diff --git a/Makefile b/Makefile
index 37e42cdef..15619b566 100644
--- a/Makefile
+++ b/Makefile
@@ -50,7 +50,11 @@ DATADIR=$(LMPREFIX)/data
# Document roots for Apache VirtualHosts
DOCUMENTROOT=$(LMPREFIX)/htdocs
PORTALDIR=$(DOCUMENTROOT)/portal
-PORTALSKINSDIR=$(PORTALDIR)/skins
+PORTALSITEDIR=$(MANAGERDIR)
+PORTALSTATICDIR=$(MANAGERSITEDIR)/static
+PORTALRELATIVESTATICDIR=/static
+PORTALTEMPLATESDIR=$(MANAGERSITEDIR)/templates
+
MANAGERDIR=$(DOCUMENTROOT)/manager
MANAGERSITEDIR=$(MANAGERDIR)
MANAGERSTATICDIR=$(MANAGERSITEDIR)/static
@@ -128,7 +132,10 @@ RINITDIR=$(DESTDIR)/$(INITDIR)
RETCDEFAULTDIR=$(DESTDIR)/$(ETCDEFAULTDIR)
RDATADIR=$(DESTDIR)/$(DATADIR)
RPORTALDIR=$(DESTDIR)/$(PORTALDIR)
-RPORTALSKINSDIR=$(DESTDIR)/$(PORTALSKINSDIR)
+RPORTALSITEDIR=$(DESTDIR)/$(MANAGERSITEDIR)
+RPORTALSTATICDIR=$(DESTDIR)/$(MANAGERSTATICDIR)
+RPORTALPSGIDIR=$(DESTDIR)/$(MANAGERPSGIDIR)
+RPORTALTEMPLATESDIR=$(DESTDIR)/$(MANAGERTEMPLATESDIR)
RMANAGERDIR=$(DESTDIR)/$(MANAGERDIR)
RMANAGERSITEDIR=$(DESTDIR)/$(MANAGERSITEDIR)
RMANAGERSTATICDIR=$(DESTDIR)/$(MANAGERSTATICDIR)
@@ -163,17 +170,16 @@ MANAGERLIBSTOREMOVEFORDEBIAN=$(RMANAGERSTATICDIR)/bwr/jquery/ \
$(RMANAGERSTATICDIR)/bwr/angular-cookie/ \
$(RMANAGERSTATICDIR)/bwr/bootstrap/ \
$(RMANAGERSTATICDIR)/bwr/es5-shim/
-PORTALLIBSTOREMOVEFORDEBIAN=$(RPORTALSKINSDIR)/bootstrap/fonts \
- $(RPORTALSKINSDIR)/bootstrap/css/bootstrap* \
- $(RPORTALSKINSDIR)/bootstrap/js/bootstrap* \
- $(RPORTALSKINSDIR)/common/js/jquery-* \
- $(RPORTALSKINSDIR)/common/js/jquery.cookie*
+PORTALLIBSTOREMOVEFORDEBIAN=$(RPORTALSTATICDIR)/bwr/bootstrap/ \
+ $(RPORTALSTATICDIR)/bwr/jquery-ui \
+ $(RPORTALSTATICDIR)/bwr/jquery.cookie \
+ $(RPORTALSTATICDIR)/bwr/jquery
DOCLIBSTOREMOVEFORDEBIAN=pages/documentation/current/lib/tpl/bootstrap3 \
pages/documentation/current/lib/scripts/jquery-ui*.js \
pages/documentation/current/bootswatch/3.3.4/flatly/bootstrap.min.css
DOCEXTERNALLIBS=$(DOCLIBSTOREMOVEFORDEBIAN)
MANAGEREXTERNALLIBS=$(RMANAGERSTATICDIR)/bwr/
-PORTALEXTERNALLIBS=$(PORTALLIBSTOREMOVEFORDEBIAN) $(RPORTALSKINSDIR)/common/js/jquery*
+PORTALEXTERNALLIBS=$(PORTALLIBSTOREMOVEFORDEBIAN)
# GENERATED SRC FILES
MANAGERJSONSRC= scripts/jsongenerator.pl \
@@ -369,7 +375,8 @@ prepare_test_server:
VHOSTLISTEN='*:$(TESTWEBSERVERPORT)' \
PORT=$(TESTWEBSERVERPORT) \
FASTCGISOCKDIR=`pwd`/e2e-tests/conf \
- PORTALDIR=`pwd`/$(SRCPORTALDIR)/site/htdocs \
+ PORTALDIR=`pwd`/e2e-tests/conf \
+ PORTALSTATICDIR=`pwd`/$(SRCPORTALDIR)/site/htdocs/static \
MANAGERDIR=`pwd`/$(SRCMANAGERDIR)/site \
TESTDIR=`pwd`/e2e-tests/conf/site \
MANAGERPSGIDIR=`pwd`/e2e-tests \
@@ -378,6 +385,7 @@ prepare_test_server:
SBINDIR=`pwd`/e2e-tests/conf/sbin \
INITDIR=`pwd`/e2e-tests/conf/init \
ETCDEFAULTDIR=`pwd`/e2e-tests/conf/def
+ @cp -f e2e-tests/index.fcgi e2e-tests/conf/index.fcgi
@cp e2e-tests/lmConf-1.js e2e-tests/lemonldap-ng.ini e2e-tests/env.conf e2e-tests/test-nginx.conf e2e-tests/conf/
@cp e2e-tests/form.html e2e-tests/conf/site
@perl -i -pe 'BEGIN{$$p=`pwd`;chomp $$p}s#__pwd__#$$p#;s#__port__#$(TESTWEBSERVERPORT)#;s#__FASTCGISOCKDIR__#$(FASTCGISOCKDIR)#;' \
@@ -482,7 +490,6 @@ install_bin: install_conf_dir
@cp -f\
${SRCHANDLERDIR}/example/scripts/purgeLocalCache \
${SRCPORTALDIR}/site/cron/purgeCentralCache \
- ${SRCPORTALDIR}/example/scripts/buildPortalWSDL \
${SRCCOMMONDIR}/scripts/convertConfig \
${SRCCOMMONDIR}/scripts/lmMigrateConfFiles2ini \
${SRCCOMMONDIR}/scripts/rotateOidcKeys \
@@ -542,7 +549,7 @@ install_site: install_manager_site install_portal_site install_handler_site inst
fi
@$(PERL) -i -pe 's/__DNSDOMAIN__/$(DNSDOMAIN)/g' $(RCONFDIR)/for_etc_hosts
# Fix a lost of rights on the main directory
- @chmod 755 $(RBINDIR) $(RDOCUMENTROOT) $(REXAMPLESDIR) $(RHANDLERDIR) $(RPORTALSKINSDIR) $(RMANAGERSITEDIR) $(RTOOLSDIR) $(RCONFDIR) $(RDATADIR)
+ @chmod 755 $(RBINDIR) $(RDOCUMENTROOT) $(REXAMPLESDIR) $(RHANDLERDIR) $(RPORTALSTATICDIR) $(RMANAGERSITEDIR) $(RTOOLSDIR) $(RCONFDIR) $(RDATADIR)
@echo
@echo "LemonLDAP::NG v${VERSION} is installed with these parameters:"
@echo " - System configuration: ${CONFDIR}"
@@ -585,6 +592,7 @@ install_webserver_conf:
fi
@$(PERL) -i -pe 's/__DNSDOMAIN__/$(DNSDOMAIN)/g; \
s#__PORTALDIR__#$(PORTALDIR)/#g; \
+ s#__PORTALSTATICDIR__#$(PORTALSTATICDIR)/#g; \
s#__MANAGERDIR__#$(MANAGERDIR)/#g; \
s#__MANAGERSTATICDIR__#$(MANAGERSTATICDIR)/#g; \
s#__MANAGERPSGIDIR__#$(MANAGERPSGIDIR)/#g; \
@@ -623,22 +631,13 @@ install_manager_site: install_conf_dir
install_portal_site: install_conf_dir
# Portal install
- @install -v -d $(RPORTALDIR) $(RPORTALSKINSDIR) \
+ @install -v -d $(RPORTALDIR) $(RPORTALSTATICDIR) \
$(RPORTALDIR)/skins/ \
$(RCRONDIR) $(RCONFDIR)
- @for skin in $$(ls $(SRCPORTALDIR)/site/templates/); do \
- [ -h $(RPORTALDIR)/skins/$$skin ] && rm -f $(RPORTALDIR)/skins/$$skin; \
- install -v -d $(RPORTALSKINSDIR)/$$skin; \
- done
- #cp -pR -f ${SRCPORTALDIR}/example/index_skin.pl ${RPORTALDIR}/index.pl
- #cp -pR -f ${SRCPORTALDIR}/example/mail.pl ${RPORTALDIR}
- #cp -pR -f ${SRCPORTALDIR}/example/metadata.pl ${RPORTALDIR}
- #cp -pR -f ${SRCPORTALDIR}/example/openid-configuration.pl ${RPORTALDIR}
- #cp -pR -f ${SRCPORTALDIR}/example/cdc.pl ${RPORTALDIR}
- #cp -pR -f ${SRCPORTALDIR}/example/register.pl ${RPORTALDIR}
@cp -pR -f $(SRCPORTALDIR)/site/htdocs/index.fcgi $(RPORTALDIR)
- @tar -cf - -C ${SRCPORTALDIR}/site/templates/ $$(ls ${SRCPORTALDIR}/site/templates/) |tar -xf - -C $(RPORTALSKINSDIR)
- @for f in `find $(RPORTALSKINSDIR) -type f -name '*.tpl'`; do \
+ @cp -pR -f $(SRCPORTALDIR)/site/htdocs/static/* $(RPORTALSTATICDIR)
+ @tar -cf - -C ${SRCPORTALDIR}/site/templates/ $$(ls ${SRCPORTALDIR}/site/templates/) |tar -xf - -C $(RPORTALTEMPLATESDIR)
+ @for f in `find $(RPORTALTEMPLATEDIR) -type f -name '*.tpl'`; do \
./scripts/transform-templates \
usedebianlibs $(USEDEBIANLIBS) \
useexternallibs $(USEEXTERNALLIBS) \
@@ -652,12 +651,6 @@ install_portal_site: install_conf_dir
elif test "$(USEDEBIANLIBS)" = "yes"; then \
rm -rvf $(PORTALLIBSTOREMOVEFORDEBIAN); \
fi
- @if [ "$(PORTALDIR)/skins/" != "$(PORTALSKINSDIR)/" ]; then \
- for skin in $$(ls $(SRCPORTALDIR)/site/templates/); do \
- rm -rf $(RPORTALDIR)/skins/$$skin/; \
- ln -s $(PORTALSKINSDIR)/$$skin $(RPORTALDIR)/skins/$$skin; \
- done; \
- fi
# Cron files
@cp -f $(SRCPORTALDIR)/site/cron/purgeCentralCache.cron.d $(RCRONDIR)/lemonldap-ng-portal
@if [ ! "$(APACHEUSER)" ]; then \
@@ -983,37 +976,7 @@ doxygen: clean
diff: debian-diff
-debian-diff:
- @# Portal
- @$(DIFF) $(SRCPORTALDIR)/lib/Lemonldap/NG/Portal $(DIFFPREFIX)/usr/share/perl5/Lemonldap/NG/Portal ||true
- @$(DIFF) $(SRCPORTALDIR)/example/scripts/purgeCentralCache $(DIFFPREFIX)/usr/share/lemonldap-ng/bin/purgeCentralCache ||true
- @$(DIFF) $(SRCPORTALDIR)/example/scripts/buildPortalWSDL $(DIFFPREFIX)/usr/share/lemonldap-ng/bin/buildPortalWSDL ||true
- @for i in $(PORTALSKINS); do \
- $(DIFF) -x 'jquery*' $(SRCPORTALDIR)/example/skins/$$i $(DIFFPREFIX)/usr/share/lemonldap-ng/portal-skins/$$i; \
- done ||true
- @$(DIFF) $(SRCPORTALDIR)/example/index_skin.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/index.pl ||true
- @$(DIFF) $(SRCPORTALDIR)/example/mail.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/mail.pl ||true
- @$(DIFF) $(SRCPORTALDIR)/example/metadata.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/metadata.pl ||true
- @$(DIFF) $(SRCPORTALDIR)/example/openid-configuration.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/openid-configuration.pl ||true
- @$(DIFF) $(SRCPORTALDIR)/example/cdc.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/cdc.pl ||true
- @$(DIFF) $(SRCPORTALDIR)/example/register.pl $(DIFFPREFIX)/var/lib/lemonldap-ng/portal/register.pl ||true
- @# Handler
- @$(DIFF) $(SRCHANDLERDIR)/lib/Lemonldap/NG/Handler $(DIFFPREFIX)/usr/share/perl5/Lemonldap/NG/Handler ||true
- @$(DIFF) $(SRCHANDLERDIR)/example/scripts/purgeLocalCache $(DIFFPREFIX)/usr/share/lemonldap-ng/bin/purgeLocalCache ||true
- @# Common
- @$(DIFF) $(SRCCOMMONDIR)/lib/Lemonldap/NG/Common $(DIFFPREFIX)/usr/share/perl5/Lemonldap/NG/Common ||true
- @$(DIFF) $(SRCCOMMONDIR)/lib/Lemonldap/NG/Common.pm $(DIFFPREFIX)/usr/share/perl5/Lemonldap/NG/Common.pm ||true
- @$(DIFF) $(SRCCOMMONDIR)/scripts/lmMigrateConfFiles2ini $(DIFFPREFIX)/usr/share/lemonldap-ng/bin/lmMigrateConfFiles2ini ||true
- @$(DIFF) $(SRCCOMMONDIR)/scripts/convertConfig $(DIFFPREFIX)/usr/share/lemonldap-ng/bin/convertConfig ||true
- @$(DIFF) $(SRCCOMMONDIR)/scripts/rotateOidcKeys $(DIFFPREFIX)/usr/share/lemonldap-ng/bin/rotateOidcKeys ||true
- @# Manager
- @$(DIFF) $(SRCMANAGERDIR)/lib/Lemonldap/NG/Manager $(DIFFPREFIX)/usr/share/perl5/Lemonldap/NG/Manager ||true
- @$(DIFF) $(SRCMANAGERDIR)/lib/Lemonldap/NG/Manager.pm $(DIFFPREFIX)/usr/share/perl5/Lemonldap/NG/Manager.pm ||true
- @$(DIFF) $(SRCMANAGERDIR)/site/static $(DIFFPREFIX)/usr/share/lemonldap-ng/manager/static ||true
- @$(DIFF) $(SRCMANAGERDIR)/site/templates $(DIFFPREFIX)/user/share/lemonldap-ng/manager/templates ||true
- @$(DIFF) --ignore-matching-lines='set.*get.*\[2\]' $(SRCMANAGERDIR)/scripts/lmConfigEditor $(DIFFPREFIX)/usr/share/lemonldap-ng/bin/lmConfigEditor ||true
- @$(DIFF) --ignore-matching-lines='set.*get.*' $(SRCCOMMONDIR)/scripts/lemonldap-ng-cli $(DIFFPREFIX)/usr/share/lemonldap-ng/bin/lemonldap-ng-cli ||true
-
+# TODO: change this
default-diff:
@# Portal
@$(DIFF) $(SRCPORTALDIR)/lib/Lemonldap/NG/Portal /usr/local/share/perl/$(PERLVERSION)/Lemonldap/NG/Portal ||true
diff --git a/_example/etc/portal-apache.conf b/_example/etc/portal-apache.conf
index 93637a321..2de08a580 100644
--- a/_example/etc/portal-apache.conf
+++ b/_example/etc/portal-apache.conf
@@ -9,83 +9,65 @@
ServerName auth.__DNSDOMAIN__
- # DocumentRoot
+ # DocumentRoot (FCGI scripts)
DocumentRoot __PORTALDIR__
Order allow,deny
Allow from all
Options +ExecCGI +FollowSymLinks
+ RewriteEngine On
+ RewriteCond "%{REQUEST_FILENAME}" "!^/(?:(?:static|javascript|favicon).*|.*\.fcgi)$"
+ RewriteRule "^/(.+)$" "/index.fcgi/$1" [PT]
- # Perl script
-
- SetHandler perl-script
- PerlHandler Apache::Registry
+
+ SetHandler fcgid-script
+ Options +ExecCGI
- # Directory index
+ # Static files
+ Alias /static/ __PORTALSTATICDIR__/
+
+ Order allow,deny
+ Allow from all
+ Options +FollowSymLinks
+
+
+
+ ExpiresActive On
+ ExpiresDefault "access plus 1 month"
+
+
+
- DirectoryIndex index.pl index.html
+ DirectoryIndex index.fcgi index.html
# SOAP functions for sessions management (disabled by default)
-
+
Order deny,allow
Deny from all
# SOAP functions for sessions access (disabled by default)
-
+
Order deny,allow
Deny from all
# SOAP functions for configuration access (disabled by default)
-
+
Order deny,allow
Deny from all
# SOAP functions for notification insertion (disabled by default)
-
+
Order deny,allow
Deny from all
- # SAML2 Issuer
-
- RewriteEngine On
- RewriteRule ^/saml/metadata /metadata.pl
- RewriteRule ^/saml/.* /index.pl
-
-
- # CAS Issuer
-
- RewriteEngine On
- RewriteRule ^/cas/.* /index.pl
-
-
- # OpenID Issuer
-
- RewriteEngine On
- RewriteRule ^/openidserver/.* /index.pl
-
-
- # OpenID Connect Issuer
-
- RewriteEngine On
- #RewriteCond %{HTTP:Authorization} .
- #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
- RewriteRule ^/oauth2/.* /index.pl
- RewriteRule ^/.well-known/openid-configuration$ /openid-configuration.pl
-
-
- # Get Issuer
-
- RewriteEngine On
- RewriteRule ^/get/.* /index.pl
-
-
+ # Enabe compression
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
@@ -99,25 +81,8 @@
Header append Vary User-Agent env=!dont-vary
-
-
- ExpiresActive On
- ExpiresDefault "access plus 1 month"
-
-
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security 15768000
-# Best performance under ModPerl::Registry
-# Uncomment this to increase performance of Portal
-
- #require Lemonldap::NG::Portal::SharedConf;
- #Lemonldap::NG::Portal::SharedConf->compile(
- # qw(delete header cache read_from_client cookie redirect unescapeHTML));
- # Uncomment this line if you use Lemonldap::NG menu
- #require Lemonldap::NG::Portal::Menu;
- # Uncomment this line if you use portal SOAP capabilities
- #require SOAP::Lite;
-
diff --git a/_example/etc/portal-apache2.4.conf b/_example/etc/portal-apache2.4.conf
index 40e7513a5..c6ab908bb 100644
--- a/_example/etc/portal-apache2.4.conf
+++ b/_example/etc/portal-apache2.4.conf
@@ -9,83 +9,59 @@
ServerName auth.__DNSDOMAIN__
- # DocumentRoot
+ # DocumentRoot (FCGI scripts)
DocumentRoot __PORTALDIR__
Require all granted
Options +ExecCGI +FollowSymLinks
+ RewriteEngine On
+ RewriteCond "%{REQUEST_FILENAME}" "!^/(?:(?:static|javascript|favicon).*|.*\.fcgi)$"
+ RewriteRule "^/(.+)$" "/index.fcgi/$1" [PT]
- # Perl script
-
- SetHandler perl-script
- PerlResponseHandler ModPerl::Registry
-
-
- # Temporary hook
-
+
SetHandler fcgid-script
Options +ExecCGI
+ # Static files
+ Alias /static/ __PORTALSTATICDIR__/
+
+ Require all granted
+ Options +FollowSymLinks
+
+
+
+ ExpiresActive On
+ ExpiresDefault "access plus 1 month"
+
+
+
- DirectoryIndex index.pl index.html
+ DirectoryIndex index.fcgi index.html
# SOAP functions for sessions management (disabled by default)
-
+
Require all denied
# SOAP functions for sessions access (disabled by default)
-
+
Require all denied
# SOAP functions for configuration access (disabled by default)
-
+
Require all denied
# SOAP functions for notification insertion (disabled by default)
-
+
Require all denied
- # SAML2 Issuer
-
- RewriteEngine On
- RewriteRule ^/saml/metadata /metadata.pl
- RewriteRule ^/saml/.* /index.pl
-
-
- # CAS Issuer
-
- RewriteEngine On
- RewriteRule ^/cas/.* /index.pl
-
-
- # OpenID Issuer
-
- RewriteEngine On
- RewriteRule ^/openidserver/.* /index.pl
-
-
- # OpenID Connect Issuer
-
- RewriteEngine On
- #RewriteCond %{HTTP:Authorization} .
- #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
- RewriteRule ^/oauth2/.* /index.pl
- RewriteRule ^/.well-known/openid-configuration$ /openid-configuration.pl
-
-
- # Get Issuer
-
- RewriteEngine On
- RewriteRule ^/get/.* /index.pl
-
-
+ # Enabe compression
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
@@ -99,28 +75,8 @@
Header append Vary User-Agent env=!dont-vary
-
-
- ExpiresActive On
- ExpiresDefault "access plus 1 month"
-
-
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security 15768000
-##############################################
-## Best performance under ModPerl::Registry ##
-##############################################
-
-# Uncomment this to increase performance of Portal:
-
- #require Lemonldap::NG::Portal::SharedConf;
- #Lemonldap::NG::Portal::SharedConf->compile(
- # qw(delete header cache read_from_client cookie redirect unescapeHTML));
- # Uncomment this line if you use Lemonldap::NG menu
- #require Lemonldap::NG::Portal::Menu;
- # Uncomment this line if you use portal SOAP capabilities
- #require SOAP::Lite;
-
diff --git a/_example/etc/portal-apache2.X.conf b/_example/etc/portal-apache2.X.conf
index aa2df0be1..adbc81c84 100644
--- a/_example/etc/portal-apache2.X.conf
+++ b/_example/etc/portal-apache2.X.conf
@@ -9,7 +9,7 @@
ServerName auth.__DNSDOMAIN__
- # DocumentRoot
+ # DocumentRoot (FCGI scripts)
DocumentRoot __PORTALDIR__
= 2.3>
@@ -21,19 +21,34 @@
Options +ExecCGI +FollowSymLinks
+ RewriteEngine On
+ RewriteCond "%{REQUEST_FILENAME}" "!^/(?:(?:static|javascript|favicon).*|.*\.fcgi)$"
+ RewriteRule "^/(.+)$" "/index.fcgi/$1" [PT]
- # Temporary hook
SetHandler fcgid-script
Options +ExecCGI
+ # Static files
+ Alias /static/ __PORTALSTATICDIR__/
+
+ Require all granted
+ Options +FollowSymLinks
+
+
+
+ ExpiresActive On
+ ExpiresDefault "access plus 1 month"
+
+
+
- DirectoryIndex index.html index.fcgi
+ DirectoryIndex index.fcgi index.html
# SOAP functions for sessions management (disabled by default)
-
+
= 2.3>
Require all denied
@@ -44,7 +59,7 @@
# SOAP functions for sessions access (disabled by default)
-
+
= 2.3>
Require all denied
@@ -55,7 +70,7 @@
# SOAP functions for configuration access (disabled by default)
-
+
= 2.3>
Require all denied
@@ -66,7 +81,7 @@
# SOAP functions for notification insertion (disabled by default)
-
+
= 2.3>
Require all denied
@@ -76,40 +91,7 @@
- # SAML2 Issuer
-
- RewriteEngine On
- RewriteRule ^/saml/metadata /metadata.pl
- RewriteRule ^/saml/.* /index.pl
-
-
- # CAS Issuer
-
- RewriteEngine On
- RewriteRule ^/cas/.* /index.pl
-
-
- # OpenID Issuer
-
- RewriteEngine On
- RewriteRule ^/openidserver/.* /index.pl
-
-
- # OpenID Connect Issuer
-
- RewriteEngine On
- #RewriteCond %{HTTP:Authorization} .
- #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
- RewriteRule ^/oauth2/.* /index.pl
- RewriteRule ^/.well-known/openid-configuration$ /openid-configuration.pl
-
-
- # Get Issuer
-
- RewriteEngine On
- RewriteRule ^/get/.* /index.pl
-
-
+ # Enabe compression
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
@@ -123,28 +105,8 @@
Header append Vary User-Agent env=!dont-vary
-
-
- ExpiresActive On
- ExpiresDefault "access plus 1 month"
-
-
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security 15768000
-##############################################
-## Best performance under ModPerl::Registry ##
-##############################################
-
-# Uncomment this to increase performance of Portal:
-
- #require Lemonldap::NG::Portal::SharedConf;
- #Lemonldap::NG::Portal::SharedConf->compile(
- # qw(delete header cache read_from_client cookie redirect unescapeHTML));
- # Uncomment this line if you use Lemonldap::NG menu
- #require Lemonldap::NG::Portal::Menu;
- # Uncomment this line if you use portal SOAP capabilities
- #require SOAP::Lite;
-
diff --git a/_example/etc/portal-apache2.conf b/_example/etc/portal-apache2.conf
index 49933a7f1..2de08a580 100644
--- a/_example/etc/portal-apache2.conf
+++ b/_example/etc/portal-apache2.conf
@@ -9,88 +9,65 @@
ServerName auth.__DNSDOMAIN__
- # DocumentRoot
+ # DocumentRoot (FCGI scripts)
DocumentRoot __PORTALDIR__
Order allow,deny
Allow from all
Options +ExecCGI +FollowSymLinks
+ RewriteEngine On
+ RewriteCond "%{REQUEST_FILENAME}" "!^/(?:(?:static|javascript|favicon).*|.*\.fcgi)$"
+ RewriteRule "^/(.+)$" "/index.fcgi/$1" [PT]
- # Perl script
-
- SetHandler perl-script
- PerlResponseHandler ModPerl::Registry
-
-
- # Temporary hook
-
+
SetHandler fcgid-script
Options +ExecCGI
+ # Static files
+ Alias /static/ __PORTALSTATICDIR__/
+
+ Order allow,deny
+ Allow from all
+ Options +FollowSymLinks
+
+
+
+ ExpiresActive On
+ ExpiresDefault "access plus 1 month"
+
+
+
- DirectoryIndex index.pl index.html
+ DirectoryIndex index.fcgi index.html
# SOAP functions for sessions management (disabled by default)
-
+
Order deny,allow
Deny from all
# SOAP functions for sessions access (disabled by default)
-
+
Order deny,allow
Deny from all
# SOAP functions for configuration access (disabled by default)
-
+
Order deny,allow
Deny from all
# SOAP functions for notification insertion (disabled by default)
-
+
Order deny,allow
Deny from all
- # SAML2 Issuer
-
- RewriteEngine On
- RewriteRule ^/saml/metadata /metadata.pl
- RewriteRule ^/saml/.* /index.pl
-
-
- # CAS Issuer
-
- RewriteEngine On
- RewriteRule ^/cas/.* /index.pl
-
-
- # OpenID Issuer
-
- RewriteEngine On
- RewriteRule ^/openidserver/.* /index.pl
-
-
- # OpenID Connect Issuer
-
- RewriteEngine On
- #RewriteCond %{HTTP:Authorization} .
- #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
- RewriteRule ^/oauth2/.* /index.pl
- RewriteRule ^/.well-known/openid-configuration$ /openid-configuration.pl
-
-
- # Get Issuer
-
- RewriteEngine On
- RewriteRule ^/get/.* /index.pl
-
-
+ # Enabe compression
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
@@ -104,29 +81,8 @@
Header append Vary User-Agent env=!dont-vary
-
-
- ExpiresActive On
- ExpiresDefault "access plus 1 month"
-
-
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security 15768000
-##############################################
-## Best performance under ModPerl::Registry ##
-##############################################
-
-# Uncomment this to increase performance of Portal:
-
- #require Lemonldap::NG::Portal::SharedConf;
- #Lemonldap::NG::Portal::SharedConf->compile(
- # qw(delete header cache read_from_client cookie redirect unescapeHTML));
- # Uncomment this line if you use Lemonldap::NG menu
- #require Lemonldap::NG::Portal::Menu;
- # Uncomment this line if you use portal SOAP capabilities
- #require SOAP::Lite;
-
-
diff --git a/_example/etc/portal-nginx.conf b/_example/etc/portal-nginx.conf
index 09bc005d2..1eb8854b9 100644
--- a/_example/etc/portal-nginx.conf
+++ b/_example/etc/portal-nginx.conf
@@ -3,7 +3,11 @@ server {
server_name auth.__DNSDOMAIN__;
root __PORTALDIR__;
- location ~ \.pl(?:$|/) {
+ if ($uri !~ ^/((static|javascript|favicon).*|.*\.psgi)) {
+ rewrite ^/(.*)$ /index.psgi/$1 break;
+ }
+
+ location ~ \.psgi(?:$|/) {
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:__FASTCGISOCKDIR__/llng-fastcgi.sock;
fastcgi_param LLTYPE cgi;
@@ -13,10 +17,10 @@ server {
set $sn $1;
}
fastcgi_param SCRIPT_NAME $sn;
- fastcgi_split_path_info ^(.*\.pl)(/.+)$;
+ fastcgi_split_path_info ^(.*\.psgi)(/.+)$;
}
- index index.pl;
+ index index.psgi;
location / {
try_files $uri $uri/ =404;
@@ -30,35 +34,19 @@ server {
}
# SOAP functions for sessions access (disabled by default)
- location /index.pl/sessions {
+ location /index.psgi/sessions {
deny all;
}
# SOAP functions for configuration access (disabled by default)
- location /index.pl/config {
+ location /index.psgi/config {
deny all;
}
# SOAP functions for notification insertion (disabled by default)
- location /index.pl/notification {
+ location /index.psgi/notification {
deny all;
}
- # SAML2 Issuer
- rewrite ^/saml/metadata /metadata.pl last;
- rewrite ^/saml/.* /index.pl last;
-
- # CAS Issuer
- rewrite ^/cas/.* /index.pl;
-
- # OpenID Issuer
- rewrite ^/openidserver/.* /index.pl last;
-
- # OpenID Connect Issuer
- rewrite ^/oauth2/.* /index.pl last;
- rewrite ^/.well-known/openid-configuration$ /openid-configuration.pl last;
-
- # Get Issuer
- rewrite ^/get/.* /index.pl;
# DEBIAN
# If install was made with USEDEBIANLIBS (official releases), uncomment this
diff --git a/e2e-tests/index.fcgi b/e2e-tests/index.fcgi
new file mode 100755
index 000000000..86e60c5d6
--- /dev/null
+++ b/e2e-tests/index.fcgi
@@ -0,0 +1,20 @@
+#!/usr/bin/env perl
+
+# TODO: remove this
+BEGIN {
+ $pwd = `pwd`;
+ chomp $pwd;
+ eval qq{
+ use lib "$pwd/../../lemonldap-ng-common/blib/lib";
+ use lib "$pwd/../../lemonldap-ng-handler/blib/lib";
+ use lib "$pwd/../../lemonldap-ng-portal/blib/lib";
+ use lib "$pwd/../../lemonldap-ng-manager/blib/lib";
+ };
+ die $@ if ($@);
+}
+use Plack::Handler::FCGI;
+use Lemonldap::NG::Portal::Main;
+
+# Roll your own
+my $server = Plack::Handler::FCGI->new();
+$server->run( Lemonldap::NG::Portal::Main->run( {} ) );
diff --git a/lemonldap-ng-portal/site/htdocs/index.fcgi b/lemonldap-ng-portal/site/htdocs/index.fcgi
index 8b1e348d1..abf76cd93 100755
--- a/lemonldap-ng-portal/site/htdocs/index.fcgi
+++ b/lemonldap-ng-portal/site/htdocs/index.fcgi
@@ -1,17 +1,5 @@
#!/usr/bin/env perl
-# TODO: remove this
-BEGIN {
- $pwd = `pwd`;
- chomp $pwd;
- eval qq{
- use lib "$pwd/../../../lemonldap-ng-common/blib/lib";
- use lib "$pwd/../../../lemonldap-ng-handler/blib/lib";
- use lib "$pwd/../../../lemonldap-ng-portal/blib/lib";
- use lib "$pwd/../../../lemonldap-ng-manager/blib/lib";
- };
- die $@ if ($@);
-}
use Plack::Handler::FCGI;
use Lemonldap::NG::Portal::Main;