Scroll to navigation

Lemonldap::NG::Portal(3pm) User Contributed Perl Documentation Lemonldap::NG::Portal(3pm)


Lemonldap::NG::Portal - The authentication portal part of Lemonldap::NG Web-SSO system.


Use any of Plack launcher. Example:

  #!/usr/bin/env plackup
  use Lemonldap::NG::Portal;
  # This must be the last instruction! See PSGI for more


Lemonldap::NG is a modular Web-SSO based on Apache::Session modules. It provides an easy way to build a secured area to protect applications with very few changes.

Lemonldap::NG manages both authentication and authorization. Furthermore it provides headers for accounting. So you can have a full AAA protection for your web space as described below.

Lemonldap::NG::Portal provides portal components. See <> for more.


The portal object is based on Lemonldap::NG::Handler::Try: underlying handler tries to authenticate user and follows initialized auth / unauth routes.


Initialization process subscribes portal to handler configuration reload and requests handler initialization (Lemonldap::NG::Portal::Main::Init). So configuration is read by handler at each reload.

During configuration reload, each enabled components are loaded as plugins:

init() is called for each plugin. If a plugin initialization fails (init() returns 0), the portal responds a 500 status code for each request.

See Lemonldap::NG::Portal::Main::Plugin to see how to write modules.

Main route

The "/" route is declared in Lemonldap::NG::Portal::Main::Init. It points to different methods in Lemonldap::NG::Portal::Main::Run. Theses methods select methods to call in the process and call do().

do() stores methods to call in $req->steps and launches Lemonldap::NG::Portal::Main::Process::process(). This method removes each method stored in $req->steps and launches it. If the result is PE_OK, process() continues, else it returns the error code.

If it is an Ajax request, do() responds in JSON format else it manages redirection if any. Else it calls Lemonldap::NG::Portal::Main::Display::display() to load template and arguments, and launches Lemonldap::NG::Common::PSGI::sendHtml() using them.


Portal main object is defined in Lemonldap::NG::Portal::Main::* classes. Other components are plugins. Plugins do not have to store any hash key in main object.

Main and plugin keys must be set during initialization process. They must be read-only during requests receiving.

The Lemonldap::NG::Portal::Main::Request request has fixed keys. A plugin that wants to store a temporary key must store it in "$req->data" or use defined keys, but it must never create a root key. Plugin keys may have explicit names to avoid conflicts.

Whole configuration is always available. It is stored in $self->conf. It must not be modified by any components even during initialization process or receiving request (during initialization, copy the value in the plugin namespace instead).

All plugins can access to portal methods using $self->p which points to portal main object. Some main methods are mapped to the plugin namespace:


Most of the documentation is available on <> website




Use OW2 system to report bug or ask for features: <>


Lemonldap::NG is available at <>


See COPYING file for details.

This library is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see <>.

2022-02-25 perl v5.32.1