News on LemonLDAP::NG 2.0
LemonLDAP::NG 2.0 will be a major release with a lot of new features. Upgrade will be easy for a basic usage but some work has to be done if you use advanced features.
See https://lemonldap-ng.org/documentation/2.0/upgrade
Handler
A new feature comes with 2.0: DevOps handler.
This new handler reads rules and headers from the /rules.json of the protected website. This allows one to protect websites in development: a developer can test itself his rules without asking changes to LLNG administrator. See https://lemonldap-ng.org/documentation/2.0/devopshandler
You will be able to choose handler type in the manager (AuthBasic,...) in each virtualHost. All specific handlers are available with both Nginx and Apache (CDA, AuthBasic, ZimbraPreAuth, SecureToken, DevOps).
A "Token" handler is coming soon to handle underlying REST calls done by a webapp to another for a connected user.
Also an experimental node.js handler has been published on GitHub
Portal
Portal use no more ModPerl::Registry: like Manager-1.9, it uses FastCGI and has been rewritten using "Plugins". Performance are increased a lot!
It generates also dynamically security headers to protect it from modern attacks (Content-Security-Policy,...).
Multi auth module has been replaced by a powerful new module named "Combination". See: https://lemonldap-ng.org/documentation/2.0/authcombination
Manager
No big changes (already done in 1.9) but differences between 2 configurations can be displayed easily.
FastCGI server (Nginx)
LLNG FastCGI server can be used to handle .pl and .psgi files (like php-fpm)
Logging
Logs can now be redirected to:
- Standard output (webserver error.log)
- Syslog (now default for Nginx)
- Log4perl (looks like Java Log4J)
There are 2 categories of logs which can be redirected separately:
- technical logs
- user actions
Developer corner
Handler libraries have been totally rewritten. It is now more easy to build custom handlers.
Also Portal has now a powerful plugin system. It is now easy to insert a function inside authentication process or to catch a URL path_info (ex: http://auth.example.com/mypath). Doc is inserted in Portal manpages.
See:
- https://lemonldap-ng.org/documentation/2.0/start#developer_corner
- lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/* for examples
Help wanted
You can extract 2.0 version from the SVN repository and test it, any feedback is welcome!