Maciej Pasternacki > Apache2-Authen-OdinAuth-0.4 > Apache2::Authen::OdinAuth

Download:
Apache2-Authen-OdinAuth-0.4.tar.gz

Dependencies

Annotate this POD

CPAN RT

New  1
Open  0
View/Report Bugs
Module Version: 0.4   Source   Latest Release: Apache2-Authen-OdinAuth-0.6

NAME ^

Apache2::Authen::OdinAuth - A cookie-based single sign-on module for Apache.

VERSION ^

Version 0.4

SYNOPSIS ^

This module defines an Apache handler for the Odin Authenticator single sign-on system. The system is based on the GodAuth script, available at http://github.com/exflickr/GodAuth/.

USAGE ^

To make Apache use the handler for authentication, enable mod_perl and add following directives in apache2.conf:

    PerlSetVar odinauth_config /path/to/odin_auth.yml
    PerlFixupHandler Apache2::Authen::OdinAuth

The PerlSetVar statement needs to be global; the PerlFixupHandler statement can be global or occur in a VirtualHost, Directory, or Location section.

YAML CONFIG

The handler reads (and automatically reloads if it's older than reload_timeout seconds) an additional YAML config file. It sets configures the shared secret, cookie name, authorizer app URL, and permissions (which are unfortunately regexp-based).

A sample configuration file looks like this:

    # Sample config for Apache2::Authen::OdinAuth
    
    permissions:
      # URLs no auth
      - url: !!perl/regexp ^localhost
        who: all
      # Require a role
      - url: !!perl/regexp ^dev\.myapp\.com
        who: role:admin
      # Require username
      - url: !!perl/regexp ^debug\.myapp\.com/
        who: cal
      # A list is fine too
      - url: !!perl/regexp ^debug2\.myapp\.com/
        who:
          - role:devel
          - cal
          - myles
      # Allow any authenticated user
      - url: !!perl/regexp ^debug3\.myapp\.com/
        who: authed
    
    
    # log_file: /tmp/odin.log
    secret: ****************
    reload_timeout: 600
    need_auth_url: http://example.com/?NA
    invalid_cookie_url: http://example.com/?CIU
    not_on_list_url: http://example.com/?NOL
    cookie: oa

NOTE: The config is better than original GodAuth configuration, but will probably need to be refactored; it would be best to make it live inside Apache's configuration. I'm still not sure how to make it happen in mod_perl.

AUTHOR ^

Maciej Pasternacki, <maciej at pasternacki.net>

BUGS ^

Please report any bugs or feature requests to bug-apache2-authen-odinauth at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Apache2-Authen-OdinAuth. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.

SUPPORT ^

You can find documentation for this module with the perldoc command.

    perldoc Apache2::Authen::OdinAuth

You can also look for information at:

ACKNOWLEDGEMENTS ^

LICENSE AND COPYRIGHT ^

Copyright 2012 Maciej Pasternacki.

This program is free software; you can redistribute it and/or modify it under the terms of either: the GNU General Public License as published by the Free Software Foundation; or the Artistic License.

See http://dev.perl.org/licenses/ for more information.

syntax highlighting: