Free lemonldap portal cda 0.02 software for linux

Lemonldap::Portal::Cda is a Cross Domain Authentification Perl extension for Lemonldap SSO.

SYNOPSIS

use Lemonldap::Portal::Cda;
my $stack_user= Lemonldap::Portal::Cda->new(type=> master);
or my $stack_user= Lemonldap::Portal::Cda->new(type=> slave);

Lemonldap is a SSO system under GPL. Sometimes you have two or more domains (.bar.foo and .bar.foo2) The CDA :Cross Domain Authentification manages and centralize all credentials on all domains . CDA works with redirection in order to catch the credential cookie.

You may use an objet "master" domain with a "slave" domain . All authentification needed for the "slave" domain will be redirected on the "master" domain

METHODS

new (type => master|slave);

process (param => %params, bar => foo );

The process method alway return an error 8 (message = CDA requested) .

The master CDA just do a redirection with the id_session in the params of url GET . The slave CDA uses the id_session send by master for put on fly a cookie on slave domain.
see directory examples.

(url_encoded,url_decoded) : getAllRedirection

return the initial request encoded in Base64 and plaintext url

string : getSession

return the id_session or false .

string : message() ;

return the text of error

int : error() ;

return the number of error

Lemonldap::NG::Portal::AuthSsl is a Perl extension for building Lemonldap compatible portals based on SSL v3 mechanisms.

SYNOPSIS

use Lemonldap::NG::Portal::AuthSsl;
my $portal = new Lemonldap::NG::Portal(
domain => gendarmerie.defense.gouv.fr,
storageModule => Apache::Session::MySQL,
storageOptions => {
DataSource => dbi:mysql:database,
UserName => db_user,
Password => db_password,
TableName => sessions,
},
ldapServer => ldap.domaine.com,
cookie_secure => 1,
);
# Example of overloading: choose the LDAP variables to store
$portal->{setSessionInfo} = sub {
my ($self) = @_;
foreach $_ qw(uid cn mail appli) {
$self->{sessionInfo}->{$_} = $entry->get_value($_);
}
PE_OK;
};

if($portal->process()) {
# Write here the menu with CGI methods. This page is displayed ONLY IF
# the user was not redirected here.
print $portal->header; # DONT FORGET THIS (see CGI(3))
print "...";

# or redirect the user to the menu
print $portal->redirect( -uri => https://portal/menu);
}
else {
# Write here the html form used to authenticate with CGI methods.
# $portal->error returns the error message if athentification failed
# Warning: by defaut, input names are "user" and "password"
print $portal->header; # DONT FORGET THIS (see CGI(3))
print "...";
print < form method="POST" >;
# In your form, the following value is required for redirection
print < input type="hidden" name="url" value=".$portal->param(url)." >;
# Next, login and password
print Login : < input name="user" >< br >;
print Password : < input name="pasword" type="password" autocomplete="off" >;
print < /form >;
}
Modify your httpd.conf:
< Location /My/File >
SSLVerifyClient require
SSLOptions +ExportCertData +CompatEnvVars +StdEnvVars
< /Location >

Lemonldap is a simple Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application (they just have to read some headers for accounting).

It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space. There are two ways to build a cross domain authentication:

Cross domain authentication itself (Lemonldap::Portal::Cda (not yet implemented in Lemonldap::NG))

"Liberty Alliance" (Lemonldap::LibertyAlliance::*)

This library just overload few methods of Lemonldap::NG::Portal to use Apache SSLv3 mechanism: weve just to verify that $ENV{SSL_CLIENT_S_DN_Email} exists. So remenber to export SSL variables to CGI.

See Lemonldap::NG::Portal for usage and other methods.

Lemonldap::Portal::Sslsso is a Perl extension for the Lemonldap SSO system.

SYNOPSIS

use Lemonldap::Portal::Sslsso;

my $message ;
my %params =Vars;
my $stack_user=Lemonldap::Portal::Ssslsso->new(formateUser => &my_method);
my $urlc;
my $urldc;
$retour=$stack_user->process(param => %params,
server => $ReverseProxyConfig::ldap_serveur,
port => $ReverseProxyConfig::ldap_port,
DnManager => $ReverseProxyConfig::ldap_admin_dn,
passwordManager => $ReverseProxyConfig::ldap_admin_pd,
branch => $ReverseProxyConfig::ldap_branch_people,
id_certif => $ENV{SSL_CLIENT_S_DN_Email} ,
field_certif=>mail
);
if ($retour) {
$message=$retour->message;
$erreur=$retour->error;
}

See in directory examples for more details
DESCRIPTION ^
Lemonldap is a SSO system under GPL.
In SSL environment all jobs are made by mod_ssl .
In this case params user and password are useless.
Sslsso.pm manages all the cycle of authentification : The users mail is in the client certificate then the module ll retrieve the ldap Entry.
The OCSP protocol is available with the last release of mod_ssl.

step 0 : setting configuration
step 1 : manage the source of request
step 2 : manage timeout
step 3 : control the input form of user and password
step 4 : formate the userid if needing
step 5 : build the filter for the search
step 6 : build subtree for the search ldap
step 7 : make socket upon ldap server
step 8 : bind operation
step 9 : make search
step 10 : confection of %session from ldap infos
step 11 : unbind
Any step can bee overload for include your custom method.
standards errors messages :

1 => Your connection has expired; You must to be authentified once again,
3 => Wrong directory manager account or password ,
4 => not found in directory,

Lemonldap::Portal::Session is a Perl extension for Lemonldap websso.

SYNOPSIS

use Lemonldap::Portal::Session;

my $paramxml = $test->{DefinitionSession} ; # $test is the result of XML parsing
my $obj = Lemonldap::Portal::Session->init ($paramxml,entry =>$entry) ;

Lemonldap::Portal::Session is a parser of XML description of session to keys,values of hash .

It is a piece of lemonldap websso framework . see eg directory for implementation .

Lemonldap::NG::Handler is a Perl extension for building a Lemonldap compatible handler.

SYNOPSIS

Create your own package:

package My::Package;
use Lemonldap::NG::Handler;

our @ISA = qw(Lemonldap::NG::Handler);

__PACKAGE__->init ({locationRules => { default => $ou =~ /brh/},
globalStorage => Apache::Session::MySQL,
globalStorageOptions => {
DataSource => dbi:mysql:database=dbname;host=127.0.0.1,
UserName => db_user,
Password => db_password,
TableName => sessions,
LockDataSource => dbi:mysql:database=dbname;host=127.0.0.1,
LockUserName => db_user,
LockPassword => db_password,
},
localStorage => Cache::DBFile,
localStorageOptions => {},
portal => https://portal/,
});

More complete example
package My::Package;
use Lemonldap::NG::Handler;

our @ISA = qw(Lemonldap::NG::Handler);

__PACKAGE__->init ( { locationRules => {
^/pj/.*$ => q($qualif="opj"),
^/rh/.*$ => q($ou=~/brh/),
^/rh_or_opj.*$ => q($qualif="opj or $ou=~/brh/),
default => accept, # means that all authenticated users are greanted
},
globalStorage => Apache::Session::MySQL,
globalStorageOptions => {
DataSource => dbi:mysql:database=dbname;host=127.0.0.1,
UserName => db_user,
Password => db_password,
TableName => sessions,
LockDataSource => dbi:mysql:database=dbname;host=127.0.0.1,
LockUserName => db_user,
LockPassword => db_password,
},
localStorage => Cache::DBFile,
localStorageOptions => {},
cookieName => lemon,
portal => https://portal/,
whatToTrace => $uid,
exportedHeaders => {
Auth-User => $uid,
Unit => $ou,
https => 1,
}
);
Call your package in < apache-directory>/conf/httpd.conf
PerlRequire MyFile
# TOTAL PROTECTION
PerlInitHandler My::Package
# OR SELECTED AREA
< Location /protected-area >
PerlInitHandler My::Package
< /Location >

X Portal project is a powerful CMS (content management system) which can handle multiple language files.
English and Hungarian languages are included in the basic package. The engine was taken from phpnuke-textportal.
Enhancements:
- autoHALT automatically logs out when the browser is closed.
- Security was enhanced with lots of new security tools.

Root-Portal is a GNOME program that monitors files, processes etc and displays changes either directly to the desktop or in a transparent border-less window. This is useful for monitoring system logs and for providing feedback on system activities.

Root Portal is a way to do stuff on your desktop in the background. We find it useful as a monitor of system log files such as /var/log/messages and /var/log/xferlog and /var/log/httpd/access_log etc etc.

You can have as many spots, or portals of text on the screen as you want in varying size and varying font and colour and practically any other property you care to think of. They can have the added advantage of being transcient so that you can still see your background picture underneith the text.

As well as this, using the roottext module, you can run programs such as xsnow and the snow flakes will not disappear because of the text, they will pass through it. Using the module such as gnometext allows you to shade the background and put alternate images as backgrounds for your portals.

You may also shade these custom backgrounds, the only disadvantage to this system is that programs such as xsnow cannot mix their graphics with this and disappear behind them. The only other difference between the two is that the root text can handle non-fixed sized fonts with a breeze.

Because the gnome module is using zvt, it currently does no like non-fixed sized fonts too much at all. We are hoping the author of zvt will change this in later releases of his library. As well as the file tailing facility to monitor log files, there is also a loading monitor, to show you when a new process has been created and when a process has been destroyed.
Basically this is a pretty anti-paranoia program for people who sit at their desktops and wonder who is doing what to them from the outside, what is running what on their system, and why their harddisk is suddenly ticking over for no reason *aha, crond is doing something weird*

Lemonldap::NG::Handler::Vhost is a Perl extension for building a Lemonldap compatible handler able to manage Apache virtual hosts.

SYNOPSIS

Create your own package:
package My::Package;
use Lemonldap::NG::Handler::Vhost;

# IMPORTANT ORDER
our @ISA = qw (Lemonldap::NG::Handler::Vhost Lemonldap::NG::Handler);

__PACKAGE__->init ( { locationRules => {
vhost1.dc.com => {
default => $ou =~ /brh/
},
vhost2.dc.com => {
^/pj/.*$ => q($qualif="opj"),
^/rh/.*$ => q($ou=~/brh/),
^/rh_or_opj.*$ => q($qualif="opj or $ou=~/brh/),
default => accept,
},
# Put here others Lemonldap::NG::Handler options
}
);
Other example, using Lemonldap::NG::Handler::SharedConf
package My::Package;
use Lemonldap::NG::Handler::SharedConf;
use Lemonldap::NG::Handler::Vhost;

# IMPORTANT ORDER
# our @ISA = qw (Lemonldap::NG::Handler::Vhost Lemonldap::NG::Handler::SharedConf);

__PACKAGE__->init ... # as using Lemonldap::NG::Handler::SharedConf alone
Change configuration
__PACKAGE__->setConf ( {
locationRules => {
vhost1.dc.com => {
default => $ou =~ /brh/
},
vhost2.dc.com => {
^/pj/.*$ => q($qualif="opj"),
^/rh/.*$ => q($ou=~/brh/),
^/rh_or_opj.*$ => q($qualif="opj or $ou=~/brh/),
default => accept,
},
},
exportedHeaders => {
vhost1.dc.com => {
Authorization=>"Basic ".MIME::Base64::encode_base64($uid),
User-Auth => $uid,
},
vhost2.dc.com => {
User-Auth => $uid,
},
}
# Put here others Lemonldap::NG::Handler::SharedConf options
}
);
Call your package in /conf/httpd.conf
PerlRequire MyFile
PerlInitHandler My::Package

Lemonldap is a simple Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application (they just

This library provides a way to protect Apache virtual hosts with Lemonldap.