NAME
Lemonldap::NG::Portal::AuthSSL - Perl extension for building Lemonldap::NG compatible portals with SSL authentication.
SYNOPSIS
With Lemonldap::NG::Portal::SharedConf, set authentication field to "SSL" in configuration database.
With Lemonldap::NG::Portal::Simple:
use Lemonldap::NG::Portal::Simple;
my $portal = new Lemonldap::NG::Portal::Simple(
domain => 'gendarmerie.defense.gouv.fr',
globalStorage => 'Apache::Session::MySQL',
globalStorageOptions => {
DataSource => 'dbi:mysql:database',
UserName => 'db_user',
Password => 'db_password',
TableName => 'sessions',
},
ldapServer => 'ldap.domaine.com',
securedCookie => 1,
authentication => 'SSL',
);
if($portal->process()) {
# Write here the menu with CGI methods. This page is displayed ONLY IF
# the user was not redirected here.
print $portal->header; # DON'T FORGET THIS (see CGI(3))
print "...";
# or redirect the user to the menu
print $portal->redirect( -uri => 'https://portal/menu');
}
else {
# If the user enters here, IT MEANS THAT YOUR SSL PARAMETERS ARE BAD
print $portal->header; # DON'T FORGET THIS (see CGI(3))
print "<html><body><h1>Unable to work</h1>";
print "This server isn't well configured. Contact your administrator.";
print "</body></html>";
}Modify your httpd.conf:
<Location /My/File>
SSLVerifyClient require
SSLOptions +ExportCertData +CompatEnvVars +StdEnvVars
</Location>DESCRIPTION
This library just overload few methods of Lemonldap::NG::Portal::Simple to use Apache SSLv3 mechanism: we've just to verify that $ENV{SSL_CLIENT_S_DN_Email} exists. So remenber to export SSL variables to CGI.
See Lemonldap::NG::Portal::Simple for usage and other methods.
SEE ALSO
Lemonldap::NG::Portal, Lemonldap::NG::Portal::Simple
AUTHOR
Xavier Guimard, <x.guimard@free.fr>
COPYRIGHT AND LICENSE
Copyright (C) 2005-2007 by Xavier Guimard <x.guimard@free.fr>
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.4 or, at your option, any later version of Perl 5 you may have available.