====== Installation du Handler LemonLDAP sur SME ======

Dans certains cas, on peut vouloir installer uniquement le handler LemonLDAP::NG sur une SME (si on a déjà un serveur LemonLDAP central). Dans ce cas, voilà la marche à suivre:

<code bash>
yum --enablerepo=epel --enablerepo=fws install lemonldap-ng-handler smeserver-webapps-common
</code>

Il ne reste plus qu'à mettre en place quelques templates-custom:

<code bash>
mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/
cat <<'EOF' > /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/97LemonLDAPHandler
#====================================================================
# Apache configuration for LemonLDAP::NG Handler
#====================================================================

# Load LemonLDAP::NG Handler
PerlOptions +GlobalRequest
PerlRequire /var/lib/lemonldap-ng/handler/MyHandler.pm

# Common error page and security parameters
#ErrorDocument 403 http://auth.{$DomainName}/?lmError=403
#ErrorDocument 500 http://auth.{$DomainName}/?lmError=500


# Configuration reload mechanism (only 1 per physical server is
# needed): choose your URL to avoid restarting Apache when
# configuration change
<Location /lm-reload>
    SSLRequireSSL on
    Order deny,allow
    Deny from all
    Allow from {"$localAccess $externalSSLAccess";}
    PerlHeaderParserHandler My::Package->refresh
</Location>
EOF
cat <<'EOF' > /etc/e-smith/templates/etc/httpd/conf/httpd.conf/WebAppVirtualHost/05LemonLDAPHandler
{

if (($domain->prop('LemonLDAP') || 'disabled') eq 'enabled'){
    $OUT .= "    # This virtualhost is configured to be protected by LemonLDAP NG\n" .
            "    PerlHeaderParserHandler My::Package\n" .
            "    ErrorDocument 403 https://auth.$DomainName/?lmError=403\n" .
            "    ErrorDocument 500 https://auth.$DomainName/?lmError=500\n";
}

}
EOF
</code>

Il ne reste plus qu'à modifier (à la main, pas de templates) le fichier de configuration **/etc/lemonldap-ng/lemonldap-ng.ini**, exemple:

<file ini lemonldap-ng.ini>
[all]

[configuration]
type = SOAP
proxy = https://lemonsoap:GKpyKjCRYRc3zgd8AzUBzM9lREP4tqibfQ7f5m@soapsso.domain.tld/index.pl/config
proxyOptions = { timeout => 5 }
localStorage=Cache::FileCache
localStorageOptions={ 'namespace' => 'LemonLDAPng', 'default_expires_in' => 600, 'directory_umask' => '007', 'cache_root' => '/tmp', 'cache_depth' => 5, }

</file>