Le 22/08/2017 à 18:51, Xavier a écrit : > Le 22/08/2017 à 16:29, gregor herrmann a écrit : >> On Tue, 22 Aug 2017 09:45:10 +0200, Alexander Wirt wrote: >> >>>> There is lemonldap-ng already packaged which provides saml, oauth, >>>> openid-connect, CAS, and more (both identity provider and service >>>> provider). It works with users in ldap but doesn't have a user management >>>> interface. >>>> >>>> We use it at work and it integrates nicely with all kind of webapp >>>> (including gitlab, via oauth). >>> I haven't looked into it. Can lemonldap-ng have multiple backends at the >>> same >>> time? >>> Specifially one LDAP (db.d.o.) Backend and one Oauth2 (gitlab) Backend? >> >> I haven't used lemonldap-ng but I'd like to add that it's maintained >> in Debian by Xavier Guimard (within the Debian Perl Group) who's also >> part of upstream. I'm sure he's happy to help by answering questions >> and maybe also setup or changes etc. (CC'd). > > Hi all, > > LLNG can have many backends simultaneously. The 2.0 version (not yet > published, in tests) adds a better plugin system that can be used to > create new backends. For now, LLNG is usable with: > * LDAP, Active-Directory, SQL, Kerberos (better with 2.0), Radius, > another LLNG system (proxy or delegate), SSL (using webserver), > Yubikey (better with 2.0), WebID, > * SAML-2.0, CAS, OpenID-2.0, OpenID-Connect, > * Multi : backend chosed by rule (better with 2.0 => "Combination") > * Choice : user can choose its backend > * backends usable by 2.0 only: > * PAM > * REST API > * Second factor (U2F or custom) > > It can also (and simultaneously) be used as identity provider for CAS, > OpenID-Connect, OpenID-2.0, SAML > > It has been designed for French government but is used in many places > now. Our main installation handles hundreds applications for ~250000 > users (~30 millions hits/day). I've heard about a bigger one in US but > have no info on it. > > Best regards, > Xavier > > https://lemonldap-ng.org
Hi all, lemonldap-ng 2.0 has been released (soon in Debian unstable). There are many new features that can be useful. Cheers, Xavier --- https://lemonldap-ng.org/documentation/latest/start https://fusioniam.org
