portal-apache2.conf 3.41 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14
#====================================================================
# Apache configuration for LemonLDAP::NG Portal
#====================================================================

# Uncomment this if no previous NameVirtualHost declaration
#NameVirtualHost __VHOSTLISTEN__

# Portal Virtual Host (auth.__DNSDOMAIN__)
<VirtualHost __VHOSTLISTEN__>
    ServerName auth.__DNSDOMAIN__

    # DocumentRoot
    DocumentRoot __PORTALDIR__
    <Directory __PORTALDIR__>
Xavier Guimard's avatar
Xavier Guimard committed
15 16 17
        Order allow,deny
        Allow from all
        Options +ExecCGI +FollowSymLinks
18 19 20 21 22 23 24 25 26 27 28 29 30
    </Directory>

    # Perl script
    <Files *.pl>
        SetHandler perl-script
        PerlResponseHandler ModPerl::Registry
    </Files>

    <IfModule mod_dir.c>
        DirectoryIndex index.pl index.html
    </IfModule>

    # SOAP functions for sessions management (disabled by default)
31
    <Location /index.pl/adminSessions>
Xavier Guimard's avatar
Xavier Guimard committed
32 33
        Order deny,allow
        Deny from all
34
    </Location>
35 36

    # SOAP functions for sessions access (disabled by default)
37
    <Location /index.pl/sessions>
Xavier Guimard's avatar
Xavier Guimard committed
38 39
        Order deny,allow
        Deny from all
40
    </Location>
41 42

    # SOAP functions for configuration access (disabled by default)
43
    <Location /index.pl/config>
Xavier Guimard's avatar
Xavier Guimard committed
44 45
        Order deny,allow
        Deny from all
46
    </Location>
47 48

    # SOAP functions for notification insertion (disabled by default)
49
    <Location /index.pl/notification>
Xavier Guimard's avatar
Xavier Guimard committed
50 51
        Order deny,allow
        Deny from all
52
    </Location>
53

54
    # SAML2 Issuer
55 56 57 58 59 60
    <IfModule mod_rewrite.c>
        RewriteEngine On
        RewriteRule ^/saml/metadata /metadata.pl
        RewriteRule ^/saml/.* /index.pl
    </IfModule>

61
    # CAS Issuer
Clément OUDOT's avatar
Clément OUDOT committed
62 63 64 65 66
    <IfModule mod_rewrite.c>
        RewriteEngine On
        RewriteRule ^/cas/.* /index.pl
    </IfModule>

67 68 69 70 71 72
    # OpenID Issuer
    <IfModule mod_rewrite.c>
        RewriteEngine On
        RewriteRule ^/openidserver/.* /index.pl
    </IfModule>

73 74 75 76
    # OpenID Connect Issuer
    <IfModule mod_rewrite.c>
        RewriteEngine On
        RewriteRule ^/oauth2/.* /index.pl
77
        RewriteRule ^/.well-known/openid-configuration$ /openid-configuration.pl
78 79
    </IfModule>

80 81
    <Location />
        <IfModule mod_deflate.c>
Xavier Guimard's avatar
Xavier Guimard committed
82 83 84 85 86 87
                AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
                SetOutputFilter DEFLATE
                BrowserMatch ^Mozilla/4 gzip-only-text/html
                BrowserMatch ^Mozilla/4\.0[678] no-gzip
                BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
                SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
88 89
        </IfModule>
        <IfModule mod_headers.c>
Xavier Guimard's avatar
Xavier Guimard committed
90
                Header append Vary User-Agent env=!dont-vary
91 92
        </IfModule>
    </Location>
Xavier Guimard's avatar
Typo  
Xavier Guimard committed
93
    <Location /skins/>
Xavier Guimard's avatar
Xavier Guimard committed
94 95 96 97
        <IfModule mod_expires.c>
                ExpiresActive On
                ExpiresDefault "access plus 1 month"
        </IfModule>
98
    </Location>
99 100
</VirtualHost>

101 102 103 104 105
##############################################
## Best performance under ModPerl::Registry ##
##############################################

# Uncomment this to increase performance of Portal:
106
<Perl>
107 108
    #require Lemonldap::NG::Portal::SharedConf;
    #Lemonldap::NG::Portal::SharedConf->compile(
109
    #    qw(delete header cache read_from_client cookie redirect unescapeHTML));
110
    # Uncomment this line if you use Lemonldap::NG menu
111
    #require Lemonldap::NG::Portal::Menu;
112
    # Uncomment this line if you use portal SOAP capabilities
113
    #require SOAP::Lite;
114 115
</Perl>