Lemonldap::Handlers::Generic4a2
NAME
Lemonldap::Handlers::Generic - Perl extension for Lemonldap sso system
Lemonldap::Handlers::Generic4a2 - Handler for Apache2 Lemonldap SSO
system
SYNOPSIS
In httpd.conf
.....
perltranshandler Lemonldap::Handlers::Generic4a2
.....
DESCRIPTION
Generic4a2 is the central piece of websso framework .
This module provides several methods but the principal goal of this is the handler function .
It can be combined with mod_proxy or mod_rewrite and all other apache's modules .
It provides also an built-in http proxy with LWP .
see http://lemonldap.sf.net for more infos .
Parameters (see also doc folder)
A minimal configuration must provide infos about :
- config
-
PerlSetVar ConfigFile /usr/local/apache/conf/config_demo1.xml The filename of the mean XML Config :It's REQUIRED
- domain
-
PerlSetVar Domain demo.net It fixes the value of domain for the application protected by this handler (see below)
- xml section in config
-
Perlsetvar HandlerID <xml section> It fixes the value of XML section in config
Example (a KISS example, see also eg folder)
In httpd.conf
<virtualHost 127.0.0.1:80>
servername authen.demo.net
PerlModule Apache2::compat
PerlModule Bundle::Apache2
PerlModule Lemonldap::Handlers::Generic4a2
perltranshandler Lemonldap::Handlers::Generic4a2
PerlSetVar Domain demo.net
PerlSetVar Configfile /usr/local/apache/conf/application_new.xml
PerlSetVar HandlerID myintranet
proxypass /intranet http://lemonldap.sourceforge.net
proxypassreverse /intranet http://lemonldap.sourceforge.net
documentroot /usr/local/apache/htdocs
</virtualhost>
In /usr/local/apache/conf/application_new.xml
<lemonconfig>
<domain id="demo.net"
Cookie="lemondemo"
>
<handler
id="myintranet"
DisableAccessControl= "1"
/>
</domain>
</lemonconfig>
Now you can put http://authen.demo.net/intranet/ in your browser and you will see lemonldap's site
AND now you can control who and where goes on your site .
You can pass parameters from httpd.conf with perlsetvar facilities or put them in xml file
Functions
- handler
-
It's the mean function which does all jobs . If the enebledproxy parameter is set to 1 ,this function will push proxy_handler function reference on the handler's stack . If not it returns DECLINED (mod_proxy will be actived)
- proxy_handler
-
It's the built-in proxy (LWP) web embedded in lemonldap framework . It is actived by enabledproxy parameter . Some parameters are about this proxy and its behaviour
- _lemonldap_debug
-
append this keyword at the end of url and you will can see all headers send to host. Available ONLY with built-in proxy
Features
Generic4a2 is build arround perl's modules .
Those modules are :
- Utilities :
-
collection of functions
- Core :
-
It provides basics services like the cache service, forge header service or authorization service. Core.pm can use YOUR own services for all this cycle . It's plugger . Lemonldap framework is available with somes services but you can with Core.pm propose your own schemas. News parameters were added in XML DTD in order to describe the sequence.
- MatrixPolicy :
-
manage authorization process , based on the hash of session (like preceding version)
- Memsession :
-
manage the backend of session (cache level 3 and 4 )
- AuthorizationHeader :
-
manage the construction of header
- RewriteHTML :
-
Rewrite on fly html source in order to ajust somes tags like BASE , href or src Available ONLY with built-in proxy
More features
- Authentification
-
Keep in mind that the handler doesn't know HOW authenticate anybody but only knows WHERE authenticate . The parameter 'portal' tells it where to send the authentification request.
- Caches
-
Thre are three levels of cache in lemonldap . *First cache (level 1) is a very KISS , it's a memory structure in the program . *Next cache (level 2) is realised by using berkeleyDB hash *Last cache (level 3) is realised by using memcached (see Apache::Session::Memorycached on CPAN)
SEE ALSO
Lemonldap(3), Lemonldap::Portal::Standard
http://lemonldap.sourceforge.net/
"Writing Apache Modules with Perl and C" by Lincoln Stein & Doug MacEachern - O'REILLY
- Eric German, <germanlinux@yahoo.fr>
- Xavier Guimard, <x.guimard@free.fr>
- Isabelle Serre, <isabelle.serre@justice.gouv.fr>
COPYRIGHT AND LICENSE
Copyright (C) 2004 by Eric German & Xavier Guimard & Isabelle Serre
Lemonldap originaly written by Eric german who decided to publish him in 2003 under the terms of the GNU General Public License version 2.
- This package is under the GNU General Public License, Version 2.
- The primary copyright holder is Eric German.
- Portions are copyrighted under the same license as Perl itself.
- Portions are copyrighted by Doug MacEachern and Lincoln Stein. This library is under the GNU General Public License, Version 2.
- Portage under Apache2 is made with help of : Ali Pouya and Shervin Ahmadi (MINEFI/DGI)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 dated June, 1991.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
A copy of the GNU General Public License is available in the source tree;
if not, write to the Free Software Foundation, Inc.,
59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.