This module can be useful to allow certain users to edit WebSSO configuration in Read Only mode.
Parameters are set in lemonldap-ng.ini
file, section [manager]:
[manager]
enabledModules = conf, sessions, notifications, 2ndFA, viewer
defaultModule = viewer
viewerHiddenKeys = samlIDPMetaDataNodes samlSPMetaDataNodes managerPassword ManagerDn globalStorageOptions persistentStorageOptions
viewerAllowBrowser = $groups =~ /\bsu\b/
viewerAllowDiff = $groups =~ /\bsu\b/
Danger
You have to set access rules to allow/deny users to access modules.
In Manager: * Declare a Virtual Host : manager.example.com * Set an access rule for each enabled module :
Attention
To avoid that Read-Only users can access to configuration module by using default route, keep in mind to set ‘defaultModule’ option