Main LL::NG structure¶
Go in Manager, and:
- activate CDA in
General Parameters
»Cookies
»Multiple domains
- declare secondary portal in
General Parameters
»Advanced Parameters
»Security
»Trusted domains
Authentication | Users | Password |
---|---|---|
✔ | ✔ |
Danger
This module is a LL::NG specific identity federation protocol. You may rather use standards protocols like SAML, OpenID Connect or CAS.
exportedAttr
is set, only those attributes are copied in the
session database of the secondary LL::NG structure. Else, all data
are copied in the session database.Note
Note that if the user is already authenticated on the first portal, all redirections are transparent.
Go in Manager, and:
General Parameters
» Cookies
»
Multiple domains
General Parameters
»
Advanced Parameters
» Security
» Trusted domains
Configure the portal to use the remote LL::NG structure.
In Manager, go in General Parameters
» Authentication modules
and choose Remote for authentication and users.
Then, go in Remote parameters
:
Lemonldap::NG::Common::Apache::Session::SOAP
for
SOAP session backend.Using this, we can do a very simple interoperability system between 2 organizations using two LL::NG structures:
So on each main portal, internal users can access normally, and users issued from the other organization have just to click on the link: