Upgrade from 1.1 to 1.2

If you are using packages, they should have done the upgrade process for you, but you can check here that all is in order.

If you upgrade from older versions, please follow first:

SSL authentication backend

The SSL authentication backend behavior has changed:

Before, when SSL authentication failed, an option could be set to fail back to LDAP authentication backend.
Now, to keep this behavior, you have to use SSL and LDAP chaining in a Multi configuration:

Multi SSL;LDAP

Opening conditions

In LemonLDAP::NG 1.1, you could configure a condition that will be evaluated to allow the sesson creation.

Now, you can define as many conditions as you want. See the sessions configuration page to know how.

If you had defined a condition in LemonLDAP::NG 1.1, you are encouraged to redefine it in the new format.

Login history

The login history is a new feature enabled by default. To turn it off, go in Manager and set 0 in Advanced Parameters > Login History > Activation.

Unprotect rule

The unprotect rule in Manager now deletes headers forged by an unauthenticated user, but still send headers for authenticated ones. To skip headers for both kind of users, use the skip rule.

Custom authentication module

If you wrote custom authentication module, you have to add a new method called getDisplayType. This method should return one of these values:

standardform: login/password form
openidform: OpenID login form
yubikeyform: Yubikey login form
logo: no form (used for external authentication methods)

For example:

## @method string getDisplayType
# @return display type
sub getDisplayType {
    return "logo";
}

X-Forwarded-For

In LemonLDAP::NG 1.1, X-Fowarded-For IP value was stored in the xForwardedForAddr session field.

Now, you can configure the useXForwardedFor parameter, and the xForwardedFor IP will be stored in the ipAddr field of the session. Else, the standard remote address is stored in the ipAddr field.