Lemonldap::NG::Manager kinematic
Main requests (index.pl)
Main initialization (new())
Simple::new():
getConf()- load
MenuandDisplay - load
Auth/UserDB/PasswordDB/RegisterDB - load
IssuerDBx - (load
Notifications)
Request managing
Scenarii:
- F: unknown user comes for the first time
- P: (good) post for authentication
- M: menu display
- L: simple logout
| Method | Comment | F | P | M | L | Proposed PSGI route (for 2.0) | |
|---|---|---|---|---|---|---|---|
| 0 | startSoapServices | Manage som path info | /sessions | ||||
| 1 | controlUrlOrigin | check url parameter (+confirmation) |
X | X | X | X | |
| 2 | checkNotifBack | check accepted notifications | X | X | X | X | /notif ? |
| 3 | controlExistingSession | check cookie | X | X | X | X | |
| * display captcha image | X | /captcha | |||||
| * logout | /logout | ||||||
| * remove existing sessions | X | ||||||
| * respond to ping | /ping | ||||||
* respond to storeAppsListOrder |
/storeAppsListOrder | ||||||
| * If user is authenticated, call: | |||||||
| - issuerForAuthUser | |||||||
| - authFinish | |||||||
| - autoRedirect | |||||||
| existingSession | manage reauthentication and force | X | |||||
| authForce | X | ||||||
| IssuerDB::issuerDBInit | X | X | X | X | (init^) | ||
| IssuerDB::logout | X | ||||||
| Auth::authInit | X | X | X | X | (init^) | ||
| Auth::logout | X | ||||||
| 4 | Issuer::issuerForUnAuthUser | X | X | Many (SSO, SLO, SOAP,...) | |||
| 5 | Auth::extractFormInfo | First call to auth module | X | X | |||
| UserDB::userDBInit | X | (init^) | |||||
| 6 | UserDB::getUser | First call to UserDB: set $_user | X | ||||
| 7 | Auth::setAuthSessionInfo | Auth module can set infos to session | X | ||||
| PasswordDB::passwordDBInit | X | (init^) | |||||
| 8 | PasswordDB::modifyPassword | Unique call to PasswordDB | X | ? | |||
| 9 | setSessionInfo | Store datas in $sessionInfo |
X | ||||
| 10 | setMacros | Update $sessionInfo with macros | X | ||||
| create safe jail | X | ||||||
| 11 | UserDB::setGroups | Set $sessionInfo->{group} |
X | ||||
| 12 | setPersistentSessionInfo | Store some datas in persistent DB | X | ||||
| 13 | setLocalGroups | Set $sessionInfo->{group} |
X | ||||
| 14 | MailReset::sendPasswordMail | Called if password was changed | X | 3 | |||
| 15 | Auth::authenticate | 3rd call to Auth module (for LDAP) | X | ||||
| 16 | Auth::authFinish | Last call to Auth | X | 1 | |||
| 17 | UserDB::userDBFinish | Last call to UserDB | X | ||||
| 18 | PasswordDB::passwordDBFinish | Last call to PasswordDB | X | 2 | |||
| 19 | grantSession | Apply the rule (user is authenticated | X | ||||
| 20 | removeOther | Remove other opened sessions | X | ||||
| 21 | store | Store session in DB | X | ||||
| setApacheUser | |||||||
| 22 | buildCookie | Build LLNG cookie(s) | X | ||||
| 23 | checkNotification | Check if current user has messages | X | X | |||
| 24 | IssuerDB::issuerForAuthUser | X | X | Many (SSO, SLO, SOAP, Attribute query,...) | |||
| 25 | autoRedirect | Redirects to wanted url | X | ||||
| menuInit | X |
Notes:
- Called after issuerForAuthUser
- Called after menuInit
- called after passwordDBFinish
Other requests
/saml/metadata (metadata.pl)
Returns the content of Lemonldap::NG::Common::Conf::SAML::Metadata->serviceToXML()
/openid-configuration.pl
Display OpenID-Connect JSON configuration
/mail.pl
Launch MailReset
/register.pl
Registration
/cdc.pl
Display SAML cross domain cookies