Free lemonldap ng portal software for linux

Lemonldap::NG::Portal is a Perl extension for building Lemonldap compatible portals.

SYNOPSIS

use Lemonldap::NG::Portal;
my $portal = new Lemonldap::NG::Portal(
domain => gendarmerie.defense.gouv.fr,
storageModule => Apache::Session::MySQL,
storageOptions => {
DataSource => dbi:mysql:database=dbname;host=127.0.0.1,
UserName => db_user,
Password => db_password,
TableName => sessions,
LockDataSource => dbi:mysql:database=dbname;host=127.0.0.1,
LockUserName => db_user,
LockPassword => db_password,
},
ldapServer => ldap.domaine.com,
cookie_secure => 1,
);
# Example of overloading: choose the LDAP variables to store
$portal->{setSessionInfo} = sub {
my ($self) = @_;
foreach $_ qw(uid cn mail appli) {
$self->{sessionInfo}->{$_} = $entry->get_value($_);
}
PE_OK;
};

if($portal->process()) {
# Write here the menu with CGI methods. This page is displayed ONLY IF
# the user was not redirected here.
print $portal->header; # DONT FORGET THIS (see L )
print "...";

# or redirect the user to the menu
print $portal->redirect( -uri => https://portal/menu);
}
else {
# Write here the html form used to authenticate with CGI methods.
# $portal->error returns the error message if athentification failed
# Warning: by defaut, input names are "user" and "password"
print $portal->header; # DONT FORGET THIS (see L )
print "...";
print ;
# In your form, the following value is required for redirection
print ;
# Next, login and password
print Login :
;
print Password : ;
print ;
}

Lemonldap is a simple Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application (they just have to read some headers for accounting).

It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space. There are two ways to build a cross domain authentication:

Cross domain authentication itself (Lemonldap::Portal::Cda (not yet implemented in Lemonldap::NG))

Liberty Alliance (See Lemonldap::ServiceProvider and Lemonldap::IdentityProvider)
This library is a way to build Lemonldap compatible portals. You can use it either by inheritance or by writing anonymous methods like in the example above.

Lemonldap::Portal::Cda is a Cross Domain Authentification Perl extension for Lemonldap SSO.

SYNOPSIS

use Lemonldap::Portal::Cda;
my $stack_user= Lemonldap::Portal::Cda->new(type=> master);
or my $stack_user= Lemonldap::Portal::Cda->new(type=> slave);

Lemonldap is a SSO system under GPL. Sometimes you have two or more domains (.bar.foo and .bar.foo2) The CDA :Cross Domain Authentification manages and centralize all credentials on all domains . CDA works with redirection in order to catch the credential cookie.

You may use an objet "master" domain with a "slave" domain . All authentification needed for the "slave" domain will be redirected on the "master" domain

METHODS

new (type => master|slave);

process (param => %params, bar => foo );

The process method alway return an error 8 (message = CDA requested) .

The master CDA just do a redirection with the id_session in the params of url GET . The slave CDA uses the id_session send by master for put on fly a cookie on slave domain.
see directory examples.

(url_encoded,url_decoded) : getAllRedirection

return the initial request encoded in Base64 and plaintext url

string : getSession

return the id_session or false .

string : message() ;

return the text of error

int : error() ;

return the number of error

Lemonldap::Portal::Session is a Perl extension for Lemonldap websso.

SYNOPSIS

use Lemonldap::Portal::Session;

my $paramxml = $test->{DefinitionSession} ; # $test is the result of XML parsing
my $obj = Lemonldap::Portal::Session->init ($paramxml,entry =>$entry) ;

Lemonldap::Portal::Session is a parser of XML description of session to keys,values of hash .

It is a piece of lemonldap websso framework . see eg directory for implementation .

Lemonldap::Portal::Standard is a Perl extension for the Lemonldap SSO system.

SYNOPSIS

use Lemonldap::Portal::Standard;
sub my_method {
my $self = shift;
my $user = $self->{user};
$user.="-cp" if $user !~ /-cp$/;
$self->{user} = $user;
return ;
}

my $message = ;
my %params =Vars;
my $stack_user=Lemonldap::Portal::Standard->new(formateUser => &my_method);
my $urlc;
my $urldc;
$retour=$stack_user->process(param => %params,
server => $ReverseProxyConfig::ldap_serveur,
port => $ReverseProxyConfig::ldap_port,
DnManager => $ReverseProxyConfig::ldap_admin_dn,
passwordManager => $ReverseProxyConfig::ldap_admin_pd,
branch => $ReverseProxyConfig::ldap_branch_people
);
if ($retour) {
$message=$retour->message;
$erreur=$retour->error;
}

See in directory examples for more details

Lemonldap is a SSO system under GPL. The authentification phase need to display a form with user / password . Standard.pm manage all the cycle of authentification :

step 0 : setting configuration
step 1 : manage the source of request
step 2 : manage timeout
step 3 : control the input form of user and password
step 4 : formate the userid if needing
step 5 : build the filter for the search
step 6 : build subtree for the search ldap
step 7 : make socket upon ldap server
step 8 : bind operation
step 9 : make search
step 10 : confection of %session from ldap infos
step 11 : unbind
step 12 : re-bind for validing users credentials
Any step can bee overload for include your custom method.
standards errors messages :

1 => Your connection has expired; You must to be authentified once again,
2 => User and password fields must be filled,
3 => Wrong directory manager account or password ,
4 => not found in directory,
5 => wrong credentials ,

warning the value 9 for error message is returned then the form is empty ist not an real error , perhaps its the initial request.

Apache Portals is a collaborative software development project dedicated to providing robust, full-featured, commercial-quality, and freely available Portal related software on a wide variety of platforms and programming languages.

This project is managed in cooperation with various individuals worldwide (both independent and company-affiliated experts), who use the Internet to communicate, plan, and develop Portal software and related documentation.

Modern software is complex and expensive, which has motivated many companies to invest in enterprise portals as a mechanism by which they can manage information in a cohesive and structured fashion.

Portals offer many advantages over other software applications. First, they provide a single point of entry for employees, partners, and customers. Second, portals can access Web services transparently from any device in virtually any location. Third, portals are highly flexible; they can exist in the form of B2E intra-nets, B2B extra-nets, or B2C inter-nets. Fourth, portals can be combined to form a portal network that can span a companys entire enterprise system, allowing for access both inside and outside the firewall.

Portals have many advantages, which is why they have become the de facto standard for Web application delivery. In fact, analysts have predicted that portals will become the next generation for the desktop environment.

Portals distinguish themselves from other software systems because they provide the ability to integrate disparate systems and leverage the functionality provided by those systems. As such, they are not mutually exclusive, and do not force you into an either-or decision vis-a-vis existing software systems. This point is of paramount importance, particularly when you consider the fact that Web services are destined to fuel the explosion of Web applications. Since portals can access any Web services, the conclusion is inescapable: portals provide a unique opportunity to leverage the functionality of nascent technologies as well as mature, well-established software systems.

SchoolAlumni Portal project is a Web portal for a high school alumni site.
It features a content management system and online news publishing tools.
It can create an unlimited weblink category, publish articles with images, run an alumni list with edit-delete-update features, provide a forum, provide classified ads, and more.
Enhancements:
- You can now log out from two places; if you are logged in as the admin you can logout from the admin screen, and you can logout a user from the main list page.
- If you click on edit while viewing someone elses record, and you are logged in, you will get your record, otherwise you will be prompted to login.

Lemonldap::Cluster::Status is a Perl extension for apache cluster server-status.

SYNOPSIS

use Lemonldap::Cluster::Status ;
my $serverstatus = Lemonldap::Cluster::Status->new (
ADMIN => title on top of page ,
node1 => 10.ip.ip.ip,
node2 => server1.net,
foo => server2.net,
bar => 10.ip.ip.ip,
);
$serverstatus->analyze;
my $a=$serverstatus->PrintHtml;

This module aggregates sereval server-status pages (from apache) in one page.

Its usefull in order to manage cluster, or for working with nagios and cacti

This version understands refresh=nb_of_second parameters like mod_status

Your servers (nodes) MUST TO BE turn on extended status mode (see apache doc)

This module may be used in sereval ways :

1) Like a package (see bellow)
2) Embeded in CGI script :(see StatusCGI.pl)
3) With modperl : (see StatusMP.pm)
4) Like lemonldap websso composant :(see Statuslemonldap.pm)

ONLY last way NEEDS another Lemonldap composant . Thus this module is independent of lemonldap websso.

The server-status report seems to be issu of real apache server.

The apache server wich implements server-status summary doesnt need to be a nodes .

Opennap NG project is a Napster-like sever based on Opennap.
It offers more security features, bugfixes, WinMX abuse tracking/penalizing, and new features.
Enhancements:
Major bug fixes
- Ghosts are fixed properly. Ticket #5
- The older of the two users is expired, the newer one is resynced across the network as if the user has just logged into the network. No users are killed, easier on the users and the servers.
- Ghost kill timer
- New configuration variable to delay ghosts from logging back in so they do not bounce between servers.
- Server crash when linking a server with an invalid_nick already online. Ticket #3
- A nasty crash involving linking a server with an invalid_nick online has been fixed.
- Tag 10018, server encapsulated, has been fixed. Ticket #27
- Previously it would broadcast to the entire network, now it only sends the data to the server the intended recipient is located on. Incredible bandwidth reduction.
- Memory Usage in all supported OS. Ticket #14, #16
- Memory usage in stats works for Linux, FreeBSD, and Win32 now. Also included are load averages, swapped ram, etc.
Minor bug fixes
- Search on Linux now works perfectly. Ticket #8, #21
- Searching on Linux was globbing the first character of search strings, and some older GCC versions hosed up network searches.
- Debug now compiles/works
- Debug has been broken for a while, its now working again.
- Increased BUFFER_LENGTH to 16k
- Increased buffer length improves memory return on *nix when previously no memory could be returned to the system.
- Backwards Bans have been fixed. Ticket #18
- Some backwards bans were due to matching invalid_nick, the checking is better now.
- Conversion of wasteful types.
- Where it made sense, variable types were changed from int to bool to save ram.
New enhancements
- Extended statistics port
- A new port has been added that gives LOTS of information out for tracking server/network status in a program like Cacti. More on this to come, well soon provide templates and information to set this up yourself, as well as example output.
- Operserv control over log_level
- A new Operserv command, loglevel, allows easy adjustment of log levels, such as "loglevel all -debug", "loglevel +debug", etc.
- Expanded whois information. Ticket #15
- Shows friend, muzzled, and or criminal status. It shows every status of a current user, such as FRIEND MUZZLED.
- Dynamic filters file. Ticket #28
- Adds filter keywords into the filter file if theyre seen >5000 times, same as the server has always done internally, but now the changes are kept.
- Win32 compiled with Visual Studio .net
- Includes all project files, used with the download link on the File Releases page, anyone can recompile the Win32 binary now if they wish.
- Improved autogen.sh. Ticket #19
- Smarter autogen.sh for easier compiling of dev code for FreeBSD users
Current known bugs
- Ghost-synced users sometimes still out of sync. Ticket #30*
- Sometimes lagged users, or users on lagged servers, when they ghost their server hash entry gets mixed. Happens very seldom, perhaps one an hour. Currently worked-around by killing the offending user.
- Other bugs being worked on for 0.49. Current open bugs.