Lemonldap::NG::Handler::Nginx - Lemonldap::NG FastCGI handler for Nginx.
FastCGI server:
use Lemonldap::NG::Handler::Nginx; Lemonldap::NG::Handler::Nginx->run( {} );
Launch it with plackup:
plackup -s FCGI --listen /tmp/llng.sock --no-default-middleware
Configure Nginx:
http { log_format lm_combined '$remote_addr - $lmremote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent"'; server { server_name test1.example.com; access_log /log/file lm_combined # Internal authentication request location = /lmauth { internal; include /etc/nginx/fastcgi_params; fastcgi_pass unix:__FASTCGISOCKDIR__/llng-fastcgi.sock; # Drop post datas fastcgi_pass_request_body off; fastcgi_param CONTENT_LENGTH ""; # Keep original hostname fastcgi_param HOST $http_host; # Keep original request (LLNG server will received /llauth) fastcgi_param X_ORIGINAL_URI $request_uri; } # Client requests location / { # Activate access control auth_request /lmauth; # Set logs auth_request_set $lmremote_user $upstream_http_lm_remote_user; auth_request_set $lmlocation $upstream_http_location; error_page 401 $lmlocation; try_files $uri $uri/ =404; # Add as many 3-lines block as max number of headers returned by # configuration auth_request_set $headername1 $upstream_http_headername1; auth_request_set $headervalue1 $upstream_http_headervalue1; #proxy_set_header $headername1 $headervalue1; # OR #fastcgi_param $fheadername1 $headervalue1; auth_request_set $headername2 $upstream_http_headername2; auth_request_set $headervalue2 $upstream_http_headervalue2; #proxy_set_header $headername2 $headervalue2; # OR #fastcgi_param $fheadername2 $headervalue2; auth_request_set $headername3 $upstream_http_headername3; auth_request_set $headervalue3 $upstream_http_headervalue3; #proxy_set_header $headername3 $headervalue3; # OR #fastcgi_param $fheadername3 $headervalue3; } }
Lemonldap::NG is a modular Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application.
It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space as described below.
Lemonldap::NG::Handler::Nginx provides a FastCGI server that can be used by Nginx as authentication server.
Lemonldap::NG::Handler, http://lemonldap-ng.org/, http://nginx.org/en/docs/http/ngx_http_auth_request_module.html
Use OW2 system to report bug or ask for features: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues
Lemonldap::NG is available at http://forge.objectweb.org/project/showfiles.php?group_id=274
This library is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.
To install Lemonldap::NG::Handler, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Lemonldap::NG::Handler
CPAN shell
perl -MCPAN -e shell install Lemonldap::NG::Handler
For more information on module installation, please visit the detailed CPAN module installation guide.