Authentication | Users | Password |
---|---|---|
✔ | ✔ | ✔ |
By default, only the configured authentication backend is available for users.
Contrary to multiple backend stacking, backend choice will present all available authentication methods to users, who will choose the one they want.
The choice will concern three backends:
The chosen backends will be registered in session:
$_auth
$_userDB
$_passwordDB
Authentication choice will also be registered in session:
$_authChoice
In Manager, go in General Parameters
> Authentication modules
and choose Choice for authentication.
Attention
When Choice
is selected for authentication, values
for Users and Password modules are also forced to Choice
.
Then, go in Choice Parameters
:
lmAuth
)New chain
to add a choice.Define here:
test1.example.com
, you can set this
condition:$env->{urldc} =~ /test1\.example\.com/
Note
Federated authentication need pdata cookie. SameSite cookie value must be set to “Lax” or “None”. See SSO cookie parameters
Note
Authentication request to an another URL than Portal URL can lead
to a persistent loop between Portal and a redirection URL (pdata is not
removed because domains mismatch). To avoid this, you have to set pdata
cookie domain by editing lemonldap-ng.ini
in section [portal]:
[portal]
pdataDomain = example.com
Tip
You can prefix the key name with a digit to order them. The digit will not be shown on portal page. Underscore characters are also replaced by spaces.
Tip
You can also override some LLNG parameters for each chain. See Parameters list to have the key names to use