NAME
Lemonldap::Handlers::Generic4a2 - Handler Apache2 for Lemonldap sso system
SYNOPSIS
In httpd.conf
<VirtualHost *:80>
PerlSetVar LemonldapEnabledproxy 1
ServerName serverpub.foo.bar:80
DocumentRoot /usr/local/apache2/htdocs
PerlInitHandler Lemonldap::Handlers::Generic4a2
#ProxyPass / http://serverpriv.foo.bar/
#ProxyPassReverse / http://serverpriv.foo.bar/
PerlSetVar LemonldapConfig /usr/local/apache2/conf/application_new.xml
PerlSetVar LemonldapConfigIpcKey CONF
PerlSetVar LemonldapDEBUG 1
PerlSetVar LemonldapDomain foo.bar
PerlSetVar LemonldapHandlerID handler2
PerlSetVar LemonldapBasePub http://serverpub.foo.bar
PerlSetVar LemonldapBasePriv http://serverpriv.foo.bar
PerlSetVar LemonldapCodeAppli APPLI
PerlSetVar LemonldapAttrLdap profilapplicatif
</virtualhost>
DESCRIPTION
Parameters
LemonldapConfig "/foo/bar/file_config.xml"
The filename of the mean XML Config :It's REQUIRED
LemonldapConfigIpcKey GLUE
The identifier of config segment IPC :It's REQUIRED
LemonldapDomain foo.bar
If present , it fixes the value of domain for the application protected by this handler (see below)
LemonldapHandlerId <xml section>
If present the configuration of handler is read from XML config backend.
You can overlay XML config backend with httpd.conf
LemonldapEnabledproxy 0|1
0 : don't use built-in proxy (configuration must use with mod_proxy or mod_rewrite )
1 : use built-in proxy
default : 0
LemonldapDEBUG 0|1
0 : mode debug disabled
1 : mode debug enabled
default : 0
LemonldapIpcNb 0..nn
IPNB is the number of session which you want to keep in cache evel 2 (IPC)
min value : 0 (don't use cache IPC level2)
max value : ??? : It depends of your server
recommended : 100
The youngest value replace the oldest .
LemonldapIpcKey '4 carac'
A string of 4 caracteres (see IPC::Shareable doc)
It must be 'unique' .
LemonldapAttrLdap 'string'
The first level of hash session , whi can to be the name of LDAP attribute
see below
LemonldapCodeAppli 'string'
The second level of hash session , whi can to be the code of application
The access of %session if $session{LemonldapAttrLDAP}{lemonldapCodeAppli}
with the value of key = profil .
LemonldapDisabled 0|1
0 : Control the request (default)
1 : Don't control the request (useful for jpeg )
LemonldapStopCookie 0|1
0 : Let pass the lemonldap cookie to application (default).
1 : Block the lemonldap cookie.
LemonldapRECURSIVE 0|1
0 : Let LWP chases redirection (default).
1 : Let Client chases redirection instead LWP.
LemonldapProxyExt 0|1
0 : Let LWP resquets on ressource (default).
1 : force LWP to request via an external proxy.
LemonldapSession 'cachelevel 3'
It is the name of XML section which describes the backend used in order to store the session .
LemonldapCookie 'name_of_cookie'
eg: lemontest
LemonldapBasePub
The public host name avaiable by user
LemonldapBasePriv
The private host name not avaiable by user
LemonldapPortal
The url of login page
LemonldapHttps 0|1
0 : don't use HTTPS between lemonLDAP and private host.
1 : Use HTTPS between LemonLdap and private host.
LemonldapAuth 0|1
0 : LemonLdap don't send certificate to private host.
1 : Used with HTTPS to force LemonLdap to send certificate to private host.
LemonldapPkcs12
The filename of the PKCS12 certificate (/usr/opt/apache/conf/ssl/test.pkcs12).
LemonldapPkcs12Password
The password of the PKCS12 certificate.
LemonldapCertFile
The certificate file (/usr/opt/apache/confssl/cert.pem).
LemonldapKeyFile
The key file of ce certificate (/usr/opt/apache/conf/ssl/cert.key).
LemonldapRemoteIp
0 : don't insert the client IP in the header send to application.
1: insert the client IP in the header send to application
LemonldapListAttrLdap
The list of LDAP attributes that will be send in the header to application. The "dn" attributes is always be send, so you don't need to add it in this list.Atributes name and values must have been stored in the session hash by the lemonLDAP portal page. Attributes values are separated by ":".
SEE ALSO Lemonldap(3), Lemonldap::Portal::Standard
http://lemonldap.sourceforge.net/
"Writing Apache Modules with Perl and C" by Lincoln Stein & Doug MacEachern - O'REILLY
- Eric German, <germanlinux@yahoo.fr>
- Xavier Guimard, <x.guimard@free.fr>
- Isabelle Serre, <serrei@free.fr<gt>
COPYRIGHT AND LICENSE
Copyright (C) 2004 by Eric German & Xavier Guimard & Isabelle Serre
Lemonldap originaly written by Eric german who decided to publish him in 2003 under the terms of the GNU General Public License version 2.
- This package is under the GNU General Public License, Version 2.
- The primary copyright holder is Eric German.
- Portions are copyrighted under the same license as Perl itself.
- Portions are copyrighted by Doug MacEachern and Lincoln Stein. This library is under the GNU General Public License, Version 2.
- Portage under Apache2 is made with help of : Ali Pouya and Shervin Ahmadi (MINEFI/DGI)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 dated June, 1991.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
A copy of the GNU General Public License is available in the source tree;
if not, write to the Free Software Foundation, Inc.,
59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.