Lemonldap::NG::Portal - The authentication portal part of Lemonldap::NG Web-SSO system.
Use any of Plack launcher. Example:
#!/usr/bin/env plackup use Lemonldap::NG::Portal; # This must be the last instruction! See PSGI for more Lemonldap::NG::Portal->run($opts);
Lemonldap::NG is a modular Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application.
It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space as described below.
Lemonldap::NG::Portal provides portal components. See http://lemonldap-ng.org for more.
The portal object is based on Lemonldap::NG::Handler::Try: underlying handler tries to authenticate user and then follow the routes (auth/unauth) declared during initialization.
The initialisation process subscribes portal to handler configuration reload and ask for handler initialization (Lemonldap::NG::Portal::Main::Init). So configuration read is triggered by handler at each reload.
During configuration reload, every enabled components are loaded as plugins:
init() is called for each plugin. If one plugin initialization fails (init() returns 0), the portal responds a 500 status code for each request.
See Lemonldap::NG::Portal::Main::Plugin to see how to write modules.
do() stores methods to call in $req->steps and launches Lemonldap::NG::Portal::Main::Process::process(). This method removes each method stored in $req->steps and launches it. If the result is PE_OK, process() continues, else it returns the error code.
If the request was an Ajax one, do() responds in JSON format else it manages redirection if any. Else it calls Lemonldap::NG::Portal::Main::Display::display() to have template and arguments, then it launch Lemonldap::NG::Common::PSGI::sendHtml() with them.
Portal main object is defined in Lemonldap::NG::Portal::Main::* classes. Other components are plugins. Plugins must not store any hash key in the main object.
Main and plugin keys must be initializated during initialization. They must be read-only during receiving requests.
The Lemonldap::NG::Portal::Main::Request request has fixed keys. A plugin that wants to store a temporary key must store it in $req->datas or use defined keys, but it must never create a root key. Plugin keys may have explicit names to avoid conflicts.
Whole configuration is always available. It is stored in $self->conf. It must not be modified by anyone even during initialization or receiving request (during initialization, copy the value in the plugin namespace instead).
All plugins can dial with the portal methods using $self->p which points to portal main object. Some main methods are mapped to the plugin namespace:
Most of the documentation is available on the website http://lemonldap-ng.org
Use OW2 system to report bug or ask for features: http://jira.ow2.org
Lemonldap::NG is available at http://forge.objectweb.org/project/showfiles.php?group_id=274
See COPYING file for details.
This library is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.