Apache2::Authen::OdinAuth - A cookie-based single sign-on module for Apache.
Version 0.3
This module defines an Apache handler for the Odin Authenticator single sign-on system. The system is based on the GodAuth script, available at http://github.com/exflickr/GodAuth/.
To make Apache use the handler for authentication, enable mod_perl and add following directives in apache2.conf:
PerlSetVar odinauth_config /path/to/odin_auth.yml PerlFixupHandler Apache2::Authen::OdinAuth
The PerlSetVar statement needs to be global; the PerlFixupHandler statement can be global or occur in a VirtualHost, Directory, or Location section.
PerlSetVar
PerlFixupHandler
VirtualHost
Directory
Location
The handler reads (and automatically reloads if it's older than reload_timeout seconds) an additional YAML config file. It sets configures the shared secret, cookie name, authorizer app URL, and permissions (which are unfortunately regexp-based).
reload_timeout
A sample configuration file looks like this:
# Sample config for Apache2::Authen::OdinAuth permissions: # URLs no auth - url: !!perl/regexp ^localhost who: all # Require a role - url: !!perl/regexp ^dev\.myapp\.com who: role:admin # Require username - url: !!perl/regexp ^debug\.myapp\.com/ who: cal # A list is fine too - url: !!perl/regexp ^debug2\.myapp\.com/ who: - role:devel - cal - myles # Allow any authenticated user - url: !!perl/regexp ^debug3\.myapp\.com/ who: authed # log_file: /tmp/odin.log secret: **************** reload_timeout: 600 need_auth_url: http://example.com/?NA invalid_cookie_url: http://example.com/?CIU not_on_list_url: http://example.com/?NOL cookie: oa
NOTE: The config is better than original GodAuth configuration, but will probably need to be refactored; it would be best to make it live inside Apache's configuration. I'm still not sure how to make it happen in mod_perl.
Maciej Pasternacki, <maciej at pasternacki.net>
<maciej at pasternacki.net>
Please report any bugs or feature requests to bug-apache2-authen-odinauth at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Apache2-Authen-OdinAuth. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.
bug-apache2-authen-odinauth at rt.cpan.org
You can find documentation for this module with the perldoc command.
perldoc Apache2::Authen::OdinAuth
You can also look for information at:
RT: CPAN's request tracker (report bugs here)
http://rt.cpan.org/NoAuth/Bugs.html?Dist=Apache2-Authen-OdinAuth
AnnoCPAN: Annotated CPAN documentation
http://annocpan.org/dist/Apache2-Authen-OdinAuth
CPAN Ratings
http://cpanratings.perl.org/d/Apache2-Authen-OdinAuth
Search CPAN
http://search.cpan.org/dist/Apache2-Authen-OdinAuth/
Copyright 2012 Maciej Pasternacki.
This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.
See http://dev.perl.org/licenses/ for more information.
To install Apache2::Authen::OdinAuth, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Apache2::Authen::OdinAuth
CPAN shell
perl -MCPAN -e shell install Apache2::Authen::OdinAuth
For more information on module installation, please visit the detailed CPAN module installation guide.