view release on metacpan or  search on metacpan

examples/conf/appsamurai-owa.conf  view on Meta::CPAN

# * http://3cx.org/item/38 - Very helpful HowTo on setting up Apache to proxy
#    OWA.  (This is only for reference: All the directives you need should
#    already be in this configuration example.)
# * I would point to a good doc on setting up OWA and ActiveSync, but I can't
#   recommend any.  Search technet.microsoft.com and Google as needed.

# This is a Apache1/mod_perl1 - Apache2/mod_perl2 dual configuration.
# Thanks to some silly nesting rules in Apache2, some <Directory> and
# <Proxy> sections are duplicated.  Pay close attention to <IfDefine>
# sections for your version of mod_perl (!MODPERL2 for mod_perl 1 and
# MODPERL2 for mod_perl 2)

# The following modules are required for this setup:
#LoadModule rewrite_module	/usr/lib/apache/modules/mod_rewrite.so
#LoadModule proxy_module	/usr/lib/apache/modules/libproxy.so
#LoadModule perl_module        /usr/lib/apache/modules/mod_perl.so

# Load the main AppSamurai module and the mod_perl registry,
# and also enable taint and warnings
PerlModule Apache::AppSamurai
<IfDefine !MODPERL2>
 PerlModule Apache::Registry
 PerlWarn On
 PerlTaintCheck On
</IfDefine>
<IfDefine MODPERL2>
 PerlModule ModPerl::Registry
 PerlSwitches -wT
</IfDefine>

#### AppSamurai Setup ####
# We with use the auth_name "Owa" for this sample.  If you prefer
# "TheMagnificentRonnieWilson" instead, just replace "Owa" with
# that in each PerlSetVar line.
#
# Set to 1 for debugging (only for troubleshooting or non-production testing,
# as this produces a TON of noise, and leaks some semi-sensitive info,
# into the Apache error logs)  (Default: 0)
PerlSetVar OwaDebug 0

# Name of authentication cookie
PerlSetVar OwaCookieName ChocholateChipOfDoom

# Path to set on authentication cookie  (Default: /)
PerlSetVar OwaPath /

# Point to the form login page/script
PerlSetVar OwaLoginScript /AppSamurai/login.pl

# Must satisfy all authentication checks (Default: All)
PerlSetVar OwaSatisfy All

# Set the "secure" flag on the authentication cookie (Note - If you are not
# using SSL, well, USE SSL!!!)
PerlSetVar OwaSecure 1

# Set the silly Microsoft http-only cookie flag
PerlSetVar OwaHttpOnly 1

# Custom mapping of xxxxxx;yyyyyy Basic authentication password input
# to specific and separate individual credentials.
# Example: If the user logs into the basic auth popup with the password:
#		myRockinPassword;1234123456
# The map below will set credential_1 as "1234123456" and credential_2
# as "myRockinPassword", then proceed as if the same were entered into
# a form login.  (Default: undef)
#PerlSetVar OwaBasicAuthMap "2,1=(.+);([^;]+)"

# List the authentication methods (modules) you will be using, in order of
# credential number on the login form.  (credential_1, credential_2, etc)
PerlSetVar OwaAuthMethods "AuthBasic"

# AuthUnique forces each login to use at least one unique credential.
# You should enable this if a OTP or token (SecurID, etc.) is part of
# the authentication mix. 
# (Note - Uses the Tracker system) (Default: 0)
#PerlSetVar OwaAuthUnique 1

## AppSamurai::AuthBasic options
#
# The URL to send basic authentication checks to
PerlSetVar OwaAuthBasicLoginUrl "https://__OWA_SERVER_FQDN__/exchange/"

# Use the special "HEADER:<field>" to pass the named header field from
# the client to the backend authenticator directly.  (Default: undef)
PerlSetVar OwaAuthBasicUserAgent "header:User-Agent"

# Abort the check unless the "realm" returned by the server matches
# this string.  (Note - most OWA servers use the Active Directory
# domain as the realm.  Try a direct login to the backend server to check.)
# (Default: undef)
PerlSetVar OwaAuthBasicRequireRealm "__OWA_SERVER_LOGIN_REALM__"

# Continue to send the same Authorization: header to the backend server
# after login.  (Only use this when the AuthBasic check is run against
# the backend server you are protecting)  (Default: 1)
PerlSetVar OwaAuthBasicKeepAuth 1

# Collect cookes from AuthBasic check and send back to the user's browser
# on login  (Default: 1)
PerlSetVar OwaAuthBasicPassBackCookies 1

## AppSamurai::AuthRadius options
#
# Set the IP and port to send Radius requests to
PerlSetVar OwaAuthRadiusConnect "__RADIUS_SERVER_IP__:__RADIUS_PORT__"

# Set the RADIUS key to use
PerlSetVar OwaAuthRadiusSecret "__RADIUS_PASSWORD__"


## Session storage options
#
# Inactivity timeout (in seconds) for normal (form based) OWA sessions
# (Default: 3600)
PerlSetVar OwaSessionTimeout 3600

# This is the AppSamurai instance's password.  Set it to something long.
# All AppSamurai servers in a cluster (sharing the same auth name), and
# using a common storage area (central session database server), must
# use the same ServerPass.