File: limesurvey.html

package info (click to toggle)
lemonldap-ng 1.9.7-3%2Bdeb9u2
links: PTS, VCS
area: main
in suites: stretch
size: 39,024 kB
sloc: perl: 37,552; makefile: 922; sh: 472; sql: 5
file content (264 lines) | stat: -rw-r--r-- 13,548 bytes
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
  <meta charset="utf-8" />
  <title>documentation:1.9:applications:limesurvey</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,1.9,applications,limesurvey"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="limesurvey.html"/>
<link rel="contents" href="limesurvey.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<!-- //if:usedebianlibs
  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:1.9:applications';var JSINFO = {"id":"documentation:1.9:applications:limesurvey","namespace":"documentation:1.9:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script>
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
  <script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
  <script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
  <script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
//else -->
  <script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script>
<!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>

<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Presentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#limesurvey_configuration">LimeSurvey configuration</a></div></li>
<li class="level2"><div class="li"><a href="#limesurvey_virtual_host">LimeSurvey virtual host</a></div></li>
<li class="level2"><div class="li"><a href="#limesurvey_virtual_host_in_manager">LimeSurvey virtual host in Manager</a></div>
<ul class="toc">
<li class="level3"><div class="li"><a href="#headers">Headers</a></div></li>
<li class="level3"><div class="li"><a href="#rules">Rules</a></div></li>
</ul></li>
</ul></li>
</ul>
</div>
</div>
<!-- TOC END -->

<h1 class="sectionedit1" id="limesurvey">LimeSurvey</h1>
<div class="level1">

<p>
<a href="limesurvey_logo.png_documentation_1.9_applications_limesurvey.html" class="media" title="applications:limesurvey_logo.png"><img src="limesurvey_logo.png" class="mediacenter" alt="" /></a>
</p>

</div>
<!-- EDIT1 SECTION "LimeSurvey" [1-70] -->
<h2 class="sectionedit2" id="presentation">Presentation</h2>
<div class="level2">

<p>
<a href="http://www.limesurvey.org" class="urlextern" title="http://www.limesurvey.org"  rel="nofollow">LimeSurvey</a> is a web survey software written in PHP. LimeSurvey has a webserver authentication mode that allows to integrate it directly into LemonLDAP::NG.
</p>

<p>
To have a stronger integration, we will configure LimeSurvey to autocreate unknown users and use HTTP headers to fill name, mail and roles. For example, we will use 3 roles:
</p>
<ul>
<li class="level1"><div class="li"> User: can answer to surveys</div>
</li>
<li class="level1"><div class="li"> Admin: can create surveys</div>
</li>
<li class="level1"><div class="li"> Superadmin: no one can stop him!</div>
</li>
</ul>

</div>
<!-- EDIT2 SECTION "Presentation" [71-557] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
<div class="noteclassic">We suppose that LimeSurvey is installed in /var/www/html/limesurvey
</div>
</div>
<!-- EDIT3 SECTION "Configuration" [558-666] -->
<h3 class="sectionedit4" id="limesurvey_configuration">LimeSurvey configuration</h3>
<div class="level3">

<p>
The configuration is done in config.php:
</p>
<pre class="code">vi /var/www/html/limesurvey/config.php</pre>
<pre class="code file php"><span class="co1">//==================================</span>
<span class="co1">// WebSSO</span>
<span class="co1">//==================================</span>
&nbsp;
<span class="re0">$useWebserverAuth</span> <span class="sy0">=</span> <span class="kw4">true</span><span class="sy0">;</span>
<span class="re0">$WebserverAuth_autocreateUser</span> <span class="sy0">=</span> <span class="kw4">true</span><span class="sy0">;</span>
<span class="re0">$WebserverAuth_autouserprofile</span> <span class="sy0">=</span> <a href="http://www.php.net/array"><span class="kw3">Array</span></a><span class="br0">&#40;</span>
 <span class="st_h">'full_name'</span> <span class="sy0">=&gt;</span> <span class="re0">$_SERVER</span><span class="br0">&#91;</span><span class="st_h">'HTTP_AUTH_CN'</span><span class="br0">&#93;</span><span class="sy0">,</span>
 <span class="st_h">'email'</span> <span class="sy0">=&gt;</span> <span class="re0">$_SERVER</span><span class="br0">&#91;</span><span class="st_h">'HTTP_AUTH_MAIL'</span><span class="br0">&#93;</span><span class="sy0">,</span>
 <span class="st_h">'lang'</span> <span class="sy0">=&gt;</span> <span class="st_h">'en'</span><span class="sy0">,</span>
 <span class="st_h">'htmleditormode'</span> <span class="sy0">=&gt;</span> <span class="st_h">'inline'</span><span class="sy0">,</span>
 <span class="st_h">'templatelist'</span> <span class="sy0">=&gt;</span> <span class="st_h">'default,basic,MyOrgTemplate'</span><span class="sy0">,</span>
 <span class="st_h">'create_survey'</span> <span class="sy0">=&gt;</span> <span class="re0">$_SERVER</span><span class="br0">&#91;</span><span class="st_h">'HTTP_AUTH_ADMIN'</span><span class="br0">&#93;</span> <span class="sy0">||</span> <span class="re0">$_SERVER</span><span class="br0">&#91;</span><span class="st_h">'HTTP_AUTH_SUPERADMIN'</span><span class="br0">&#93;</span><span class="sy0">,</span>
 <span class="st_h">'create_user'</span> <span class="sy0">=&gt;</span>  <span class="re0">$_SERVER</span><span class="br0">&#91;</span><span class="st_h">'HTTP_AUTH_SUPERADMIN'</span><span class="br0">&#93;</span><span class="sy0">,</span>
 <span class="st_h">'delete_user'</span> <span class="sy0">=&gt;</span>  <span class="re0">$_SERVER</span><span class="br0">&#91;</span><span class="st_h">'HTTP_AUTH_SUPERADMIN'</span><span class="br0">&#93;</span><span class="sy0">,</span>
 <span class="st_h">'superadmin'</span> <span class="sy0">=&gt;</span> <span class="re0">$_SERVER</span><span class="br0">&#91;</span><span class="st_h">'HTTP_AUTH_SUPERADMIN'</span><span class="br0">&#93;</span><span class="sy0">,</span>
 <span class="st_h">'configurator'</span> <span class="sy0">=&gt;</span>  <span class="re0">$_SERVER</span><span class="br0">&#91;</span><span class="st_h">'HTTP_AUTH_SUPERADMIN'</span><span class="br0">&#93;</span><span class="sy0">,</span>
 <span class="st_h">'manage_template'</span> <span class="sy0">=&gt;</span>  <span class="re0">$_SERVER</span><span class="br0">&#91;</span><span class="st_h">'HTTP_AUTH_SUPERADMIN'</span><span class="br0">&#93;</span><span class="sy0">,</span>
 <span class="st_h">'manage_label'</span> <span class="sy0">=&gt;</span>  <span class="re0">$_SERVER</span><span class="br0">&#91;</span><span class="st_h">'HTTP_AUTH_SUPERADMIN'</span><span class="br0">&#93;</span>
<span class="br0">&#41;</span><span class="sy0">;</span></pre>
<div class="notetip">We directly use HTTP headers to fill default user profile.
</div>
</div>
<!-- EDIT4 SECTION "LimeSurvey configuration" [667-1672] -->
<h3 class="sectionedit5" id="limesurvey_virtual_host">LimeSurvey virtual host</h3>
<div class="level3">

<p>
Configure LimeSurvey virtual host like other <a href="../configvhost.html" class="wikilink1" title="documentation:1.9:configvhost">protected virtual host</a>.
</p>
<ul>
<li class="level1"><div class="li"> For Apache:</div>
</li>
</ul>
<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> *:<span class="nu0">80</span>&gt;
       <span class="kw1">ServerName</span> limesurvey.example.com
&nbsp;
       PerlHeaderParserHandler Lemonldap::NG::Handler
&nbsp;
       <span class="kw1">SetEnvIfNoCase</span> Auth-<span class="kw1">User</span> <span class="st0">&quot;(.*)&quot;</span> PHP_AUTH_USER=$1
&nbsp;
       <span class="kw1">Alias</span> /limesurvey /var/www/html/limesurvey
      <span class="kw1">DocumentRoot</span> /var/www/html/limesurvey
&nbsp;
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>
<div class="noteimportant">You need to set the PHP_AUTH_USER variable to have the Webserver authentication mode working.
</div><ul>
<li class="level1"><div class="li"> For Nginx:</div>
</li>
</ul>
<pre class="code file nginx">server {
  listen 80;
  server_name limesurvey.example.com;
  root /path/to/application;
  # Internal authentication request
  location = /lmauth {
    internal;
    include /etc/nginx/fastcgi_params;
    fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
    # Drop post datas
    fastcgi_pass_request_body  off;
    fastcgi_param CONTENT_LENGTH &quot;&quot;;
    # Keep original hostname
    fastcgi_param HOST $http_host;
    # Keep original request (LLNG server will received /llauth)
    fastcgi_param X_ORIGINAL_URI  $request_uri;
  } 
&nbsp;
  # Client requests
  location / {
    auth_request /lmauth;
    auth_request_set $lmremote_user $upstream_http_lm_remote_user;
    auth_request_set $lmlocation $upstream_http_location;
    error_page 401 $lmlocation;
    try_files $uri $uri/ =404;
&nbsp;
    ...
&nbsp;
    include /etc/lemonldap-ng/nginx-lua-headers.conf;
  }
  location / {
    try_files $uri $uri/ =404;
  }
}</pre>

</div>
<!-- EDIT5 SECTION "LimeSurvey virtual host" [1673-3192] -->
<h3 class="sectionedit6" id="limesurvey_virtual_host_in_manager">LimeSurvey virtual host in Manager</h3>
<div class="level3">

<p>
Go to the Manager and <a href="../configvhost.html#lemonldapng_configuration" class="wikilink1" title="documentation:1.9:configvhost">create a new virtual host</a> for LimeSurvey.
</p>

</div>

<h4 id="headers">Headers</h4>
<div class="level4">
<div class="table sectionedit7"><table class="inline table table-bordered table-striped">
	<thead>
	<tr class="row0 roweven">
		<th class="col0 centeralign">  Header name  </th><th class="col1 centeralign">  Description  </th>
	</tr>
	</thead>
	<tr class="row1 rowodd">
		<td class="col0 centeralign">  Auth-User  </td><td class="col1 centeralign">  user login  </td>
	</tr>
	<tr class="row2 roweven">
		<td class="col0 centeralign">  Auth-Cn  </td><td class="col1 centeralign">  user full name  </td>
	</tr>
	<tr class="row3 rowodd">
		<td class="col0 centeralign">  Auth-Mail  </td><td class="col1 centeralign">  user email  </td>
	</tr>
	<tr class="row4 roweven">
		<td class="col0 centeralign">  Auth-Admin  </td><td class="col1 centeralign">  1 if user is admin  </td>
	</tr>
	<tr class="row5 rowodd">
		<td class="col0 centeralign">  Auth-SuperAdmin  </td><td class="col1 centeralign">  1 if user is superadmin  </td>
	</tr>
</table></div>
<!-- EDIT7 TABLE [3365-3583] --><div class="notetip">You can manage roles with the <a href="../rbac.html" class="wikilink1" title="documentation:1.9:rbac">RBAC model</a> or by using groups.
</div>
</div>

<h4 id="rules">Rules</h4>
<div class="level4">
<div class="table sectionedit8"><table class="inline table table-bordered table-striped">
	<thead>
	<tr class="row0 roweven">
		<th class="col0 centeralign">  Rule name  </th><th class="col1 centeralign">  Expression  </th><th class="col2 centeralign">  Description  </th>
	</tr>
	</thead>
	<tr class="row1 rowodd">
		<td class="col0 centeralign">  Logout  </td><td class="col1 centeralign">  action=logout$  </td><td class="col2 centeralign">  Logout rule (for example logout_app_sso)  </td>
	</tr>
	<tr class="row2 roweven">
		<td class="col0 centeralign">  Admin   </td><td class="col1 centeralign">  ^/limesurvey/admin/  </td><td class="col2 centeralign">  Allow only admin and superadmin roles  </td>
	</tr>
	<tr class="row3 rowodd">
		<td class="col0 centeralign">  Default  </td><td class="col1 centeralign">  default  </td><td class="col2 centeralign">  Allow only users with a LimeSurvey role  </td>
	</tr>
</table></div>
<!-- EDIT8 TABLE [3690-3975] --><div class="notetip">You can set the default access to:<ul>
<li class="level1"><div class="li"> <strong>accept</strong>: all authenticated users will access surveys</div>
</li>
<li class="level1"><div class="li"> <strong>unprotect</strong>: no authentication will be asked to access surveys </div>
</li>
</ul>

</div>
</div>
<!-- EDIT6 SECTION "LimeSurvey virtual host in Manager" [3193-] --></div>
</body>
</html>