Commit 60501cb7 authored by Clément OUDOT's avatar Clément OUDOT

Preparation for 1.0 Release Candidate 1:

* Delete application menu XML and DTD file
* Manage Apache Version and Vhost Listen IP and Port
* Split Apache configuration into portal/manager/handler files
parent 03fb5514
...@@ -22,7 +22,6 @@ RBINDIR=$(DESTDIR)/$(BINDIR) ...@@ -22,7 +22,6 @@ RBINDIR=$(DESTDIR)/$(BINDIR)
DATADIR=$(LMPREFIX)/data DATADIR=$(LMPREFIX)/data
RDATADIR=$(DESTDIR)/$(DATADIR) RDATADIR=$(DESTDIR)/$(DATADIR)
EXAMPLEROOT=`pwd`/example EXAMPLEROOT=`pwd`/example
# Document roots for Apache VirtualHosts # Document roots for Apache VirtualHosts
...@@ -69,9 +68,14 @@ APACHESESSIONFILEDIR=$(DATADIR)/sessions ...@@ -69,9 +68,14 @@ APACHESESSIONFILEDIR=$(DATADIR)/sessions
RAPACHESESSIONFILEDIR=$(DESTDIR)/$(APACHESESSIONFILEDIR) RAPACHESESSIONFILEDIR=$(DESTDIR)/$(APACHESESSIONFILEDIR)
APACHESESSIONFILELOCKDIR=$(APACHESESSIONFILEDIR)/lock APACHESESSIONFILELOCKDIR=$(APACHESESSIONFILEDIR)/lock
RAPACHESESSIONFILELOCKDIR=$(DESTDIR)/$(APACHESESSIONFILELOCKDIR) RAPACHESESSIONFILELOCKDIR=$(DESTDIR)/$(APACHESESSIONFILELOCKDIR)
# Apache user/group
APACHEUSER= APACHEUSER=
APACHEGROUP= APACHEGROUP=
# Apache version
APACHEVERSION=2
# DNS Domain for cookie and virtual hosts # DNS Domain for cookie and virtual hosts
DNSDOMAIN=example.com DNSDOMAIN=example.com
...@@ -80,12 +84,15 @@ LDAPHOST=localhost ...@@ -80,12 +84,15 @@ LDAPHOST=localhost
LDAPPORT=389 LDAPPORT=389
LDAPSUFFIX=dc=example,dc=com LDAPSUFFIX=dc=example,dc=com
# Virtual Host Listen IP and Port (*, *:80, ...)
VHOSTLISTEN=*:80
# Other # Other
VERSION=`head -n1 changelog |sed -e 's/lemonldap-ng (//' -e 's/).*$$//'` VERSION=`head -n1 changelog |sed -e 's/lemonldap-ng (//' -e 's/).*$$//'`
PORTALSKINS=`ls lemonldap-ng-portal/example/skins/` PORTALSKINS=`ls lemonldap-ng-portal/example/skins/`
MANAGERSKINS=`ls lemonldap-ng-manager/example/skins/` MANAGERSKINS=`ls lemonldap-ng-manager/example/skins/`
DIFF=diff -aburN -x '*.bak' -x .svn -x '*.swp' --ignore-matching-lines='.*jquery.*' --ignore-matching-lines='.*lemonldap-ng\.ini.*' DIFF=diff -aburN -x '*.bak' -x .svn -x '*.swp' --ignore-matching-lines='.*jquery.*' --ignore-matching-lines='.*lemonldap-ng\.ini.*'
SRCCOMMONDIR=lemonldap-ng-common SRCCOMMONDIR=lemonldap-ng-common
SRCHANDLERDIR=lemonldap-ng-handler SRCHANDLERDIR=lemonldap-ng-handler
SRCPORTALDIR=lemonldap-ng-portal SRCPORTALDIR=lemonldap-ng-portal
...@@ -228,7 +235,9 @@ install_site: install_manager_site install_portal_site install_handler_site inst ...@@ -228,7 +235,9 @@ install_site: install_manager_site install_portal_site install_handler_site inst
@install -v -d $(RCONFDIR) @install -v -d $(RCONFDIR)
# Check if erase is wanted # Check if erase is wanted
@if [ "$(ERASECONFIG)" -eq "1" ]; then \ @if [ "$(ERASECONFIG)" -eq "1" ]; then \
cp --remove-destination _example/etc/apache* $(RCONFDIR); \ cp --remove-destination _example/etc/portal-apache$(APACHEVERSION).conf $(RCONFDIR); \
cp --remove-destination _example/etc/handler-apache$(APACHEVERSION).conf $(RCONFDIR); \
cp --remove-destination _example/etc/manager-apache$(APACHEVERSION).conf $(RCONFDIR); \
cp --remove-destination _example/etc/for_etc_hosts $(RCONFDIR); \ cp --remove-destination _example/etc/for_etc_hosts $(RCONFDIR); \
fi fi
@$(PERL) -i -pe 's#__HANDLER__#${HANDLERDIR}/MyHandler.pm#; \ @$(PERL) -i -pe 's#__HANDLER__#${HANDLERDIR}/MyHandler.pm#; \
...@@ -236,7 +245,8 @@ install_site: install_manager_site install_portal_site install_handler_site inst ...@@ -236,7 +245,8 @@ install_site: install_manager_site install_portal_site install_handler_site inst
s#__PORTALDIR__#$(PORTALDIR)/#g; \ s#__PORTALDIR__#$(PORTALDIR)/#g; \
s#__MANAGERDIR__#$(MANAGERDIR)/#g; \ s#__MANAGERDIR__#$(MANAGERDIR)/#g; \
s#__TESTDIR__#$(TESTDIR)/#g; \ s#__TESTDIR__#$(TESTDIR)/#g; \
s#__DOCDIR__#$(DOCDIR)/#g;' $(RCONFDIR)/apache* s#__VHOSTLISTEN__#$(VHOSTLISTEN)#g; \
s#__DOCDIR__#$(DOCDIR)/#g;' $(RCONFDIR)/*apache*.conf
@$(PERL) -i -pe 's/__DNSDOMAIN__/$(DNSDOMAIN)/g' $(RCONFDIR)/for_etc_hosts @$(PERL) -i -pe 's/__DNSDOMAIN__/$(DNSDOMAIN)/g' $(RCONFDIR)/for_etc_hosts
@echo @echo
@echo "LemonLDAP::NG v${VERSION} is installed with these parameters:" @echo "LemonLDAP::NG v${VERSION} is installed with these parameters:"
...@@ -249,17 +259,18 @@ install_site: install_manager_site install_portal_site install_handler_site inst ...@@ -249,17 +259,18 @@ install_site: install_manager_site install_portal_site install_handler_site inst
@echo @echo
@echo "To finish configuration:" @echo "To finish configuration:"
@echo @echo
@echo "1 - Add this in your Apache configuration file:" @echo "1 - Add this in your Apache $(APACHEVERSION) configuration file:"
@echo " with Apache-1.3.x" @echo " include ${CONFDIR}/portal-apache$(APACHEVERSION).conf"
@echo " include ${CONFDIR}/apache.conf" @echo " include ${CONFDIR}/handler-apache$(APACHEVERSION).conf"
@echo " or with Apache-2.x:" @echo " include ${CONFDIR}/manager-apache$(APACHEVERSION).conf"
@echo " include ${CONFDIR}/apache2.conf"
@echo @echo
@echo "2 - Restart Apache (or Apache2)" @echo "2 - Restart Apache:"
@echo " apache$(APACHEVERSION)ctl restart"
@echo @echo
@echo "3 - Run 'make postconf' as root to update /etc/hosts" if your DNS service does not known auth.$(DNSDOMAIN) and manager.$(DNSDOMAIN) @echo "3 - Run 'make postconf' as root to update /etc/hosts if your DNS service does not known auth.$(DNSDOMAIN) and manager.$(DNSDOMAIN)"
@echo @echo
@echo "4 - Use the manager at http://manager.${DNSDOMAIN}/ (after Apache restart) to modify LemonLDAP::NG configuration." @echo "4 - Use the manager from localhost at http://manager.${DNSDOMAIN}/ (after Apache restart) to modify LemonLDAP::NG configuration."
@echo " Warning: If you access http://manager.${DNSDOMAIN}/ from other host, modify first Apache Manager configuration to allow access from non local address."
@echo @echo
@echo "5 - Try to connect to http://test1.${DNSDOMAIN}/ or http://test2.${DNSDOMAIN}/" @echo "5 - Try to connect to http://test1.${DNSDOMAIN}/ or http://test2.${DNSDOMAIN}/"
@if [ ! "$(APACHEUSER)" ]; then \ @if [ ! "$(APACHEUSER)" ]; then \
......
<!ELEMENT menu (category*) >
<!ELEMENT category (application*, category*) >
<!ATTLIST category name CDATA #REQUIRED >
<!ELEMENT application (name, uri?, description?, logo?, screenshot?, display?, application*) >
<!ATTLIST application id ID #REQUIRED >
<!ELEMENT name ( #PCDATA ) >
<!ELEMENT uri ( #PCDATA ) >
<!ELEMENT description ( #PCDATA ) >
<!ELEMENT logo ( #PCDATA ) >
<!ELEMENT screenshot ( #PCDATA ) >
<!ELEMENT display ( #PCDATA ) >
<?xml version="1.0" encoding="utf-8" standalone="no"?>
<!DOCTYPE menu SYSTEM "apps-list.dtd">
<menu>
<category name="Example">
<application id="test1">
<name>Application Test 1</name>
<uri>http://test1.__DNSDOMAIN__/</uri>
<description>A simple application displaying authenticated user</description>
<logo>wheels.png</logo>
<display>auto</display>
</application>
<application id="test2">
<name>Application Test 2</name>
<uri>http://test2.__DNSDOMAIN__/</uri>
<description>The same simple application displaying authenticated user</description>
<logo>wheels.png</logo>
<display>auto</display>
</application>
</category>
<category name="Administration">
<application id="manager">
<name>WebSSO Manager</name>
<uri>http://manager.__DNSDOMAIN__/</uri>
<description>Configure LemonLDAP::NG WebSSO</description>
<logo>tools.png</logo>
<display>on</display>
</application>
<application id="sessions">
<name>Sessions explorer</name>
<uri>http://manager.__DNSDOMAIN__/sessions.pl</uri>
<description>Explore WebSSO sessions</description>
<logo>tools.png</logo>
<display>on</display>
</application>
</category>
<category name="Documentation">
<application id="localdoc">
<name>Local documentation</name>
<uri>http://manager.__DNSDOMAIN__/doc/</uri>
<description>Documentation supplied with LemonLDAP::NG</description>
<logo>docs.png</logo>
<display>on</display>
</application>
<application id="officialwebsite">
<name>Offical Website</name>
<uri>http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation</uri>
<description>Official LemonLDAP::NG Website</description>
<logo>web.png</logo>
<display>on</display>
</application>
</category>
</menu>
#====================================================================
# Apache configuration for LemonLDAP::NG Handler
#====================================================================
# Uncomment this if no previous NameVirtualHost declaration
#NameVirtualHost __VHOSTLISTEN__
# Load LemonLDAP::NG Handler
PerlRequire __HANDLER__
# Common error page and security parameters
ErrorDocument 403 http://auth.__DNSDOMAIN__/error.pl?error=403
ErrorDocument 500 http://auth.__DNSDOMAIN__/error.pl?error=500
# Sample application
<VirtualHost __VHOSTLISTEN__>
ServerName test1.__DNSDOMAIN__
ServerAlias test2.__DNSDOMAIN__
# SSO protection
PerlHeaderParserHandler My::Package
# DocumentRoot
DocumentRoot __TESTDIR__
<Directory __TESTDIR__>
Order deny,allow
Allow from all
Options +ExecCGI
</Directory>
# Perl script (application test is written in Perl)
<Files *.pl>
SetHandler perl-script
PerlHandler Apache::Registry
</Files>
# Directory index
<IfModule mod_dir.c>
DirectoryIndex index.pl index.html
</IfModule>
# Configuration reload mechanism (only 1 per physical server is
# needed): choose your URL to avoid restarting Apache when
# configuration change
<Location /reload>
Order deny,allow
Deny from all
Allow from 127.0.0.0/8
PerlHeaderParserHandler My::Package->refresh
</Location>
# Uncomment this to activate status module
#<Location /status>
# Order deny,allow
# Deny from all
# Allow from 127.0.0.0/8
# PerlHeaderParserHandler My::Package->status
#</Location>
</VirtualHost>
NameVirtualHost * #====================================================================
# Apache configuration for LemonLDAP::NG Handler
#====================================================================
# Perl environment # Uncomment this if no previous NameVirtualHost declaration
PerlRequire __HANDLER__ #NameVirtualHost __VHOSTLISTEN__
# Load LemonLDAP::NG Handler
PerlOptions +GlobalRequest PerlOptions +GlobalRequest
<Files ~ "\.(pl)$"> PerlRequire __HANDLER__
SetHandler perl-script
PerlHandler ModPerl::Registry
PerlSendHeader On
</Files>
<IfModule mod_dir.c>
DirectoryIndex index.pl index.html
</IfModule>
# Common error page and security parameters # Common error page and security parameters
ErrorDocument 403 http://auth.__DNSDOMAIN__/error.pl?error=403 ErrorDocument 403 http://auth.__DNSDOMAIN__/error.pl?error=403
ErrorDocument 500 http://auth.__DNSDOMAIN__/error.pl?error=500 ErrorDocument 500 http://auth.__DNSDOMAIN__/error.pl?error=500
ServerSignature Off
LogLevel warn
# Portal virtual host
<VirtualHost *>
ServerName auth.__DNSDOMAIN__
# DocumentRoot
DocumentRoot __PORTALDIR__
<Directory __PORTALDIR__>
Order allow,deny
Allow from all
Options +ExecCGI
Options FollowSymLinks
</Directory>
# SOAP functions for sessions management (disabled by default)
<Directory __PORTALDIR__index.pl/adminSessions>
Order deny,allow
Deny from all
</Directory>
# SOAP functions for sessions access (disabled by default)
<Directory __PORTALDIR__index.pl/sessions>
Order deny,allow
Deny from all
</Directory>
# SOAP functions for configuration access (disabled by default)
<Directory __PORTALDIR__index.pl/config>
Order deny,allow
Deny from all
</Directory>
# SOAP functions for notification insertion (disabled by default)
<Directory __PORTALDIR__index.pl/notification>
Order deny,allow
Deny from all
</Directory>
# SAML URL rewriting # Sample application
RewriteEngine On <VirtualHost __VHOSTLISTEN__>
RewriteRule ^/saml/metadata /metadata.pl
RewriteRule ^/saml/.* /index.pl
</VirtualHost>
# Manager virtual host
<VirtualHost *>
ServerName manager.__DNSDOMAIN__
# DocumentRoot
DocumentRoot __MANAGERDIR__
<Directory __MANAGERDIR__>
Order deny,allow
Deny from all
Allow from 127.0.0.0/8
Options +ExecCGI
Options FollowSymLinks
</Directory>
# On-line documentation
Alias /doc/ __DOCDIR__
<Directory __DOCDIR__>
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
# Application Test
<VirtualHost *>
ServerName test1.__DNSDOMAIN__ ServerName test1.__DNSDOMAIN__
ServerAlias test2.__DNSDOMAIN__ ServerAlias test2.__DNSDOMAIN__
...@@ -101,6 +29,17 @@ LogLevel warn ...@@ -101,6 +29,17 @@ LogLevel warn
Options +ExecCGI Options +ExecCGI
</Directory> </Directory>
# Perl script (application test is written in Perl)
<Files *.pl>
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
</Files>
# Directory index
<IfModule mod_dir.c>
DirectoryIndex index.pl index.html
</IfModule>
# Configuration reload mechanism (only 1 per physical server is # Configuration reload mechanism (only 1 per physical server is
# needed): choose your URL to avoid restarting Apache when # needed): choose your URL to avoid restarting Apache when
# configuration change # configuration change
...@@ -121,18 +60,3 @@ LogLevel warn ...@@ -121,18 +60,3 @@ LogLevel warn
</VirtualHost> </VirtualHost>
##############################################
## Best performance under ModPerl::Registry ##
##############################################
## Uncomment this to increase performance of Portal:
<Perl>
require Lemonldap::NG::Portal::SharedConf;
Lemonldap::NG::Portal::SharedConf->compile(
qw(delete header cache read_from_client cookie redirect unescapeHTML));
# Uncomment this line if you use Lemonldap::NG menu
require Lemonldap::NG::Portal::Menu;
# Uncomment this line if you use portal SOAP capabilities
#require SOAP::Lite;
</Perl>
#====================================================================
# Apache configuration for LemonLDAP::NG Manager
#====================================================================
# Uncomment this if no previous NameVirtualHost declaration
#NameVirtualHost __VHOSTLISTEN__
# Manager virtual host (manager.__DNSDOMAIN__)
<VirtualHost __VHOSTLISTEN__>
ServerName manager.__DNSDOMAIN__
# DocumentRoot
DocumentRoot __MANAGERDIR__
<Directory __MANAGERDIR__>
Order deny,allow
Deny from all
Allow from 127.0.0.0/8
Options +ExecCGI
</Directory>
# On-line documentation
Alias /doc/ __DOCDIR__
<Directory __DOCDIR__>
Order deny,allow
Allow from all
</Directory>
# Perl script
<Files *.pl>
SetHandler perl-script
PerlHandler Apache::Registry
</Files>
# Directory index
<IfModule mod_dir.c>
DirectoryIndex index.pl index.html
</IfModule>
</VirtualHost>
#====================================================================
# Apache configuration for LemonLDAP::NG Manager
#====================================================================
# Uncomment this if no previous NameVirtualHost declaration
#NameVirtualHost __VHOSTLISTEN__
# Manager virtual host (manager.__DNSDOMAIN__)
<VirtualHost __VHOSTLISTEN__>
ServerName manager.__DNSDOMAIN__
# DocumentRoot
DocumentRoot __MANAGERDIR__
<Directory __MANAGERDIR__>
Order deny,allow
Deny from all
Allow from 127.0.0.0/8
Options +ExecCGI
</Directory>
# On-line documentation
Alias /doc/ __DOCDIR__
<Directory __DOCDIR__>
Order deny,allow
Allow from all
</Directory>
# Perl script
<Files *.pl>
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
</Files>
# Directory index
<IfModule mod_dir.c>
DirectoryIndex index.pl index.html
</IfModule>
</VirtualHost>
NameVirtualHost * #====================================================================
# Apache configuration for LemonLDAP::NG Portal
#====================================================================
# Perl environment # Uncomment this if no previous NameVirtualHost declaration
PerlRequire __HANDLER__ #NameVirtualHost __VHOSTLISTEN__
<Files ~ "\.(pl)$">
SetHandler perl-script
PerlHandler Apache::Registry
</Files>
<IfModule mod_dir.c>
DirectoryIndex index.pl index.html
</IfModule>
# Common error page and security parameters # Portal Virtual Host (auth.__DNSDOMAIN__)
ErrorDocument 403 http://auth.__DNSDOMAIN__/error.pl?error=403 <VirtualHost __VHOSTLISTEN__>
ErrorDocument 500 http://auth.__DNSDOMAIN__/error.pl?error=500
ServerSignature Off
LogLevel warn
# Portal virtual host
<VirtualHost *>
ServerName auth.__DNSDOMAIN__ ServerName auth.__DNSDOMAIN__
# DocumentRoot # DocumentRoot
...@@ -28,6 +17,17 @@ LogLevel warn ...@@ -28,6 +17,17 @@ LogLevel warn
Options +ExecCGI Options +ExecCGI
</Directory> </Directory>
# Perl script
<Files *.pl>
SetHandler perl-script
PerlHandler Apache::Registry
</Files>
# Directory index
<IfModule mod_dir.c>
DirectoryIndex index.pl index.html
</IfModule>
# SOAP functions for sessions management (disabled by default) # SOAP functions for sessions management (disabled by default)
<Directory __PORTALDIR__/index.pl/adminSessions> <Directory __PORTALDIR__/index.pl/adminSessions>
Order deny,allow Order deny,allow
...@@ -52,71 +52,17 @@ LogLevel warn ...@@ -52,71 +52,17 @@ LogLevel warn
Deny from all Deny from all
</Directory> </Directory>
</VirtualHost> # SAML2
<IfModule mod_rewrite.c>
# Manager virtual host RewriteEngine On
<VirtualHost *> RewriteRule ^/saml/metadata /metadata.pl
ServerName manager.__DNSDOMAIN__ RewriteRule ^/saml/.* /index.pl
</IfModule>
# DocumentRoot
DocumentRoot __MANAGERDIR__
<Directory __MANAGERDIR__>
Order deny,allow
Deny from all
Allow from 127.0.0.0/8
Options +ExecCGI
</Directory>
# On-line documentation
Alias /doc/ __DOCDIR__
<Directory __DOCDIR__>
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
# Application Test
<VirtualHost *>
ServerName test1.__DNSDOMAIN__
ServerAlias test2.__DNSDOMAIN__
# SSO protection
PerlHeaderParserHandler My::Package
# DocumentRoot
DocumentRoot __TESTDIR__
<Directory __TESTDIR__>
Order deny,allow
Allow from all
Options +ExecCGI
</Directory>
# Configuration reload mechanism (only 1 per physical server is
# needed): choose your URL to avoid restarting Apache when
# configuration change
<Location /reload>
Order deny,allow
Deny from all
Allow from 127.0.0.0/8
PerlHeaderParserHandler My::Package->refresh
</Location>
# Uncomment this to activate status module
#<Location /status>
# Order deny,allow
# Deny from all
# Allow from 127.0.0.0/8
# PerlHeaderParserHandler My::Package->status
#</Location>
</VirtualHost> </VirtualHost>
##############################################