CDA.pm 3.97 KB
Newer Older
Yadd's avatar
Yadd committed
1 2 3 4 5
##@file
# Cross-domain mechanism for handler

##@class
# Cross-domain mechanism for handler
6
package Lemonldap::NG::Handler::CDA;
7 8 9 10 11

use strict;

use Lemonldap::NG::Handler::SharedConf qw(:all);

12
our $VERSION = '0.2';
13

14
use base qw(Lemonldap::NG::Handler::SharedConf);
15 16 17 18

*EXPORT_TAGS = *Lemonldap::NG::Handler::SharedConf::EXPORT_TAGS;
*EXPORT_OK   = *Lemonldap::NG::Handler::SharedConf::EXPORT_OK;

Yadd's avatar
Yadd committed
19
## @rmethod int run(Apache2::RequestRec apacheRequest)
Yadd's avatar
Yadd committed
20 21 22
# overload run subroutine to implement cross-domain mechanism.
# @param $apacheRequest
# @return Apache constant
23 24 25 26
sub run ($$) {
    my $class;
    ( $class, $apacheRequest ) = @_;
    my $args = $apacheRequest->args;
27
    if ( $args =~ s/[\?&]?($cookieName=\w+)$//oi ) {
28 29 30
        my $str = $1;
        $class->lmLog(
            "Found a CDA id. Redirecting  "
31 32 33 34 35 36
              . $apacheRequest->connection->remote_ip
              . " to myself with new cookie",
            'debug'
        );
        $apacheRequest->args($args);
        my $host = $apacheRequest->get_server_name();
37
        my $portString = $port || $apacheRequest->get_server_port();
38 39 40
        lmSetErrHeaderOut( $apacheRequest,
                'Location' => "http"
              . ( $https ? 's' : '' )
41
              . "://$host:$portString"
42 43 44 45 46
              . $apacheRequest->uri
              . ( $apacheRequest->args ? "?" . $apacheRequest->args : "" ) );
        $host =~ s/^[^\.]+\.(.*\..*$)/$1/;
        lmSetErrHeaderOut( $apacheRequest,
            'Set-Cookie' => "$str; domain=$host; path=/"
Yadd's avatar
Yadd committed
47
              . ( $https ? "; secure" : "" ) );
Yadd's avatar
Yadd committed
48 49 50
        return REDIRECT;
    }
    else {
51
        return $class->SUPER::run($apacheRequest);
52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109
    }
}

1;
__END__

=head1 NAME

Lemonldap::NG::Handler::CDA - Module to use Lemonldap::NG::Handler
mechanisms with Cross-Domain-Authentication.

=head1 SYNOPSIS

New usage:

  package My::Package;
  use Lemonldap::NG::Handler::CDA;
  @ISA = qw(Lemonldap::NG::Handler::CDA);
  __PACKAGE__->init ( {
    localStorage        => "Cache::FileCache",
    localStorageOptions => {
        'namespace' => 'MyNamespace',
        'default_expires_in' => 600,
      },
    reloadTime          => 1200, # Default: 600
    configStorage       => {
       type                => "DBI"
       dbiChain            => "DBI:mysql:database=$database;host=$hostname;port=$port",
       dbiUser             => "lemonldap",
       dbiPassword         => "password",
    },
  } );

Call your package in /apache-dir/conf/httpd.conf :

  PerlRequire MyFile
  # TOTAL PROTECTION
  PerlHeaderParserHandler My::Package
  # OR SELECTED AREA
  <Location /protected-area>
    PerlHeaderParserHandler My::Package
  </Location>

The configuration is loaded only at Apache start. Create an URI to force
configuration reload, so you don't need to restart Apache at each change :

  # /apache-dir/conf/httpd.conf
  <Location /location/that/I/ve/choosed>
    Order deny,allow
    Deny from all
    Allow from my.manager.com
    PerlHeaderParserHandler My::Package->refresh
  </Location>

=head1 DESCRIPTION

This library inherit from L<Lemonldap::NG::Handler::SharedConf> and add the
capability to control users that are authenticated with a
110
L<Lemonldap::NG::Portal::CDA> CGI in another domain.
111 112 113 114 115 116 117 118

=head2 EXPORT

Same as L<Lemonldap::NG::Handler::SharedConf>.

=head1 SEE ALSO

L<Lemonldap::NG::Manager>, L<Lemonldap::NG::Handler>,
Yadd's avatar
Yadd committed
119 120
L<Lemonldap::NG::Handler::SharedConf>,
http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation
121 122 123 124 125

=head1 AUTHOR

Xavier Guimard, E<lt>x.guimard@free.frE<gt>

Yadd's avatar
Yadd committed
126 127 128 129 130 131 132 133 134 135
=head1 BUG REPORT

Use OW2 system to report bug or ask for features:
L<http://forge.objectweb.org/tracker/?group_id=274>

=head1 DOWNLOAD

Lemonldap::NG is available at
L<http://forge.objectweb.org/project/showfiles.php?group_id=274>

136 137 138 139 140 141 142 143 144 145
=head1 COPYRIGHT AND LICENSE

Copyright (C) 2007 by Xavier Guimard E<lt>x.guimard@free.frE<gt>

This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself, either Perl version 5.8.4 or,
at your option, any later version of Perl 5 you may have available.

=cut