parent
4afa620d6b
commit
10323d6b76
|
@ -1563,6 +1563,12 @@ qr/^(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.
|
|||
'test' => qr/^[a-zA-Z][a-zA-Z0-9_:\-]*$/,
|
||||
'type' => 'keyTextContainer'
|
||||
},
|
||||
'slaveHeaderContent' => {
|
||||
'type' => 'text'
|
||||
},
|
||||
'slaveHeaderName' => {
|
||||
'type' => 'text'
|
||||
},
|
||||
'slaveMasterIP' => {
|
||||
'msgFail' => '__badIPv4Address__',
|
||||
'test' => qr/^(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)$/,
|
||||
|
|
|
@ -1906,6 +1906,8 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
|
|||
test => qr/^$Regexp::Common::URI::RFC2396::IPv4address$/,
|
||||
msgFail => '__badIPv4Address__',
|
||||
},
|
||||
slaveHeaderName => { type => 'text', },
|
||||
slaveHeaderContent => { type => 'text', },
|
||||
|
||||
# Choice
|
||||
authChoiceParam => {
|
||||
|
|
|
@ -337,7 +337,9 @@ sub tree {
|
|||
help => 'authslave.html',
|
||||
nodes => [
|
||||
'slaveAuthnLevel', 'slaveExportedVars',
|
||||
'slaveUserHeader', 'slaveMasterIP'
|
||||
'slaveUserHeader', 'slaveMasterIP',
|
||||
'slaveUserHeader', 'slaveMasterIP',
|
||||
'slaveHeaderName', 'slaveHeaderContent'
|
||||
]
|
||||
},
|
||||
{
|
||||
|
|
|
@ -324,7 +324,6 @@ sub session {
|
|||
or return $self->sendError( $req, undef, 400 );
|
||||
|
||||
# Try to read session
|
||||
# TODO: conf in PSGI
|
||||
my $apacheSession = $self->getApacheSession( $mod, $id )
|
||||
or return $self->sendError( $req, undef, 400 );
|
||||
|
||||
|
|
|
@ -522,6 +522,8 @@
|
|||
"slaveMasterIP": "Master's IP address",
|
||||
"slaveParams": "Slave parameters",
|
||||
"slaveUserHeader": "Header for user login",
|
||||
"slaveHeaderName": "Control header name",
|
||||
"slaveHeaderContent": "Control header content",
|
||||
"SMTP": "SMTP",
|
||||
"SMTPAuthPass": "SMTP password",
|
||||
"SMTPAuthUser": "SMTP user",
|
||||
|
|
|
@ -522,6 +522,8 @@
|
|||
"slaveMasterIP": "IP accréditées",
|
||||
"slaveParams": "Paramètres Slave",
|
||||
"slaveUserHeader": "En-tête identifiant l'utilisateur",
|
||||
"slaveHeaderName": "Nom de l'en-tête de contrôle",
|
||||
"slaveHeaderContent": "Contenu de l'en-tête de contrôle",
|
||||
"SMTP": "SMTP",
|
||||
"SMTPAuthPass": "Mot de passe SMTP",
|
||||
"SMTPAuthUser": "Utilisateur SMTP",
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -20,7 +20,7 @@ sub extractFormInfo {
|
|||
my $self = shift;
|
||||
|
||||
return PE_FORBIDDENIP
|
||||
unless ( $self->checkIP );
|
||||
unless ( $self->checkIP and $self->checkHeader );
|
||||
|
||||
my $user_header = $self->{slaveUserHeader};
|
||||
$user_header = 'HTTP_' . uc($user_header);
|
||||
|
@ -91,7 +91,7 @@ compatible portals with Apache authentication.
|
|||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
This library just overload few methods of Lemonldap::NG::Portal::Simple to
|
||||
This library just overload few methods of Lemonldap::NG::Portal::Simple to
|
||||
create sessions for anonymous users.
|
||||
|
||||
See L<Lemonldap::NG::Portal::Simple> for usage and other methods.
|
||||
|
|
|
@ -25,4 +25,17 @@ sub checkIP {
|
|||
return 0;
|
||||
}
|
||||
|
||||
## @method Lemonldap::NG::Portal::_Slave checkHeader()
|
||||
# @return true if header content matches LL::NG conf
|
||||
sub checkHeader {
|
||||
my $self = shift;
|
||||
return 1
|
||||
unless ( $self->{slaveHeaderName} and $self->{slaveHeaderContent} );
|
||||
my $headerContent = $self->http( $self->{slaveHeaderName} );
|
||||
return 1 if ( $self->{slaveHeaderContent} =~ /\b$headerContent\b/ );
|
||||
|
||||
$self->_sub( 'userError', "Matching header not found for Slave module" );
|
||||
return 0;
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
Loading…
Reference in New Issue
Block a user