.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. \*(C+ will
.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
. ds C`
. ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.if !\nF .nr F 0
.if \nF>0 \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
.\}
.\" ========================================================================
.\"
.IX Title "Lemonldap::NG::Handler::Nginx 3pm"
.TH Lemonldap::NG::Handler::Nginx 3pm "2018-10-07" "perl v5.26.2" "User Contributed Perl Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
Lemonldap::NG::Handler::Nginx \- Lemonldap::NG FastCGI handler for Nginx.
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
FastCGI server:
.PP
.Vb 2
\& use Lemonldap::NG::Handler::Nginx;
\& Lemonldap::NG::Handler::Nginx\->run( {} );
.Ve
.PP
Launch it with plackup:
.PP
.Vb 1
\& plackup \-s FCGI \-\-listen /tmp/llng.sock \-\-no\-default\-middleware
.Ve
.PP
Configure Nginx:
.PP
.Vb 4
\& http {
\& log_format lm_combined \*(Aq$remote_addr \- $lmremote_user [$time_local] \*(Aq
\& \*(Aq"$request" $status $body_bytes_sent \*(Aq
\& \*(Aq"$http_referer" "$http_user_agent"\*(Aq;
\&
\& server {
\& server_name test1.example.com;
\& access_log /log/file lm_combined
\&
\& # Internal authentication request
\& location = /lmauth {
\& internal;
\& include /etc/nginx/fastcgi_params;
\& fastcgi_pass unix:_\|_FASTCGISOCKDIR_\|_/llng\-fastcgi.sock;
\&
\& # Drop post datas
\& fastcgi_pass_request_body off;
\& fastcgi_param CONTENT_LENGTH "";
\&
\& # Keep original hostname
\& fastcgi_param HOST $http_host;
\&
\& # Keep original request (LLNG server will received /llauth)
\& fastcgi_param X_ORIGINAL_URI $request_uri;
\& }
\&
\& # Client requests
\& location / {
\&
\& # Activate access control
\& auth_request /lmauth;
\&
\& # Set logs
\& auth_request_set $lmremote_user $upstream_http_lm_remote_user;
\& auth_request_set $lmlocation $upstream_http_location;
\& error_page 401 $lmlocation;
\& try_files $uri $uri/ =404;
\&
\& # Add as many 3\-lines block as max number of headers returned by
\& # configuration
\& auth_request_set $headername1 $upstream_http_headername1;
\& auth_request_set $headervalue1 $upstream_http_headervalue1;
\& #proxy_set_header $headername1 $headervalue1;
\& # OR
\& #fastcgi_param $fheadername1 $headervalue1;
\&
\& auth_request_set $headername2 $upstream_http_headername2;
\& auth_request_set $headervalue2 $upstream_http_headervalue2;
\& #proxy_set_header $headername2 $headervalue2;
\& # OR
\& #fastcgi_param $fheadername2 $headervalue2;
\&
\& auth_request_set $headername3 $upstream_http_headername3;
\& auth_request_set $headervalue3 $upstream_http_headervalue3;
\& #proxy_set_header $headername3 $headervalue3;
\& # OR
\& #fastcgi_param $fheadername3 $headervalue3;
\& }
\& }
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
Lemonldap::NG is a modular Web-SSO based on Apache::Session modules. It
simplifies the build of a protected area with a few changes in the application.
.PP
It manages both authentication and authorization and provides headers for
accounting. So you can have a full \s-1AAA\s0 protection for your web space as
described below.
.PP
Lemonldap::NG::Handler::Nginx provides a FastCGI server that can be used by
Nginx as authentication server.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
Lemonldap::NG::Handler, ,
.SH "AUTHOR"
.IX Header "AUTHOR"
.IP "Clement Oudot, " 4
.IX Item "Clement Oudot, "
.PD 0
.IP "François\-Xavier Deltombe, " 4
.IX Item "François-Xavier Deltombe, "
.IP "Xavier Guimard, " 4
.IX Item "Xavier Guimard, "
.PD
.SH "BUG REPORT"
.IX Header "BUG REPORT"
Use \s-1OW2\s0 system to report bug or ask for features:
.SH "DOWNLOAD"
.IX Header "DOWNLOAD"
Lemonldap::NG is available at
.SH "COPYRIGHT AND LICENSE"
.IX Header "COPYRIGHT AND LICENSE"
.IP "Copyright (C) 2016 by Xavier Guimard, " 4
.IX Item "Copyright (C) 2016 by Xavier Guimard, "
.PD 0
.IP "Copyright (C) 2012\-2015 by François\-Xavier Deltombe, " 4
.IX Item "Copyright (C) 2012-2015 by François-Xavier Deltombe, "
.IP "Copyright (C) 2006\-2012 by Clement Oudot, " 4
.IX Item "Copyright (C) 2006-2012 by Clement Oudot, "
.PD
.PP
This library is free software; you can redistribute it and/or modify
it under the terms of the \s-1GNU\s0 General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
.PP
This program is distributed in the hope that it will be useful,
but \s-1WITHOUT ANY WARRANTY\s0; without even the implied warranty of
\&\s-1MERCHANTABILITY\s0 or \s-1FITNESS FOR A PARTICULAR PURPOSE.\s0 See the
\&\s-1GNU\s0 General Public License for more details.
.PP
You should have received a copy of the \s-1GNU\s0 General Public License
along with this program. If not, see .