADDR}=~/^192/;LDAP $ENV{REMOTE_ADDR}!~/^192/'
</pre>
</div>
<h3 class="heading-1-1"><span id="HKnownproblems">Known
problems</span></h3>
<h4 class="heading-1-1-1"><span id="HAuthApacheauthentication">AuthApache
authentication</span></h4><br />
<br />
When using this module, Lemonldap::NG portal will be called only if Apache
does not return "401 Authentication required", but this is not the Apache
behaviour: if the auth module fails, Apache returns 401. We're studying a
future solutuion for this…
<h4 class="heading-1-1-1"><span id="HSSLauthentication">SSL
authentication</span></h4><br />
<br />
To chain SSL, you have to set "SSLRequire optional" in Apache
configuration, else users will be authenticated by SSL only.
<h3 class="heading-1-1"><span id="HSeealso">See also</span></h3>
<ul class="star">
<li><span class="wikilink"><a href=
"4.1-Configuration-parameter-list.html">Config Parameter
List</a></span></li>
<li><span class="wikilink"><a href="4.6-Multiple-user-backend.html">User
DBMulti</a></span></li>
</ul>
</div>
<p class="footer"><a href="index.html">Index</a></p>
</body>
</html>
