Upload
ow2-consortium
View
463
Download
0
Tags:
Embed Size (px)
DESCRIPTION
LemonLDAP::NG is a FOSS for WebSSO, access management and identity federation developed since 2005. Its community is active and regurlarly proposes new versions. This talk will first present the software and its main functionalities: Multi-domain SSO Configuration and session management Form replay CAS, OpenID and SAML support Authentication methods chaining Applications portal Password management Notifications Then the main novelties of version 1.2: Radius authentication (and use of Google Authenticator) Connection history management Put an application in maintenance state Inserting a menu on protected applications
Citation preview
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
LemonLDAP::NG 1.2Clément OUDOT
New features of LemonLDAP::NG 1.2
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
About the speaker
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
Clément OUDOT
● LDAP engineer since 2003 in LINAGORA company, with experiences in SUN/Oracle to OpenLDAP migration
● LinID Dream Team Manager http://linid.org ● Leader of LDAP Tool Box project
http://ltb-project.org● Leader of LemonLDAP::NG project
http://lemonldap-ng.org
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
LemonLDAP::NG
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
Components
● LemonLDAP::NG main components:● Portal: authentication process, user interaction,
application menu, password change form● Manager: configuration interface, sessions explorer● Handler: Apache agent, manage access
authorizations
● Perl, only Perl, just Perl● Relies on Apache and mod_perl
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
Follow the white request
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
Demo mode
● Default mode at installation● Provide dummy accounts● One account has administration privileges
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
Demo mode
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
Login history
● Keep in a persistent session success and failed authentication
● The login history is available to administrators trough sessions explorer, and can be displayed to users in the portal
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
Floating menu
● Add HTML code on the fly on protected applications
● Display portal and logout links● Easy to customize!
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
Maintenance mode
● Dismiss an application without touching Apache configuration
● Standard HTTP code 503● All nodes of a cluster disabled at the same
time!
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
Radius authentication
● Standard authentication mode with login and password
● Compatible with Google Authenticator
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
The end... almost
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
Thanks
● Thanks to:● OW2 Con organizers● LINAGORA company● LemonLDAP::NG and Perl community
● Stay in touch:● Identica: @coudot● Twitter: @clementoudot● IRC: KPTN #lemonldap-ng@freenode
OW2Con'12, November 28-29, 2012 Orange Labs, Paris. www.ow2.org.
Questions?