Apache-AppSamurai
view release on metacpan or search on metacpan
examples/conf/appsamurai-owa.conf view on Meta::CPAN
# IMPORTANT - The auth name MUST match a configured AppSamurai auth name
AuthName "Owa"
# Map to method
<IfDefine !MODPERL2>
PerlHandler Apache::AppSamurai->login
</IfDefine>
<IfDefine MODPERL2>
PerlResponseHandler Apache::AppSamurai->login
</IfDefine>
allow from all
</Files>
<Files LOGOUT>
# This is a fake file that is mapped to the logout() method in
# Apache::AppSamurai
SetHandler perl-script
AuthType Apache::AppSamurai
# IMPORTANT - The auth name MUST match a configured AppSamurai auth name
AuthName "Owa"
# Map to method
<IfDefine !MODPERL2>
PerlHandler Apache::AppSamurai->logout
</IfDefine>
<IfDefine MODPERL2>
PerlResponseHandler Apache::AppSamurai->logout
</IfDefine>
allow from all
</Files>
</Directory>
# Images used on AppSamurai login page
<Directory "__DOCUMENT_ROOT__/AppSamurai/images">
Options None
AllowOverride None
allow from all
</Directory>
# Local copies of static OWA content (images, styles, etc)
# This is to speed up serving of things that need no protection.
# COPY THESE FOLDERS FROM YOUR OWA SERVER IF YOU WISH TO USE
# THIS SECTION! Then, proceed to the rewrite rules and uncomment
# the corresponding rewrite lines.
#<Directory "__DOCUMENT_ROOT__/AppSamurai/exchweb">
# AllowOverride None
# Order allow,deny
# Allow from all
#</Directory>
# Turn off client proxy requests (All requests mapped by Rewrite)
ProxyRequests Off
# Protect ALL proxied areas (by default) The actual proxy mapping is
# done with rewrite rules. (Be careful if you decide to make this
# a more specific path: You do not want to expose internal servers!)
# !!! MAKE SURE TO CONFIGURE THE IfDefine SECTION FOR YOUR VERSION !!!
# !!! OF MOD_PERL !!!
<IfDefine !MODPERL2>
<Directory proxy:*>
AuthType Apache::AppSamurai
# IMPORTANT - The auth name MUST match a configured AppSamurai auth name
AuthName "Owa"
# Map authentication checks to this method
PerlAuthenHandler Apache::AppSamurai->authenticate
# Map authorization checks to this method
PerlAuthzHandler Apache::AppSamurai->authorize
# Allow all IPs, but require a logged in user
Order deny,allow
Allow from all
Require valid-user
</Directory>
</IfDefine>
<IfDefine MODPERL2>
# (See !MODPERL2 section directly above for comments)
<Proxy *>
AuthType Apache::AppSamurai
AuthName "Owa"
PerlAuthenHandler Apache::AppSamurai->authenticate
PerlAuthzHandler Apache::AppSamurai->authorize
Order deny,allow
Allow from all
Require valid-user
</Proxy>
</IfDefine>
# Special ActiveSync configuration: Protects /Microsoft-Server-ActiveSync
# path with Basic Authentication login instead of form based. This is
# to support Windows Mobile devices. Other special parameters are used
# to support the non-cookie aware ActiveSync
# !!! MAKE SURE TO CONFIGURE THE IfDefine SECTION FOR YOUR VERSION !!!
# !!! OF MOD_PERL !!!
<IfDefine !MODPERL2>
<Directory proxy:https://__OWA_SERVER_FQDN__/Microsoft-Server-ActiveSync*>
# Set hard expiration (no matter what, the session is killed after this
# many seconds)
PerlSetVar OwaSessionExpire 86400
# Override the previously configured inactivity timer (only applies to this
# directory) 0 disables the timer
PerlSetVar OwaSessionTimeout 0
# ActiveSync does not maintain session cookies. This sets up a "custom
# keysource" to compute the session authentication key based on a set of
# headers and arguments. (Sort of a pseudo-cookie). This avoids losing
# sessions with ActiveSync. It is MUCH less secure, though! Only
# use this in conjuction with at least one token or OTP based authentication
( run in 3.924 seconds using v1.01-cache-2.11-cpan-437f7b0c052 )