Apache-AuthCAS
view release on metacpan or search on metacpan
lib/Apache/AuthCAS.pm view on Meta::CPAN
# number of proxy tickets to add to the request
if ($tmp = $r->dir_config("CASNumProxyTickets")) {
$NUM_PROXY_TICKETS = $tmp;
Apache->warn("$$: CAS: initialize(): setting CASNumProxyTickets to $NUM_PROXY_TICKETS") unless ($LOG_LEVEL < $LOG_INFO);
} else {
# default
$NUM_PROXY_TICKETS = $DEFAULT_NUM_PROXY_TICKETS;
}
# session settings
if ($tmp = $r->dir_config("CASSessionCookieName")) {
$SESSION_COOKIE_NAME = $tmp;
Apache->warn("$$: CAS: initialize(): setting CASSessionCookieName to $SESSION_COOKIE_NAME") unless ($LOG_LEVEL < $LOG_INFO);
} else {
# default
$SESSION_COOKIE_NAME = $DEFAULT_SESSION_COOKIE_NAME;
}
if ($tmp = $r->dir_config("CASSessionCookieDomain")) {
$SESSION_COOKIE_DOMAIN = $tmp;
Apache->warn("$$: CAS: initialize(): setting CASSessionCookieDomain to $SESSION_COOKIE_DOMAIN") unless ($LOG_LEVEL < $LOG_INFO);
} else {
# default
$SESSION_COOKIE_DOMAIN = $DEFAULT_SESSION_COOKIE_DOMAIN;
}
if ($tmp = $r->dir_config("CASSessionTimeout")) {
$SESSION_TIMEOUT= $tmp;
Apache->warn("$$: CAS: initialize(): setting CASSessionTimeout to $SESSION_TIMEOUT") unless ($LOG_LEVEL < $LOG_INFO);
} else {
# default
$SESSION_TIMEOUT= $DEFAULT_SESSION_TIMEOUT;
lib/Apache/AuthCAS.pm view on Meta::CPAN
Apache->warn("$$: CAS: authenticate(): saved '$pgtiou' => '$pgt'") unless ($LOG_LEVEL < $LOG_DEBUG);
# return a successful response to CAS
# have to not let request fall through to real content here
$r->push_handlers(PerlResponseHandler => \&send_proxysuccess);
} # else treat this as a normal authentication request
# determine any session cookies/session id we may have recieved
my ($cookie, $sid) = ("", "");
if (!defined($cookie = $r->header_in('Cookie'))) {
# if we don't have a session cookie, the user can't be valid
Apache->warn("$$: CAS: authenticate(): no session cookie found") unless ($LOG_LEVEL < $LOG_DEBUG);
my $service;
if ($SERVICE eq "") {
# use the current URL as the service
$service = $self->this_url_encoded($r);
} else {
# use the static entry point into this service
$service = $self->urlEncode($SERVICE);
lib/Apache/AuthCAS.pm view on Meta::CPAN
Apache->warn("$$: CAS: authenticate(): saved session data: ".join(",",$sid, $time, $user, $pgtiou)) unless ($LOG_LEVEL < $LOG_DEBUG);
}
Apache->warn("$$: CAS: authenticate(): sending session cookie") unless ($LOG_LEVEL < $LOG_DEBUG);
my $cookie = "$SESSION_COOKIE_NAME=$sid;path=/";
if ($SESSION_COOKIE_DOMAIN ne "") {
$cookie .= ";domain=.$SESSION_COOKIE_DOMAIN";
}
# send the cookie to the browser
$r->header_out("Set-Cookie" => $cookie);
# in case we redirect (considered an "error")
$r->err_header_out("Set-Cookie" => $cookie);
} else {
Apache->warn("$$: CAS: authenticate(): no valid session id or ticket") unless ($LOG_LEVEL < $LOG_DEBUG);
return $self->redirect_login($r);
}
Apache->warn("$$: CAS: authenticate(): got user: '$user'") unless ($LOG_LEVEL < $LOG_DEBUG);
Apache->warn("$$: CAS: authenticate(): got PGTIOU: '$pgtiou'") unless ($LOG_LEVEL < $LOG_DEBUG);
if ($PROXY_SERVICE) {
return $self->do_proxy($r, $sid, $pgtiou, $user, 1);
lib/Apache/AuthCAS.pm view on Meta::CPAN
PerlAuthenHandler Apache::AuthCAS->authenticate
PerlSetVar CASHost "auth.somedomain.com"
PerlSetVar CASPort "443"
PerlSetVar CASErrorURL "https://somedomain.com/cas/error/"
PerlSetVar CASDatabaseName "cas"
PerlSetVar CASDatabaseHost "db.somedomain.com"
PerlSetVar CASDatabasePort "5432"
PerlSetVar CASDatabaseDriver "Pg"
PerlSetVar CASDatabaseUser "dbuser"
PerlSetVar CASDatabasePass "dbpass"
PerlSetVar CASSessionCookieName "APACHECAS"
PerlSetVar CASSessionTimeout "1800"
PerlSetVar CASLogLevel "0"
PerlSetVar CASRemoveTicket "false"
require valid-user
Example configuration with proxiable credentials, which assumes that the module
itself has been configured with devel and production variables set:
AuthType Apache::AuthCAS
lib/Apache/AuthCAS.pm view on Meta::CPAN
PerlSetVar CASNumProxyTickets "1"
PerlSetVar CASHost "auth.somedomain.com"
PerlSetVar CASPort "443"
PerlSetVar CASErrorURL "https://somedomain.com/cas/error/"
PerlSetVar CASDatabaseName "cas"
PerlSetVar CASDatabaseHost "db.somedomain.com"
PerlSetVar CASDatabasePort "5432"
PerlSetVar CASDatabaseDriver "Pg"
PerlSetVar CASDatabaseUser "dbuser"
PerlSetVar CASDatabasePass "dbpass"
PerlSetVar CASSessionCookieName "APACHECAS"
PerlSetVar CASSessionTimeout "1800"
PerlSetVar CASLogLevel "0"
PerlSetVar CASRemoveTicket "false"
require valid-user
=head2 Configuration Options
These are Apache configuration option examples for Apache::AuthCAS
lib/Apache/AuthCAS.pm view on Meta::CPAN
PerlSetVar CASDatabasePGTIOUTable "cas_pgtiou_to_pgt"
# the level of logging
PerlSetVar CASLogLevel "4"
# whether we should perform a redirect, stripping the service ticket
# once we have already created a session for the client
PerlSetVar CASRemoveTicket "true"
# the name of the cookie that will be used for sessions
PerlSetVar CASSessionCookieName "APACHECAS"
# the max time before a session expires (in seconds)
PerlSetVar CASSessionTimeout "1800"
# not currently able to override through Apache configuration:
# CAS login URI
# CAS logout URI
# CAS proxy URI
# CAS proxy validate URI
# CAS service validate URI
( run in 0.953 second using v1.01-cache-2.11-cpan-e9199f4ba4c )