Apache-AuthCASSimple
3 results

 view release on metacpan or  search on metacpan

lib/Apache/AuthCASSimple.pm  view on Meta::CPAN 


  $s->session->{'CASUser'} = $r->connection->user();
  my $ip = ($cfg->{_mod_proxy})?$r->header_in('X-Forwarded-For'):$r->connection->remote_ip();
  $s->session->{'CASIP'} = $ip;
  $s->session->{'time'} = time();

};

#
# CASServerName()
#
# Callback for CASServerName apache directive
#
sub CASServerName ($$$) {
  my ($cfg, $parms, $arg) = @_;

  die "Invalid CAS Server name $arg." unless ($arg =~ m/^(.+)$/);

  $cfg->{_cas_name} = $arg;
}

#
# CASServerPath()
#
# Callback for CASServerPath apache directive
#
sub CASServerPath ($$$) {
  my ($cfg, $parms, $arg) = @_;

  die "Invalid CAS Server path $arg." unless ($arg =~ m/^\//);

  $arg = '' if $arg eq '/';
  $cfg->{_cas_path} = $arg;

}

#
# CASServerPort()
#
# Callback for CASServerPort apache directive
#
sub CASServerPort ($$$) {
  my ($cfg, $parms, $arg) = @_;

  die "Invalid CAS Server port $arg." unless ($arg =~ m/^\d+$/);

  $cfg->{_cas_port} = $arg;
}

#
# CASServerNoSSL()
#
# Callback for CASServerNoSSL apache directive
#
sub CASServerNoSSL ($$) {
  shift->{_cas_ssl} = 0;
}


#
# CASSessionTimeout()
#
# Callback for CASSessionTimeout apache directive
#
sub CASSessionTimeout ($$$) {
  my ($cfg, $parms, $arg) = @_;

  die "Invalid CAS session timeout $arg." unless ($arg =~ m/^-?\d+$/);

  $cfg->{_cas_session_timeout} = $arg;
}

#
# CASSessionDirectory()
#
# Callback for CASSessionTimeout apache directive
#
sub CASSessionDirectory ($$$) {
  my ($cfg, $parms, $arg) = @_;

  die "Invalid CAS session directory $arg (does not exist or is not writable)." unless (-d $arg && -w $arg);

  $cfg->{_cas_session_dir} = $arg;
}

#
# CASCaFile()
#
# Callback for CASCaFile apache directive
#
sub CASCaFile ($$$) {
  my ($cfg, $parms, $arg) = @_;

  die "Invalid CA file $arg." unless (-e $arg);

  $cfg->{_ca_file} = $arg;
}
#
# CASFixDirectory()
#
# Callback for CASFixDirectory apache directive
#
sub CASFixDirectory ($$$) {
  my ($cfg, $parms, $arg) = @_;

  die "Invalid CAS fix directory directive, path must begin with '/'." unless ($arg && $arg =~ m/^\//);

  $cfg->{_cas_cookie_path} = $arg;
}
#
# NOModProxy()
#
# Callback for NOModProxy apache directive
#
sub NOModProxy ($) {
  shift->{_mod_proxy} = 0;
}
#
# DIR_CREATE
#
# create default values 
#
sub DIR_CREATE {
  my $class = shift;
  my $self = {};

  $self->{_cas_name} = "my.cas-server.net";
  $self->{_cas_path} = "/cas";
  $self->{_cas_port} = "443";
  $self->{_cas_ssl} = 1;
  $self->{_cas_cookie_path} = "/";
  $self->{_ca_file} = "";
  $self->{_cas_session_dir} = "/tmp";
  $self->{_cas_session_timeout} = -1;
  $self->{_mod_proxy} = 1;

  return bless($self, $class);
}
#
# DIR_MERGE
#
# create default values 
#
sub DIR_MERGE {
  my ($parent, $current) = @_;

  my $new = {%$parent, %$current};

  return bless($new, ref($parent));
}

1;

__END__

=head1 NAME

Apache::AuthCASSimple - Apache module to authentificate trough a CAS server

=head1 DESCRIPTION

Apache::AuthCASSimple is a module for Apache/mod_perl. It allow you to
authentificate users trough a CAS server. It means you don't need
to give login/password if you've already be authentificate by the CAS
server, only tickets are exchanged between Web client, Apache server
and CAS server. If you not're authentificate yet, you'll be redirect
on the CAS server login form.

=head1 SYNOPSIS

  <Location /protected>
    AuthType Apache::AuthCASSimple
    PerlAuthenHandler Apache::AuthCASSimple

    CASServerName my.casserver.com
    CASServerPath /
    #CASServerPort 443
    # CASServerNoSSL
    CASSessionTimeout 60
    CASSessionDirectory /tmp
    # CASFixDirectory /
    # NOModProxy

    require valid-user
  </Location>

or require user xxx yyyy

=head1 CONFIGURATION

=over 4

=item CASServerName

Name of the CAS server. It can be a numeric IP address.

=item CASServerPort
Port of the CAS server. Default is 443.

=item CASServerPath

Path (URI) of the CAS server. Default is "/cas".

=item CASServerNoSSL

Disable SSL transaction wih CAS server (HTTPS). Default is off.

=item CASCaFile

CAS server public key. This file is used to allow secure connection
between the webserver using Apache::AuthCASSimple and the CAS server.

DEPRECATED : L<Authen::CAS::Client> use L<LWP::UserAgent> to make https requests

=item CASSessionTimeout

Timeout (in second) for session create by Apache::AuthCASSimple (to avoid CAS server overloading). Default is -1.

-1 means disable.

0 mean infinite (until the user close browser).

=item CASSessionDirectory

Directory where session data are stored. Default is /tmp.

=item CASFixDirectory

Force the path of the session cookie for same policy in all subdirectories else current directory is used.

=item NOModProxy

Apache mod_perl don't be use with mod_proxy. Default is off.

=back

=head1 METHODS

=head2 handler

used by apache

=head2 DIR_CREATE

set defaults values

=head2 DIR_MERGE

access deafault values

=head1 VERSION

This documentation describes Apache::AuthCASSimple version 0.0.4

=head1 BUGS AND TROUBLESHOOTING

=over 4

=item *
Old expired sessions files must be deleted with an external provided script : C<delete_session_data.pl>

=back

Please submit any bug reports to agostini@univ-metz.fr.


=head1 NOTES

Requires C<mod_perl 1> version 1.29 or later
Requires L<Authen::CAS::Client>
Requires L<Apache::Session::Wrapper> 

=head1 AUTHORS

    Yves Agostini
    CPAN ID: YVESAGO
    Univ Metz



( run in 1.004 second using v1.01-cache-2.11-cpan-cdf2f3d4e48 )