Lemonldap::Handlers::Generic - Perl extension for Lemonldap sso system Lemonldap::Handlers::Generic4a2 - Handler for Apache2 Lemonldap SSO system
..... perltranshandler Lemonldap::Handlers::Generic4a2 .....
Generic4a2 is the central piece of websso framework . This module provides several methods but the principal goal of this is the handler function . It can be combined with mod_proxy or mod_rewrite and all other apache's modules . It provides also an built-in http proxy with LWP . see http://lemonldap.sf.net for more infos .
A minimal configuration must provide infos about :
PerlSetVar ConfigFile /usr/local/apache/conf/config_demo1.xml The filename of the mean XML Config :It's REQUIRED
PerlSetVar Domain demo.net It fixes the value of domain for the application protected by this handler (see below)
Perlsetvar HandlerID <xml section> It fixes the value of XML section in config
<virtualHost 127.0.0.1:80> servername authen.demo.net PerlModule Apache2::compat PerlModule Bundle::Apache2 PerlModule Lemonldap::Handlers::Generic4a2 perltranshandler Lemonldap::Handlers::Generic4a2 PerlSetVar Domain demo.net PerlSetVar Configfile /usr/local/apache/conf/application_new.xml PerlSetVar HandlerID myintranet proxypass /intranet http://lemonldap.sourceforge.net proxypassreverse /intranet http://lemonldap.sourceforge.net documentroot /usr/local/apache/htdocs </virtualhost> In /usr/local/apache/conf/application_new.xml <lemonconfig> <domain id="demo.net" Cookie="lemondemo" > <handler id="myintranet" DisableAccessControl= "1" /> </domain> </lemonconfig> Now you can put http://authen.demo.net/intranet/ in your browser and you will see lemonldap's site AND now you can control who and where goes on your site . You can pass parameters from httpd.conf with perlsetvar facilities or put them in xml file
It's the mean function which does all jobs . If the enebledproxy parameter is set to 1 ,this function will push proxy_handler function reference on the handler's stack . If not it returns DECLINED (mod_proxy will be actived)
It's the built-in proxy (LWP) web embedded in lemonldap framework . It is actived by enabledproxy parameter . Some parameters are about this proxy and its behaviour
append this keyword at the end of url and you will can see all headers send to host. Available ONLY with built-in proxy
Generic4a2 is build arround perl's modules .
Those modules are :
collection of functions
It provides basics services like the cache service, forge header service or authorization service. Core.pm can use YOUR own services for all this cycle . It's plugger . Lemonldap framework is available with somes services but you can with Core.pm propose your own schemas. News parameters were added in XML DTD in order to describe the sequence.
manage authorization process , based on the hash of session (like preceding version)
manage the backend of session (cache level 3 and 4 )
manage the construction of header
Rewrite on fly html source in order to ajust somes tags like BASE , href or src Available ONLY with built-in proxy
Keep in mind that the handler doesn't know HOW authenticate anybody but only knows WHERE authenticate . The parameter 'portal' tells it where to send the authentification request.
Thre are three levels of cache in lemonldap . *First cache (level 1) is a very KISS , it's a memory structure in the program . *Next cache (level 2) is realised by using berkeleyDB hash *Last cache (level 3) is realised by using memcached (see Apache::Session::Memorycached on CPAN)
"Writing Apache Modules with Perl and C" by Lincoln Stein & Doug MacEachern - O'REILLY
Copyright (C) 2004 by Eric German & Isabelle Serre
Lemonldap originaly written by Eric german who decided to publish him in 2003 under the terms of the GNU General Public License version 2.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 dated June, 1991. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. A copy of the GNU General Public License is available in the source tree; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.