NAME
Lemonldap::NG::Portal::AuthSSL - Perl extension for building Lemonldap::NG compatible portals with SSL authentication.
SYNOPSIS
With Lemonldap::NG::Portal::SharedConf, set authentication field to "SSL" in configuration database.
With Lemonldap::NG::Portal::Simple:
my
$portal
= new Lemonldap::NG::Portal::Simple(
domain
=>
'example.com'
,
globalStorage
=>
'Apache::Session::MySQL'
,
globalStorageOptions
=> {
DataSource
=>
'dbi:mysql:database'
,
UserName
=>
'db_user'
,
Password
=>
'db_password'
,
TableName
=>
'sessions'
,
},
ldapServer
=>
'ldap.domaine.com'
,
securedCookie
=> 1,
authentication
=>
'SSL'
,
# SSLVar : default SSL_CLIENT_S_DN_Email the mail address
SSLVar
=>
'SSL_CLIENT_S_DN_CN'
,
);
if
(
$portal
->process()) {
# Write here the menu with CGI methods. This page is displayed ONLY IF
# the user was not redirected here.
$portal
->header;
# DON'T FORGET THIS (see CGI(3))
"..."
;
# or redirect the user to the menu
}
else
{
# If the user enters here, IT MEANS THAT YOUR SSL PARAMETERS ARE BAD
$portal
->header;
# DON'T FORGET THIS (see CGI(3))
"<html><body><h1>Unable to work</h1>"
;
"This server isn't well configured. Contact your administrator."
;
"</body></html>"
;
}
Modify your httpd.conf:
<Location /My/File>
SSLVerifyClient
require
SSLOptions +ExportCertData +CompatEnvVars +StdEnvVars
</Location>
DESCRIPTION
This library just overload few methods of Lemonldap::NG::Portal::Simple to use Apache SSLv3 mechanism: we've just to verify that $ENV{SSL_CLIENT_S_DN_Email}
exists. So remenber to export SSL variables to CGI.
See Lemonldap::NG::Portal::Simple for usage and other methods.
SEE ALSO
Lemonldap::NG::Portal, Lemonldap::NG::Portal::Simple, http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation
AUTHOR
Xavier Guimard, <x.guimard@free.fr>
BUG REPORT
Use OW2 system to report bug or ask for features: http://forge.objectweb.org/tracker/?group_id=274
DOWNLOAD
Lemonldap::NG is available at http://forge.objectweb.org/project/showfiles.php?group_id=274
COPYRIGHT AND LICENSE
Copyright (C) 2005-2007 by Xavier Guimard <x.guimard@free.fr>
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.4 or, at your option, any later version of Perl 5 you may have available.