lemonldap sso
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 21
Lemonldap::Portal::Sslsso 0.03
Lemonldap::Portal::Sslsso is a Perl extension for the Lemonldap SSO system. more>>
Lemonldap::Portal::Sslsso is a Perl extension for the Lemonldap SSO system.
SYNOPSIS
use Lemonldap::Portal::Sslsso;
my $message ;
my %params =Vars;
my $stack_user=Lemonldap::Portal::Ssslsso->new(formateUser => &my_method);
my $urlc;
my $urldc;
$retour=$stack_user->process(param => %params,
server => $ReverseProxyConfig::ldap_serveur,
port => $ReverseProxyConfig::ldap_port,
DnManager => $ReverseProxyConfig::ldap_admin_dn,
passwordManager => $ReverseProxyConfig::ldap_admin_pd,
branch => $ReverseProxyConfig::ldap_branch_people,
id_certif => $ENV{SSL_CLIENT_S_DN_Email} ,
field_certif=>mail
);
if ($retour) {
$message=$retour->message;
$erreur=$retour->error;
}
See in directory examples for more details
DESCRIPTION ^
Lemonldap is a SSO system under GPL.
In SSL environment all jobs are made by mod_ssl .
In this case params user and password are useless.
Sslsso.pm manages all the cycle of authentification : The users mail is in the client certificate then the module ll retrieve the ldap Entry.
The OCSP protocol is available with the last release of mod_ssl.
step 0 : setting configuration
step 1 : manage the source of request
step 2 : manage timeout
step 3 : control the input form of user and password
step 4 : formate the userid if needing
step 5 : build the filter for the search
step 6 : build subtree for the search ldap
step 7 : make socket upon ldap server
step 8 : bind operation
step 9 : make search
step 10 : confection of %session from ldap infos
step 11 : unbind
Any step can bee overload for include your custom method.
standards errors messages :
1 => Your connection has expired; You must to be authentified once again,
3 => Wrong directory manager account or password ,
4 => not found in directory,
<<lessSYNOPSIS
use Lemonldap::Portal::Sslsso;
my $message ;
my %params =Vars;
my $stack_user=Lemonldap::Portal::Ssslsso->new(formateUser => &my_method);
my $urlc;
my $urldc;
$retour=$stack_user->process(param => %params,
server => $ReverseProxyConfig::ldap_serveur,
port => $ReverseProxyConfig::ldap_port,
DnManager => $ReverseProxyConfig::ldap_admin_dn,
passwordManager => $ReverseProxyConfig::ldap_admin_pd,
branch => $ReverseProxyConfig::ldap_branch_people,
id_certif => $ENV{SSL_CLIENT_S_DN_Email} ,
field_certif=>mail
);
if ($retour) {
$message=$retour->message;
$erreur=$retour->error;
}
See in directory examples for more details
DESCRIPTION ^
Lemonldap is a SSO system under GPL.
In SSL environment all jobs are made by mod_ssl .
In this case params user and password are useless.
Sslsso.pm manages all the cycle of authentification : The users mail is in the client certificate then the module ll retrieve the ldap Entry.
The OCSP protocol is available with the last release of mod_ssl.
step 0 : setting configuration
step 1 : manage the source of request
step 2 : manage timeout
step 3 : control the input form of user and password
step 4 : formate the userid if needing
step 5 : build the filter for the search
step 6 : build subtree for the search ldap
step 7 : make socket upon ldap server
step 8 : bind operation
step 9 : make search
step 10 : confection of %session from ldap infos
step 11 : unbind
Any step can bee overload for include your custom method.
standards errors messages :
1 => Your connection has expired; You must to be authentified once again,
3 => Wrong directory manager account or password ,
4 => not found in directory,
Download (0.005MB)
Added: 2007-03-22 License: Perl Artistic License Price:
946 downloads
Lemonldap::Portal::Authntsso 0.05
Lemonldap::Portal::Authntsso is a Perl extension for the Lemonldap SSO system. more>>
Lemonldap::Portal::Authntsso is a Perl extension for the Lemonldap SSO system.
SYNOPSIS
use Lemonldap::Portal::Authntsso;
sub my_method {
my $self = shift;
my $user = $self->{user};
$user.="-cp" if $user !~ /-cp$/;
$self->{user} = $user;
return ;
}
my $message = ;
my %params =Vars;
my $stack_user=Lemonldap::Portal::Authntsso->new(formateUser => &my_method);
my $urlc;
my $urldc;
$retour=$stack_user->process(param => %params,
server => $ReverseProxyConfig::ldap_serveur,
port => $ReverseProxyConfig::ldap_port,
DnManager => $ReverseProxyConfig::ldap_admin_dn,
passwordManager => $ReverseProxyConfig::ldap_admin_pd,
branch => $ReverseProxyConfig::ldap_branch_people,
BDC => $ReverseProxyConfig::BDC,
BDC_secours => $ReverseProxyConfig::BDC_secours,
ntdomain => $ReverseProxyConfig::ntdomain,
);
if ($retour) {
$message=$retour->message;
$erreur=$retour->error;
}
<<lessSYNOPSIS
use Lemonldap::Portal::Authntsso;
sub my_method {
my $self = shift;
my $user = $self->{user};
$user.="-cp" if $user !~ /-cp$/;
$self->{user} = $user;
return ;
}
my $message = ;
my %params =Vars;
my $stack_user=Lemonldap::Portal::Authntsso->new(formateUser => &my_method);
my $urlc;
my $urldc;
$retour=$stack_user->process(param => %params,
server => $ReverseProxyConfig::ldap_serveur,
port => $ReverseProxyConfig::ldap_port,
DnManager => $ReverseProxyConfig::ldap_admin_dn,
passwordManager => $ReverseProxyConfig::ldap_admin_pd,
branch => $ReverseProxyConfig::ldap_branch_people,
BDC => $ReverseProxyConfig::BDC,
BDC_secours => $ReverseProxyConfig::BDC_secours,
ntdomain => $ReverseProxyConfig::ntdomain,
);
if ($retour) {
$message=$retour->message;
$erreur=$retour->error;
}
Download (0.006MB)
Added: 2007-03-21 License: Perl Artistic License Price:
947 downloads
Lemonldap::Portal::Session 0.01
Lemonldap::Portal::Session is a Perl extension for Lemonldap websso. more>>
Lemonldap::Portal::Session is a Perl extension for Lemonldap websso.
SYNOPSIS
use Lemonldap::Portal::Session;
my $paramxml = $test->{DefinitionSession} ; # $test is the result of XML parsing
my $obj = Lemonldap::Portal::Session->init ($paramxml,entry =>$entry) ;
Lemonldap::Portal::Session is a parser of XML description of session to keys,values of hash .
It is a piece of lemonldap websso framework . see eg directory for implementation .
<<lessSYNOPSIS
use Lemonldap::Portal::Session;
my $paramxml = $test->{DefinitionSession} ; # $test is the result of XML parsing
my $obj = Lemonldap::Portal::Session->init ($paramxml,entry =>$entry) ;
Lemonldap::Portal::Session is a parser of XML description of session to keys,values of hash .
It is a piece of lemonldap websso framework . see eg directory for implementation .
Download (0.005MB)
Added: 2007-03-21 License: Perl Artistic License Price:
947 downloads
Lemonldap::Portal::Cda 0.02
Lemonldap::Portal::Cda is a Cross Domain Authentification Perl extension for Lemonldap SSO. more>>
Lemonldap::Portal::Cda is a Cross Domain Authentification Perl extension for Lemonldap SSO.
SYNOPSIS
use Lemonldap::Portal::Cda;
my $stack_user= Lemonldap::Portal::Cda->new(type=> master);
or my $stack_user= Lemonldap::Portal::Cda->new(type=> slave);
Lemonldap is a SSO system under GPL. Sometimes you have two or more domains (.bar.foo and .bar.foo2) The CDA :Cross Domain Authentification manages and centralize all credentials on all domains . CDA works with redirection in order to catch the credential cookie.
You may use an objet "master" domain with a "slave" domain . All authentification needed for the "slave" domain will be redirected on the "master" domain
METHODS
new (type => master|slave);
process (param => %params, bar => foo );
The process method alway return an error 8 (message = CDA requested) .
The master CDA just do a redirection with the id_session in the params of url GET . The slave CDA uses the id_session send by master for put on fly a cookie on slave domain.
see directory examples.
(url_encoded,url_decoded) : getAllRedirection
return the initial request encoded in Base64 and plaintext url
string : getSession
return the id_session or false .
string : message() ;
return the text of error
int : error() ;
return the number of error
<<lessSYNOPSIS
use Lemonldap::Portal::Cda;
my $stack_user= Lemonldap::Portal::Cda->new(type=> master);
or my $stack_user= Lemonldap::Portal::Cda->new(type=> slave);
Lemonldap is a SSO system under GPL. Sometimes you have two or more domains (.bar.foo and .bar.foo2) The CDA :Cross Domain Authentification manages and centralize all credentials on all domains . CDA works with redirection in order to catch the credential cookie.
You may use an objet "master" domain with a "slave" domain . All authentification needed for the "slave" domain will be redirected on the "master" domain
METHODS
new (type => master|slave);
process (param => %params, bar => foo );
The process method alway return an error 8 (message = CDA requested) .
The master CDA just do a redirection with the id_session in the params of url GET . The slave CDA uses the id_session send by master for put on fly a cookie on slave domain.
see directory examples.
(url_encoded,url_decoded) : getAllRedirection
return the initial request encoded in Base64 and plaintext url
string : getSession
return the id_session or false .
string : message() ;
return the text of error
int : error() ;
return the number of error
Download (0.005MB)
Added: 2007-03-21 License: Perl Artistic License Price:
948 downloads
Lemonldap::NG::Portal 0.02
Lemonldap::NG::Portal is a Perl extension for building Lemonldap compatible portals. more>>
Lemonldap::NG::Portal is a Perl extension for building Lemonldap compatible portals.
SYNOPSIS
use Lemonldap::NG::Portal;
my $portal = new Lemonldap::NG::Portal(
domain => gendarmerie.defense.gouv.fr,
storageModule => Apache::Session::MySQL,
storageOptions => {
DataSource => dbi:mysql:database=dbname;host=127.0.0.1,
UserName => db_user,
Password => db_password,
TableName => sessions,
LockDataSource => dbi:mysql:database=dbname;host=127.0.0.1,
LockUserName => db_user,
LockPassword => db_password,
},
ldapServer => ldap.domaine.com,
cookie_secure => 1,
);
# Example of overloading: choose the LDAP variables to store
$portal->{setSessionInfo} = sub {
my ($self) = @_;
foreach $_ qw(uid cn mail appli) {
$self->{sessionInfo}->{$_} = $entry->get_value($_);
}
PE_OK;
};
if($portal->process()) {
# Write here the menu with CGI methods. This page is displayed ONLY IF
# the user was not redirected here.
print $portal->header; # DONT FORGET THIS (see L )
print "...";
# or redirect the user to the menu
print $portal->redirect( -uri => https://portal/menu);
}
else {
# Write here the html form used to authenticate with CGI methods.
# $portal->error returns the error message if athentification failed
# Warning: by defaut, input names are "user" and "password"
print $portal->header; # DONT FORGET THIS (see L )
print "...";
print ;
# In your form, the following value is required for redirection
print ;
# Next, login and password
print Login :
;
print Password : ;
print ;
}
Lemonldap is a simple Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application (they just have to read some headers for accounting).
It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space. There are two ways to build a cross domain authentication:
Cross domain authentication itself (Lemonldap::Portal::Cda (not yet implemented in Lemonldap::NG))
Liberty Alliance (See Lemonldap::ServiceProvider and Lemonldap::IdentityProvider)
This library is a way to build Lemonldap compatible portals. You can use it either by inheritance or by writing anonymous methods like in the example above.
<<lessSYNOPSIS
use Lemonldap::NG::Portal;
my $portal = new Lemonldap::NG::Portal(
domain => gendarmerie.defense.gouv.fr,
storageModule => Apache::Session::MySQL,
storageOptions => {
DataSource => dbi:mysql:database=dbname;host=127.0.0.1,
UserName => db_user,
Password => db_password,
TableName => sessions,
LockDataSource => dbi:mysql:database=dbname;host=127.0.0.1,
LockUserName => db_user,
LockPassword => db_password,
},
ldapServer => ldap.domaine.com,
cookie_secure => 1,
);
# Example of overloading: choose the LDAP variables to store
$portal->{setSessionInfo} = sub {
my ($self) = @_;
foreach $_ qw(uid cn mail appli) {
$self->{sessionInfo}->{$_} = $entry->get_value($_);
}
PE_OK;
};
if($portal->process()) {
# Write here the menu with CGI methods. This page is displayed ONLY IF
# the user was not redirected here.
print $portal->header; # DONT FORGET THIS (see L )
print "...";
# or redirect the user to the menu
print $portal->redirect( -uri => https://portal/menu);
}
else {
# Write here the html form used to authenticate with CGI methods.
# $portal->error returns the error message if athentification failed
# Warning: by defaut, input names are "user" and "password"
print $portal->header; # DONT FORGET THIS (see L )
print "...";
print ;
# In your form, the following value is required for redirection
print ;
# Next, login and password
print Login :
;
print Password : ;
print ;
}
Lemonldap is a simple Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application (they just have to read some headers for accounting).
It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space. There are two ways to build a cross domain authentication:
Cross domain authentication itself (Lemonldap::Portal::Cda (not yet implemented in Lemonldap::NG))
Liberty Alliance (See Lemonldap::ServiceProvider and Lemonldap::IdentityProvider)
This library is a way to build Lemonldap compatible portals. You can use it either by inheritance or by writing anonymous methods like in the example above.
Download (0.002MB)
Added: 2006-09-05 License: Perl Artistic License Price:
1144 downloads
Lemonldap::NG::Manager 0.61
Lemonldap::NG::Manager is a Perl extension for managing Lemonldap::NG Web-SSO system. more>>
Lemonldap::NG::Manager is a Perl extension for managing Lemonldap::NG Web-SSO system.
SYNOPSIS
use Lemonldap::NG::Manager;
my $h=new Lemonldap::NG::Manager(
{
configStorage=>{
type=>File,
dirName=>"/tmp/",
},
dhtmlXTreeImageLocation=> "/devel/img/",
# uncomment this only if lemonldap-ng-manager.js is not in the same
# directory than your script.
# jsFile => /path/to/lemonldap-ng-manager.js,
}
) or die "Unable to start, see Apache logs";
# Simple
$h->doall();
You can also peersonalize the HTML code instead of using doall():
print $self->header_public;
print $self->start_html ( # See CGI(3) for more about start_html
-style => "/location/to/my.css",
-title => "Example.com SSO configuration",
);
# optional HTML code for the top of the page
print print $self->main;
# optional HTML code for the footer of the page
print
print $self->end_html;
<<lessSYNOPSIS
use Lemonldap::NG::Manager;
my $h=new Lemonldap::NG::Manager(
{
configStorage=>{
type=>File,
dirName=>"/tmp/",
},
dhtmlXTreeImageLocation=> "/devel/img/",
# uncomment this only if lemonldap-ng-manager.js is not in the same
# directory than your script.
# jsFile => /path/to/lemonldap-ng-manager.js,
}
) or die "Unable to start, see Apache logs";
# Simple
$h->doall();
You can also peersonalize the HTML code instead of using doall():
print $self->header_public;
print $self->start_html ( # See CGI(3) for more about start_html
-style => "/location/to/my.css",
-title => "Example.com SSO configuration",
);
# optional HTML code for the top of the page
print print $self->main;
# optional HTML code for the footer of the page
print $self->end_html;
Download (0.065MB)
Added: 2007-04-11 License: Perl Artistic License Price:
926 downloads
Lemonldap::Cluster::Status 0.02
Lemonldap::Cluster::Status is a Perl extension for apache cluster server-status. more>>
Lemonldap::Cluster::Status is a Perl extension for apache cluster server-status.
SYNOPSIS
use Lemonldap::Cluster::Status ;
my $serverstatus = Lemonldap::Cluster::Status->new (
ADMIN => title on top of page ,
node1 => 10.ip.ip.ip,
node2 => server1.net,
foo => server2.net,
bar => 10.ip.ip.ip,
);
$serverstatus->analyze;
my $a=$serverstatus->PrintHtml;
This module aggregates sereval server-status pages (from apache) in one page.
Its usefull in order to manage cluster, or for working with nagios and cacti
This version understands refresh=nb_of_second parameters like mod_status
Your servers (nodes) MUST TO BE turn on extended status mode (see apache doc)
This module may be used in sereval ways :
1) Like a package (see bellow)
2) Embeded in CGI script :(see StatusCGI.pl)
3) With modperl : (see StatusMP.pm)
4) Like lemonldap websso composant :(see Statuslemonldap.pm)
ONLY last way NEEDS another Lemonldap composant . Thus this module is independent of lemonldap websso.
The server-status report seems to be issu of real apache server.
The apache server wich implements server-status summary doesnt need to be a nodes .
<<lessSYNOPSIS
use Lemonldap::Cluster::Status ;
my $serverstatus = Lemonldap::Cluster::Status->new (
ADMIN => title on top of page ,
node1 => 10.ip.ip.ip,
node2 => server1.net,
foo => server2.net,
bar => 10.ip.ip.ip,
);
$serverstatus->analyze;
my $a=$serverstatus->PrintHtml;
This module aggregates sereval server-status pages (from apache) in one page.
Its usefull in order to manage cluster, or for working with nagios and cacti
This version understands refresh=nb_of_second parameters like mod_status
Your servers (nodes) MUST TO BE turn on extended status mode (see apache doc)
This module may be used in sereval ways :
1) Like a package (see bellow)
2) Embeded in CGI script :(see StatusCGI.pl)
3) With modperl : (see StatusMP.pm)
4) Like lemonldap websso composant :(see Statuslemonldap.pm)
ONLY last way NEEDS another Lemonldap composant . Thus this module is independent of lemonldap websso.
The server-status report seems to be issu of real apache server.
The apache server wich implements server-status summary doesnt need to be a nodes .
Download (0.008MB)
Added: 2007-03-16 License: GPL (GNU General Public License) Price:
953 downloads
Lemonldap::NG::Handler 0.06
Lemonldap::NG::Handler is a Perl extension for building a Lemonldap compatible handler. more>>
Lemonldap::NG::Handler is a Perl extension for building a Lemonldap compatible handler.
SYNOPSIS
Create your own package:
package My::Package;
use Lemonldap::NG::Handler;
our @ISA = qw(Lemonldap::NG::Handler);
__PACKAGE__->init ({locationRules => { default => $ou =~ /brh/},
globalStorage => Apache::Session::MySQL,
globalStorageOptions => {
DataSource => dbi:mysql:database=dbname;host=127.0.0.1,
UserName => db_user,
Password => db_password,
TableName => sessions,
LockDataSource => dbi:mysql:database=dbname;host=127.0.0.1,
LockUserName => db_user,
LockPassword => db_password,
},
localStorage => Cache::DBFile,
localStorageOptions => {},
portal => https://portal/,
});
More complete example
package My::Package;
use Lemonldap::NG::Handler;
our @ISA = qw(Lemonldap::NG::Handler);
__PACKAGE__->init ( { locationRules => {
^/pj/.*$ => q($qualif="opj"),
^/rh/.*$ => q($ou=~/brh/),
^/rh_or_opj.*$ => q($qualif="opj or $ou=~/brh/),
default => accept, # means that all authenticated users are greanted
},
globalStorage => Apache::Session::MySQL,
globalStorageOptions => {
DataSource => dbi:mysql:database=dbname;host=127.0.0.1,
UserName => db_user,
Password => db_password,
TableName => sessions,
LockDataSource => dbi:mysql:database=dbname;host=127.0.0.1,
LockUserName => db_user,
LockPassword => db_password,
},
localStorage => Cache::DBFile,
localStorageOptions => {},
cookieName => lemon,
portal => https://portal/,
whatToTrace => $uid,
exportedHeaders => {
Auth-User => $uid,
Unit => $ou,
https => 1,
}
);
Call your package in < apache-directory>/conf/httpd.conf
PerlRequire MyFile
# TOTAL PROTECTION
PerlInitHandler My::Package
# OR SELECTED AREA
< Location /protected-area >
PerlInitHandler My::Package
< /Location >
<<lessSYNOPSIS
Create your own package:
package My::Package;
use Lemonldap::NG::Handler;
our @ISA = qw(Lemonldap::NG::Handler);
__PACKAGE__->init ({locationRules => { default => $ou =~ /brh/},
globalStorage => Apache::Session::MySQL,
globalStorageOptions => {
DataSource => dbi:mysql:database=dbname;host=127.0.0.1,
UserName => db_user,
Password => db_password,
TableName => sessions,
LockDataSource => dbi:mysql:database=dbname;host=127.0.0.1,
LockUserName => db_user,
LockPassword => db_password,
},
localStorage => Cache::DBFile,
localStorageOptions => {},
portal => https://portal/,
});
More complete example
package My::Package;
use Lemonldap::NG::Handler;
our @ISA = qw(Lemonldap::NG::Handler);
__PACKAGE__->init ( { locationRules => {
^/pj/.*$ => q($qualif="opj"),
^/rh/.*$ => q($ou=~/brh/),
^/rh_or_opj.*$ => q($qualif="opj or $ou=~/brh/),
default => accept, # means that all authenticated users are greanted
},
globalStorage => Apache::Session::MySQL,
globalStorageOptions => {
DataSource => dbi:mysql:database=dbname;host=127.0.0.1,
UserName => db_user,
Password => db_password,
TableName => sessions,
LockDataSource => dbi:mysql:database=dbname;host=127.0.0.1,
LockUserName => db_user,
LockPassword => db_password,
},
localStorage => Cache::DBFile,
localStorageOptions => {},
cookieName => lemon,
portal => https://portal/,
whatToTrace => $uid,
exportedHeaders => {
Auth-User => $uid,
Unit => $ou,
https => 1,
}
);
Call your package in < apache-directory>/conf/httpd.conf
PerlRequire MyFile
# TOTAL PROTECTION
PerlInitHandler My::Package
# OR SELECTED AREA
< Location /protected-area >
PerlInitHandler My::Package
< /Location >
Download (0.011MB)
Added: 2006-09-05 License: Perl Artistic License Price:
1145 downloads
Lemonldap::Handlers::Generic 3.1.1
Lemonldap::Handlers::Generic is a Perl extension for Lemonldap sso system. more>>
Lemonldap::Handlers::Generic is a Perl extension for Lemonldap sso system.
Lemonldap::Handlers::Generic4a2 - Handler for Apache2 Lemonldap SSO
system
SYNOPSIS
In httpd.conf
.....
perltranshandler Lemonldap::Handlers::Generic4a2
.....
Generic4a2 is the central piece of websso framework .
This module provides several methods but the principal goal of this is the handler function .
It can be combined with mod_proxy or mod_rewrite and all other apaches modules .
It provides also an built-in http proxy with LWP . see http://lemonldap.sf.net for more infos .
<<lessLemonldap::Handlers::Generic4a2 - Handler for Apache2 Lemonldap SSO
system
SYNOPSIS
In httpd.conf
.....
perltranshandler Lemonldap::Handlers::Generic4a2
.....
Generic4a2 is the central piece of websso framework .
This module provides several methods but the principal goal of this is the handler function .
It can be combined with mod_proxy or mod_rewrite and all other apaches modules .
It provides also an built-in http proxy with LWP . see http://lemonldap.sf.net for more infos .
Download (0.024MB)
Added: 2007-03-21 License: Perl Artistic License Price:
950 downloads
Lemonldap::NG::Portal::AuthSsl 0.02
Lemonldap::NG::Portal::AuthSsl is a Perl extension for building Lemonldap compatible portals based on SSL v3 mechanisms. more>>
Lemonldap::NG::Portal::AuthSsl is a Perl extension for building Lemonldap compatible portals based on SSL v3 mechanisms.
SYNOPSIS
use Lemonldap::NG::Portal::AuthSsl;
my $portal = new Lemonldap::NG::Portal(
domain => gendarmerie.defense.gouv.fr,
storageModule => Apache::Session::MySQL,
storageOptions => {
DataSource => dbi:mysql:database,
UserName => db_user,
Password => db_password,
TableName => sessions,
},
ldapServer => ldap.domaine.com,
cookie_secure => 1,
);
# Example of overloading: choose the LDAP variables to store
$portal->{setSessionInfo} = sub {
my ($self) = @_;
foreach $_ qw(uid cn mail appli) {
$self->{sessionInfo}->{$_} = $entry->get_value($_);
}
PE_OK;
};
if($portal->process()) {
# Write here the menu with CGI methods. This page is displayed ONLY IF
# the user was not redirected here.
print $portal->header; # DONT FORGET THIS (see CGI(3))
print "...";
# or redirect the user to the menu
print $portal->redirect( -uri => https://portal/menu);
}
else {
# Write here the html form used to authenticate with CGI methods.
# $portal->error returns the error message if athentification failed
# Warning: by defaut, input names are "user" and "password"
print $portal->header; # DONT FORGET THIS (see CGI(3))
print "...";
print < form method="POST" >;
# In your form, the following value is required for redirection
print < input type="hidden" name="url" value=".$portal->param(url)." >;
# Next, login and password
print Login : < input name="user" >< br >;
print Password : < input name="pasword" type="password" autocomplete="off" >;
print < /form >;
}
Modify your httpd.conf:
< Location /My/File >
SSLVerifyClient require
SSLOptions +ExportCertData +CompatEnvVars +StdEnvVars
< /Location >
Lemonldap is a simple Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application (they just have to read some headers for accounting).
It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space. There are two ways to build a cross domain authentication:
Cross domain authentication itself (Lemonldap::Portal::Cda (not yet implemented in Lemonldap::NG))
"Liberty Alliance" (Lemonldap::LibertyAlliance::*)
This library just overload few methods of Lemonldap::NG::Portal to use Apache SSLv3 mechanism: weve just to verify that $ENV{SSL_CLIENT_S_DN_Email} exists. So remenber to export SSL variables to CGI.
See Lemonldap::NG::Portal for usage and other methods.
<<lessSYNOPSIS
use Lemonldap::NG::Portal::AuthSsl;
my $portal = new Lemonldap::NG::Portal(
domain => gendarmerie.defense.gouv.fr,
storageModule => Apache::Session::MySQL,
storageOptions => {
DataSource => dbi:mysql:database,
UserName => db_user,
Password => db_password,
TableName => sessions,
},
ldapServer => ldap.domaine.com,
cookie_secure => 1,
);
# Example of overloading: choose the LDAP variables to store
$portal->{setSessionInfo} = sub {
my ($self) = @_;
foreach $_ qw(uid cn mail appli) {
$self->{sessionInfo}->{$_} = $entry->get_value($_);
}
PE_OK;
};
if($portal->process()) {
# Write here the menu with CGI methods. This page is displayed ONLY IF
# the user was not redirected here.
print $portal->header; # DONT FORGET THIS (see CGI(3))
print "...";
# or redirect the user to the menu
print $portal->redirect( -uri => https://portal/menu);
}
else {
# Write here the html form used to authenticate with CGI methods.
# $portal->error returns the error message if athentification failed
# Warning: by defaut, input names are "user" and "password"
print $portal->header; # DONT FORGET THIS (see CGI(3))
print "...";
print < form method="POST" >;
# In your form, the following value is required for redirection
print < input type="hidden" name="url" value=".$portal->param(url)." >;
# Next, login and password
print Login : < input name="user" >< br >;
print Password : < input name="pasword" type="password" autocomplete="off" >;
print < /form >;
}
Modify your httpd.conf:
< Location /My/File >
SSLVerifyClient require
SSLOptions +ExportCertData +CompatEnvVars +StdEnvVars
< /Location >
Lemonldap is a simple Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application (they just have to read some headers for accounting).
It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space. There are two ways to build a cross domain authentication:
Cross domain authentication itself (Lemonldap::Portal::Cda (not yet implemented in Lemonldap::NG))
"Liberty Alliance" (Lemonldap::LibertyAlliance::*)
This library just overload few methods of Lemonldap::NG::Portal to use Apache SSLv3 mechanism: weve just to verify that $ENV{SSL_CLIENT_S_DN_Email} exists. So remenber to export SSL variables to CGI.
See Lemonldap::NG::Portal for usage and other methods.
Download (0.008MB)
Added: 2006-09-05 License: Perl Artistic License Price:
1145 downloads
Lemonldap::Portal::Standard 3.1.0
Lemonldap::Portal::Standard is a Perl extension for the Lemonldap SSO system. more>>
Lemonldap::Portal::Standard is a Perl extension for the Lemonldap SSO system.
SYNOPSIS
use Lemonldap::Portal::Standard;
sub my_method {
my $self = shift;
my $user = $self->{user};
$user.="-cp" if $user !~ /-cp$/;
$self->{user} = $user;
return ;
}
my $message = ;
my %params =Vars;
my $stack_user=Lemonldap::Portal::Standard->new(formateUser => &my_method);
my $urlc;
my $urldc;
$retour=$stack_user->process(param => %params,
server => $ReverseProxyConfig::ldap_serveur,
port => $ReverseProxyConfig::ldap_port,
DnManager => $ReverseProxyConfig::ldap_admin_dn,
passwordManager => $ReverseProxyConfig::ldap_admin_pd,
branch => $ReverseProxyConfig::ldap_branch_people
);
if ($retour) {
$message=$retour->message;
$erreur=$retour->error;
}
See in directory examples for more details
Lemonldap is a SSO system under GPL. The authentification phase need to display a form with user / password . Standard.pm manage all the cycle of authentification :
step 0 : setting configuration
step 1 : manage the source of request
step 2 : manage timeout
step 3 : control the input form of user and password
step 4 : formate the userid if needing
step 5 : build the filter for the search
step 6 : build subtree for the search ldap
step 7 : make socket upon ldap server
step 8 : bind operation
step 9 : make search
step 10 : confection of %session from ldap infos
step 11 : unbind
step 12 : re-bind for validing users credentials
Any step can bee overload for include your custom method.
standards errors messages :
1 => Your connection has expired; You must to be authentified once again,
2 => User and password fields must be filled,
3 => Wrong directory manager account or password ,
4 => not found in directory,
5 => wrong credentials ,
warning the value 9 for error message is returned then the form is empty ist not an real error , perhaps its the initial request.
<<lessSYNOPSIS
use Lemonldap::Portal::Standard;
sub my_method {
my $self = shift;
my $user = $self->{user};
$user.="-cp" if $user !~ /-cp$/;
$self->{user} = $user;
return ;
}
my $message = ;
my %params =Vars;
my $stack_user=Lemonldap::Portal::Standard->new(formateUser => &my_method);
my $urlc;
my $urldc;
$retour=$stack_user->process(param => %params,
server => $ReverseProxyConfig::ldap_serveur,
port => $ReverseProxyConfig::ldap_port,
DnManager => $ReverseProxyConfig::ldap_admin_dn,
passwordManager => $ReverseProxyConfig::ldap_admin_pd,
branch => $ReverseProxyConfig::ldap_branch_people
);
if ($retour) {
$message=$retour->message;
$erreur=$retour->error;
}
See in directory examples for more details
Lemonldap is a SSO system under GPL. The authentification phase need to display a form with user / password . Standard.pm manage all the cycle of authentification :
step 0 : setting configuration
step 1 : manage the source of request
step 2 : manage timeout
step 3 : control the input form of user and password
step 4 : formate the userid if needing
step 5 : build the filter for the search
step 6 : build subtree for the search ldap
step 7 : make socket upon ldap server
step 8 : bind operation
step 9 : make search
step 10 : confection of %session from ldap infos
step 11 : unbind
step 12 : re-bind for validing users credentials
Any step can bee overload for include your custom method.
standards errors messages :
1 => Your connection has expired; You must to be authentified once again,
2 => User and password fields must be filled,
3 => Wrong directory manager account or password ,
4 => not found in directory,
5 => wrong credentials ,
warning the value 9 for error message is returned then the form is empty ist not an real error , perhaps its the initial request.
Download (0.019MB)
Added: 2007-03-22 License: Perl Artistic License Price:
946 downloads
Lemonldap::Config::Parameters 3.1.1
emonldap::Config::Parameters is a Perl module as a Backend of configuration for lemonldap SSO system. more>>
emonldap::Config::Parameters is a Perl module as a Backend of configuration for lemonldap SSO system.
SYNOPSIS
#!/usr/bin/perl
use Lemonldap::Config::Parameters;
use Data::Dumper;
my $nconfig= Lemonldap::Config::Parameters->new(
file =>applications.xml,
cache => /tmp/CONF );
my $conf= $nconfig->getAllConfig;
my $cg=$nconfig->getDomain(appli.cp);
my $ligne= $cg;
print Dumper( $ligne);
my $e = $cg->{templates_options} ;
my $opt= "templates_dir";
my $va = $cg->{$opt};
my $ligne= $nconfig->formateLineHash($e,$opt,$va) ;
or by API :
Lemonldap::Config::Parameters::f_delete(/tmp/CONF);
or by command line
perl -e "use Lemonldap::Config::Parameters; Lemonldap::Config::Parameters::f_delete(/tmp/CONF);"
<<lessSYNOPSIS
#!/usr/bin/perl
use Lemonldap::Config::Parameters;
use Data::Dumper;
my $nconfig= Lemonldap::Config::Parameters->new(
file =>applications.xml,
cache => /tmp/CONF );
my $conf= $nconfig->getAllConfig;
my $cg=$nconfig->getDomain(appli.cp);
my $ligne= $cg;
print Dumper( $ligne);
my $e = $cg->{templates_options} ;
my $opt= "templates_dir";
my $va = $cg->{$opt};
my $ligne= $nconfig->formateLineHash($e,$opt,$va) ;
or by API :
Lemonldap::Config::Parameters::f_delete(/tmp/CONF);
or by command line
perl -e "use Lemonldap::Config::Parameters; Lemonldap::Config::Parameters::f_delete(/tmp/CONF);"
Download (0.012MB)
Added: 2007-03-21 License: Perl Artistic License Price:
948 downloads
Lemonldap::NG::Handler::Vhost 0.06
Lemonldap::NG::Handler::Vhost is a Perl extension for building a Lemonldap compatible handler able to manage Apache virtual host more>>
Lemonldap::NG::Handler::Vhost is a Perl extension for building a Lemonldap compatible handler able to manage Apache virtual hosts.
SYNOPSIS
Create your own package:
package My::Package;
use Lemonldap::NG::Handler::Vhost;
# IMPORTANT ORDER
our @ISA = qw (Lemonldap::NG::Handler::Vhost Lemonldap::NG::Handler);
__PACKAGE__->init ( { locationRules => {
vhost1.dc.com => {
default => $ou =~ /brh/
},
vhost2.dc.com => {
^/pj/.*$ => q($qualif="opj"),
^/rh/.*$ => q($ou=~/brh/),
^/rh_or_opj.*$ => q($qualif="opj or $ou=~/brh/),
default => accept,
},
# Put here others Lemonldap::NG::Handler options
}
);
Other example, using Lemonldap::NG::Handler::SharedConf
package My::Package;
use Lemonldap::NG::Handler::SharedConf;
use Lemonldap::NG::Handler::Vhost;
# IMPORTANT ORDER
# our @ISA = qw (Lemonldap::NG::Handler::Vhost Lemonldap::NG::Handler::SharedConf);
__PACKAGE__->init ... # as using Lemonldap::NG::Handler::SharedConf alone
Change configuration
__PACKAGE__->setConf ( {
locationRules => {
vhost1.dc.com => {
default => $ou =~ /brh/
},
vhost2.dc.com => {
^/pj/.*$ => q($qualif="opj"),
^/rh/.*$ => q($ou=~/brh/),
^/rh_or_opj.*$ => q($qualif="opj or $ou=~/brh/),
default => accept,
},
},
exportedHeaders => {
vhost1.dc.com => {
Authorization=>"Basic ".MIME::Base64::encode_base64($uid),
User-Auth => $uid,
},
vhost2.dc.com => {
User-Auth => $uid,
},
}
# Put here others Lemonldap::NG::Handler::SharedConf options
}
);
Call your package in /conf/httpd.conf
PerlRequire MyFile
PerlInitHandler My::Package
Lemonldap is a simple Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application (they just
This library provides a way to protect Apache virtual hosts with Lemonldap.
<<lessSYNOPSIS
Create your own package:
package My::Package;
use Lemonldap::NG::Handler::Vhost;
# IMPORTANT ORDER
our @ISA = qw (Lemonldap::NG::Handler::Vhost Lemonldap::NG::Handler);
__PACKAGE__->init ( { locationRules => {
vhost1.dc.com => {
default => $ou =~ /brh/
},
vhost2.dc.com => {
^/pj/.*$ => q($qualif="opj"),
^/rh/.*$ => q($ou=~/brh/),
^/rh_or_opj.*$ => q($qualif="opj or $ou=~/brh/),
default => accept,
},
# Put here others Lemonldap::NG::Handler options
}
);
Other example, using Lemonldap::NG::Handler::SharedConf
package My::Package;
use Lemonldap::NG::Handler::SharedConf;
use Lemonldap::NG::Handler::Vhost;
# IMPORTANT ORDER
# our @ISA = qw (Lemonldap::NG::Handler::Vhost Lemonldap::NG::Handler::SharedConf);
__PACKAGE__->init ... # as using Lemonldap::NG::Handler::SharedConf alone
Change configuration
__PACKAGE__->setConf ( {
locationRules => {
vhost1.dc.com => {
default => $ou =~ /brh/
},
vhost2.dc.com => {
^/pj/.*$ => q($qualif="opj"),
^/rh/.*$ => q($ou=~/brh/),
^/rh_or_opj.*$ => q($qualif="opj or $ou=~/brh/),
default => accept,
},
},
exportedHeaders => {
vhost1.dc.com => {
Authorization=>"Basic ".MIME::Base64::encode_base64($uid),
User-Auth => $uid,
},
vhost2.dc.com => {
User-Auth => $uid,
},
}
# Put here others Lemonldap::NG::Handler::SharedConf options
}
);
Call your package in /conf/httpd.conf
PerlRequire MyFile
PerlInitHandler My::Package
Lemonldap is a simple Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application (they just
This library provides a way to protect Apache virtual hosts with Lemonldap.
Download (0.011MB)
Added: 2006-09-05 License: Perl Artistic License Price:
1150 downloads
mod_auth_nufw 2.2
mod_auth_nufw is a Single Sign On Apache module which performs secure user identification and authentication. more>>
mod_auth_nufw is a Single Sign On Apache module which performs secure user identification and authentication, based on the Nufw firewalling suite. Nufw marks all connections of a network with a unique UserID.
This module takes advantage of that mark and uses it to transparently identify and authenticate users requiring access to an Apache server.
Main features:
- SSL encryption of SQL connections
- Support of the v2 SSO protocol, which is much lighter, as it avoids all LDAP connections to the module.
- Apache 2 support.
- Finer control on SQL requests.
- Control of server tokens, on Apache2.
<<lessThis module takes advantage of that mark and uses it to transparently identify and authenticate users requiring access to an Apache server.
Main features:
- SSL encryption of SQL connections
- Support of the v2 SSO protocol, which is much lighter, as it avoids all LDAP connections to the module.
- Apache 2 support.
- Finer control on SQL requests.
- Control of server tokens, on Apache2.
Download (0.042MB)
Added: 2006-05-15 License: GPL (GNU General Public License) Price:
1257 downloads
mod_shib 1.3
mod_shib is a shibboleth single sign-on module. more>>
mod_shib is a shibboleth single sign-on module. Shibboleth is standards-based, open source middleware software which provides Web Single SignOn (SSO) across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner.
The Shibboleth software implements the OASIS SAML v1.1 specification, providing a federated Single-SignOn and attribute exchange framework. Shibboleth also provides extended privacy functionality allowing the browser user and their home site to control the Attribute information being released to each Service Provider. Using Shibboleth-enabled access simplifies management of identity and access permissions for both Identity and Service Providers.
<<lessThe Shibboleth software implements the OASIS SAML v1.1 specification, providing a federated Single-SignOn and attribute exchange framework. Shibboleth also provides extended privacy functionality allowing the browser user and their home site to control the Attribute information being released to each Service Provider. Using Shibboleth-enabled access simplifies management of identity and access permissions for both Identity and Service Providers.
Download (0.73MB)
Added: 2006-04-21 License: The Apache License 2.0 Price:
1284 downloads
Secleted [ 0 ] software to compare
- Page: 1 of 2
- 1
- 2
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above lemonldap sso search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
