NAME

Lemonldap::NG::Handler::SharedConf - Perl extension to use dynamic configuration provide by Lemonldap::NG::Manager.

SYNOPSIS

package My::Package;
use Lemonldap::NG::Handler::SharedConf;
@ISA = qw(Lemonldap::NG::Handler::SharedConf);
__PACKAGE__->init ( {
  localStorage        => "Cache::FileCache",
  localStorageOptions => {
      'namespace' => 'lemonldap-ng',
      'default_expires_in' => 600,
    },
  configStorage       => {
     type                => "DBI"
     dbiChain            => "DBI:mysql:database=$database;host=$hostname;port=$port",
     dbiUser             => "lemonldap",
     dbiPassword         => "password",
    },
} );

Call your package in /apache-dir/conf/httpd.conf :

PerlRequire MyFile
# TOTAL PROTECTION
PerlHeaderParserHandler My::Package
# OR SELECTED AREA
<Location /protected-area>
  PerlHeaderParserHandler My::Package
</Location>

The configuration is loaded only at Apache start. Create an URI to force configuration reload, so you don't need to restart Apache at each change :

# /apache-dir/conf/httpd.conf
<Location /location/that/I/ve/choosed>
  Order deny,allow
  Deny from all
  Allow from my.manager.com
  PerlHeaderParserHandler My::Package->refresh
</Location>

DESCRIPTION

This library inherit from Lemonldap::NG::Handler::Main to build a complete SSO Handler System: a central database contains the policy of your domain. People that want to access to a protected applications are redirected to the portal that run Lemonldap::NG::Portal::SharedConf. After reading configuration from the database and authenticating the user, it stores a key word for each application the user is granted to access to. Then the user is redirected to the application he wanted to access and the Apache handler build with Lemonldap::NG::Handler::SharedConf::DBI has just to verify that the keyword corresponding to the protected area is stored in the database.

OVERLOADED SUBROUTINES

init

Like Lemonldap::NG::Handler::Main::init() but read only localStorage related options. You may change default time between two configuration checks with the checkTime parameter (default 600s).

OPERATION

Each new Apache child checks if there's a configuration stored in the local store. If not, it calls getConf to get one and store it in the local store by calling setconf.

Every 600 seconds, each Apache child checks if the local stored configuration has changed and reload it if it has.

When refresh subroutine is called (by http for example: see synopsis), getConf is called to get the new configuration and setconf is called to store it in the local store.

SEE ALSO

Lemonldap::NG::Handler, Lemonldap::NG::Manager, Lemonldap::NG::Portal, http://lemonldap-ng.org/

AUTHOR

Clement Oudot, <clem.oudot@gmail.com>
François-Xavier Deltombe, <fxdeltombe@gmail.com.>
Xavier Guimard, <x.guimard@free.fr>

BUG REPORT

Use OW2 system to report bug or ask for features: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues

DOWNLOAD

Lemonldap::NG is available at http://forge.objectweb.org/project/showfiles.php?group_id=274

COPYRIGHT AND LICENSE

This library is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.