.\" Automatically generated by Pod::Man 4.10 (Pod::Simple 3.35) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" ======================================================================== .\" .IX Title "Lemonldap::NG::Portal 3pm" .TH Lemonldap::NG::Portal 3pm "2021-07-28" "perl v5.28.1" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" Lemonldap::NG::Portal \- The authentication portal part of Lemonldap::NG Web\-SSO system. .SH "SYNOPSIS" .IX Header "SYNOPSIS" Use any of Plack launcher. Example: .PP .Vb 1 \& #!/usr/bin/env plackup \& \& use Lemonldap::NG::Portal; \& \& # This must be the last instruction! See PSGI for more \& Lemonldap::NG::Portal\->run($opts); .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" Lemonldap::NG is a modular Web-SSO based on Apache::Session modules. It provides an easy way to build a secured area to protect applications with very few changes. .PP Lemonldap::NG manages both authentication and authorization. Furthermore it provides headers for accounting. So you can have a full \s-1AAA\s0 protection for your web space as described below. .PP Lemonldap::NG::Portal provides portal components. See for more. .SH "KINEMATICS" .IX Header "KINEMATICS" The portal object is based on Lemonldap::NG::Handler::Try: underlying handler tries to authenticate user and follows initialized auth / unauth routes. .SS "Initialization" .IX Subsection "Initialization" Initialization process subscribes portal to handler configuration reload and requests handler initialization (Lemonldap::NG::Portal::Main::Init). So configuration is read by handler at each reload. .PP During configuration reload, each enabled components are loaded as plugins: .IP "authentication module" 4 .IX Item "authentication module" .PD 0 .IP "userDB module" 4 .IX Item "userDB module" .IP "other enabled plugins (issuers,...)" 4 .IX Item "other enabled plugins (issuers,...)" .PD .PP \&\fBinit()\fR is called for each plugin. If a plugin initialization fails (\fBinit()\fR returns 0), the portal responds a 500 status code for each request. .PP See Lemonldap::NG::Portal::Main::Plugin to see how to write modules. .SS "Main route" .IX Subsection "Main route" The \*(L"/\*(R" route is declared in Lemonldap::NG::Portal::Main::Init. It points to different methods in Lemonldap::NG::Portal::Main::Run. Theses methods select methods to call in the process and call \fBdo()\fR. .PP \&\fBdo()\fR stores methods to call in \f(CW$req\fR\->steps and launches \&\fBLemonldap::NG::Portal::Main::Process::process()\fR. This method removes each method stored in \f(CW$req\fR\->steps and launches it. If the result is \s-1PE_OK,\s0 \fBprocess()\fR continues, else it returns the error code. .PP If it is an Ajax request, \fBdo()\fR responds in \s-1JSON\s0 format else it manages redirection if any. Else it calls \&\fBLemonldap::NG::Portal::Main::Display::display()\fR to load template and arguments, and launches \fBLemonldap::NG::Common::PSGI::sendHtml()\fR using them. .SH "DEVELOPER INSTRUCTIONS" .IX Header "DEVELOPER INSTRUCTIONS" Portal main object is defined in Lemonldap::NG::Portal::Main::* classes. Other components are plugins. Plugins do not have to store any hash key in main object. .PP Main and plugin keys must be set during initialization process. They must be read-only during requests receiving. .PP The Lemonldap::NG::Portal::Main::Request request has fixed keys. A plugin that wants to store a temporary key must store it in \f(CW\*(C`$req\->data\*(C'\fR or use defined keys, but it must never create a root key. Plugin keys may have explicit names to avoid conflicts. .PP Whole configuration is always available. It is stored in \f(CW$self\fR\->conf. It must not be modified by any components even during initialization process or receiving request (during initialization, copy the value in the plugin namespace instead). .PP All plugins can access to portal methods using \f(CW$self\fR\->p which points to portal main object. Some main methods are mapped to the plugin namespace: .IP "\fBlogger()\fR accessor to log" 4 .IX Item "logger() accessor to log" .PD 0 .IP "\fBuserLogger()\fR accessor to log user actions" 4 .IX Item "userLogger() accessor to log user actions" .IP "\fBerror()\fR accessor (use it to store error during initialization)" 4 .IX Item "error() accessor (use it to store error during initialization)" .PD .SH "SEE ALSO" .IX Header "SEE ALSO" Most of the documentation is available on website .SS "\s-1OTHER POD FILES\s0" .IX Subsection "OTHER POD FILES" .IP "Writing an authentication module: Lemonldap::NG::Portal::Auth" 4 .IX Item "Writing an authentication module: Lemonldap::NG::Portal::Auth" .PD 0 .IP "Writing a UserDB module: Lemonldap::NG::Portal::UserDB" 4 .IX Item "Writing a UserDB module: Lemonldap::NG::Portal::UserDB" .IP "Writing a second factor module: Lemonldap::NG::Portal::Main::SecondFactor" 4 .IX Item "Writing a second factor module: Lemonldap::NG::Portal::Main::SecondFactor" .IP "Writing an issuer module: Lemonldap::NG::Portal::Main::Issuer" 4 .IX Item "Writing an issuer module: Lemonldap::NG::Portal::Main::Issuer" .IP "Writing another plugin: Lemonldap::NG::Portal::Main::Plugin" 4 .IX Item "Writing another plugin: Lemonldap::NG::Portal::Main::Plugin" .IP "Request object: Lemonldap::NG::Portal::Main::Request" 4 .IX Item "Request object: Lemonldap::NG::Portal::Main::Request" .IP "Adding parameters in the manager: Lemonldap::NG::Manager::Build" 4 .IX Item "Adding parameters in the manager: Lemonldap::NG::Manager::Build" .PD .SH "AUTHORS" .IX Header "AUTHORS" .IP "LemonLDAP::NG team " 4 .IX Item "LemonLDAP::NG team " .SH "BUG REPORT" .IX Header "BUG REPORT" Use \s-1OW2\s0 system to report bug or ask for features: .SH "DOWNLOAD" .IX Header "DOWNLOAD" Lemonldap::NG is available at .SH "COPYRIGHT AND LICENSE" .IX Header "COPYRIGHT AND LICENSE" See \s-1COPYING\s0 file for details. .PP This library is free software; you can redistribute it and/or modify it under the terms of the \s-1GNU\s0 General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. .PP This program is distributed in the hope that it will be useful, but \s-1WITHOUT ANY WARRANTY\s0; without even the implied warranty of \&\s-1MERCHANTABILITY\s0 or \s-1FITNESS FOR A PARTICULAR PURPOSE.\s0 See the \&\s-1GNU\s0 General Public License for more details. .PP You should have received a copy of the \s-1GNU\s0 General Public License along with this program. If not, see .