NAME¶
Lemonldap::NG::Handler::Simple - Perl base extension for building Lemonldap::NG
compatible handler.
SYNOPSIS¶
Create your own package:
package My::Package;
use Lemonldap::NG::Handler::Simple;
our @ISA = qw(Lemonldap::NG::Handler::Simple);
__PACKAGE__->init ({
locationRules => {
default => '$ou =~ /brh/'
},
globalStorage => 'Apache::Session::MySQL',
globalStorageOptions => {
DataSource => 'dbi:mysql:database=dbname;host=127.0.0.1',
UserName => 'db_user',
Password => 'db_password',
TableName => 'sessions',
LockDataSource => 'dbi:mysql:database=dbname;host=127.0.0.1',
LockUserName => 'db_user',
LockPassword => 'db_password',
},
localStorage => 'Cache::DBFile',
localStorageOptions => {},
portal => 'https://portal/',
});
More complete example
package My::Package;
use Lemonldap::NG::Handler::Simple;
our @ISA = qw(Lemonldap::NG::Handler::Simple);
__PACKAGE__->init ( { locationRules => {
'^/pj/.*$' => '$qualif="opj"',
'^/rh/.*$' => '$ou=~/brh/',
'^/rh_or_opj.*$' => '$qualif="opj" or $ou=~/brh/',
default => 'accept', # means that all authenticated users are greanted
},
globalStorage => 'Apache::Session::MySQL',
globalStorageOptions => {
DataSource => 'dbi:mysql:database=dbname;host=127.0.0.1',
UserName => 'db_user',
Password => 'db_password',
TableName => 'sessions',
LockDataSource => 'dbi:mysql:database=dbname;host=127.0.0.1',
LockUserName => 'db_user',
LockPassword => 'db_password',
},
localStorage => 'Cache::DBFile',
localStorageOptions => {},
cookieName => 'lemon',
portal => 'https://portal/',
whatToTrace => '$uid',
exportedHeaders => {
'Auth-User' => '$uid',
'Unit' => '$ou',
https => 1,
}
);
Call your package in <apache-directory>/conf/httpd.conf
PerlRequire MyFile
# TOTAL PROTECTION
PerlHeaderParserHandler My::Package
# OR SELECTED AREA
<Location /protected-area>
PerlHeaderParserHandler My::Package
</Location>
You can also unprotect an URI
<Files "*.gif">
PerlHeaderParserHandler My::Package->unprotect
</Files>
DESCRIPTION¶
Lemonldap::NG::Handler::Simple is designed to be overloaded. See
Lemonldap::NG::Handler for more.
INITIALISATION PARAMETERS¶
This section presents the "init" method parameters.
- locationRules (required)
- Reference to a hash that contains "url-regexp =>
perl-expression" entries to manage authorizations.
- •
- "url-regexp" can be a perl regexp or the keyword 'default' which
corresponds to the default police (accept by default).
- •
- "perl-expression" can be a perl condition or the keyword
"accept" or the keyword "deny". All the variables
announced by $<name of the variable> are replaced by the values
resulting from the global session store.
- globalStorage & globalStorageOptions (required)
- Name and parameters of the Apache::Session::* module used by the portal to
store user's datas. See Lemonldap::NG::Portal(3) for more
explanations.
- localStorage & localStorageOptions
- Name and parameters of the optional but recommended Cache::* module used
to share user's datas between Apache processes. There is no need to set
expires options since Lemonldap::NG::Handler::Simple call the
Cache::*::purge method itself.
- cookieName (default: lemon)
- Name of the cookie used by the Lemonldap::NG infrastructure.
- portal (required)
- Url of the portal used to authenticate users.
- whatToTrace (default: uid)
- Stored user variable to use in Apache logs.
- exportedHeaders
- Reference to a hash that contains "Name => value" entries.
Those headers are calculated for each user by replacing the variables
announced by "$" by their values resulting from the global
session store.
- https (default: 1)
- Indicates if the protected server is protected by SSL. It is used to build
redirections, so you have to set it to avoid bad redirections after
authentication.
- port (default: undef)
- If port is not well defined in redirection, you can fix listen port
here.
EXPORT¶
None by default. You can import the following tags for inheritance:
- •
- :localStorage : variables used to manage local storage
- •
- :globalStorage : variables used to manage global storage
- •
- :locationRules : variables used to manage area protection
- •
- :import : import function inherited from Exporter and related
variables
- •
- :headers : functions and variables used to manage custom HTTP
headers exported to the applications
- •
- apache : functions and variables used to dialog with mod_perl. This
is done to be compatible both with Apache 1 and 2.
SEE ALSO¶
Lemonldap::NG::Handler, Lemonldap::NG::Portal, <
http://lemonldap-ng.org/>
AUTHOR¶
- Clement Oudot, <clem.oudot@gmail.com>
- Francois-Xavier Deltombe, <fxdeltombe@gmail.com.>
- Xavier Guimard, <x.guimard@free.fr>
- Thomas Chemineau, <thomas.chemineau@gmail.com>
BUG REPORT¶
Use OW2 system to report bug or ask for features: <
http://jira.ow2.org>
DOWNLOAD¶
Lemonldap::NG is available at
<
http://forge.objectweb.org/project/showfiles.php?group_id=274>
COPYRIGHT AND LICENSE¶
- Copyright (C) 2006, 2007, 2008, 2009, 2010 by Xavier Guimard,
<x.guimard@free.fr>
- Copyright (C) 2012, 2013 by Francois-Xavier Deltombe,
<fxdeltombe@gmail.com.>
- Copyright (C) 2006, 2009, 2010, 2011, 2012, 2013 by Clement Oudot,
<clem.oudot@gmail.com>
- Copyright (C) 2010 by Thomas Chemineau,
<thomas.chemineau@gmail.com>
This library is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; either version 2, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
this program. If not, see <
http://www.gnu.org/licenses/>.