Append a custom param to log (#1885)
This commit is contained in:
Christophe Maudoux
parent
5d3db32dd9
commit
4d583ceb9c
|
|
@ -1,6 +1,6 @@
|
|||
log_format lm_combined '$remote_addr - $lmremote_user [$time_local] '
|
||||
'"$request" $status $body_bytes_sent '
|
||||
'"$http_referer" "$http_user_agent"';
|
||||
'"$http_referer" "$http_user_agent" $lmremote_custom';
|
||||
log_format lm_app '$remote_addr - $upstream_http_lm_remote_user [$time_local] '
|
||||
'"$request" $status $body_bytes_sent '
|
||||
'"$http_referer" "$http_user_agent"';
|
||||
'"$http_referer" "$http_user_agent" $lmremote_custom';
|
||||
|
|
|
|||
|
|
@ -88,8 +88,9 @@ server {
|
|||
# Uncomment this if you use https only
|
||||
#add_header Strict-Transport-Security "max-age=15768000";
|
||||
|
||||
# Set REMOTE_USER (for FastCGI apps only)
|
||||
# Set REMOTE_USER and REMOTE_CUSTOM (for FastCGI apps only)
|
||||
#fastcgi_param REMOTE_USER $lmremote_user;
|
||||
#fastcgi_param REMOTE_CUSTOM $lmremote_custom;
|
||||
}
|
||||
|
||||
# Handle test CGI
|
||||
|
|
@ -100,6 +101,7 @@ server {
|
|||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_split_path_info ^(.*\.pl)(/.+)$;
|
||||
fastcgi_param REMOTE_USER $lmremote_user;
|
||||
fastcgi_param REMOTE_CUSTOM $lmremote_custom;
|
||||
|
||||
# Or with uWSGI
|
||||
#include /etc/nginx/uwsgi_params;
|
||||
|
|
|
|||
|
|
@ -50,6 +50,7 @@ sub defaultValues {
|
|||
'cspImg' => '\'self\' data:',
|
||||
'cspScript' => '\'self\'',
|
||||
'cspStyle' => '\'self\'',
|
||||
'customToTrace' => '',
|
||||
'dbiAuthnLevel' => 2,
|
||||
'dbiExportedVars' => {},
|
||||
'demoExportedVars' => {
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ use constant REDIRECT => Apache2::Const::REDIRECT;
|
|||
use constant DECLINED => Apache2::Const::DECLINED;
|
||||
use constant SERVER_ERROR => Apache2::Const::SERVER_ERROR;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.0.6';
|
||||
|
||||
sub handler {
|
||||
my ( $class, $r ) = @_;
|
||||
|
|
@ -92,6 +92,10 @@ sub handler {
|
|||
if ( $hdrs{'Lm-Remote-User'} ) {
|
||||
$r->user( $hdrs{'Lm-Remote-User'} );
|
||||
}
|
||||
if ( $hdrs{'Lm-Remote-Custom'} ) {
|
||||
$r->custom( $hdrs{'Lm-Remote-Custom'} );
|
||||
}
|
||||
|
||||
my $i = 1;
|
||||
while ( $hdrs{"Headername$i"} ) {
|
||||
$r->headers_in->set( $hdrs{"Headername$i"} => $hdrs{"Headervalue$i"} )
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ use constant AUTH_REQUIRED => Apache2::Const::AUTH_REQUIRED;
|
|||
use constant MAINTENANCE => Apache2::Const::HTTP_SERVICE_UNAVAILABLE;
|
||||
use constant BUFF_LEN => 8192;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.0.6';
|
||||
|
||||
# Set default logger
|
||||
use constant defaultLogger => 'Lemonldap::NG::Common::Logger::Apache2';
|
||||
|
|
@ -81,6 +81,14 @@ sub set_user {
|
|||
$request->env->{'psgi.r'}->user($user);
|
||||
}
|
||||
|
||||
## @method void set_custom(string custom)
|
||||
# sets remote_custom
|
||||
# @param custom string custom_header
|
||||
sub set_custom {
|
||||
my ( $class, $request, $custom ) = @_;
|
||||
$request->env->{'psgi.r'}->subprocess_env( REMOTE_CUSTOM => $custom );
|
||||
}
|
||||
|
||||
## @method void set_header_in(hash headers)
|
||||
# sets or modifies request headers
|
||||
# @param headers hash containing header names => header value
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ use Mouse;
|
|||
|
||||
#use Lemonldap::NG::Handler::Main qw(:jailSharedVars);
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.0.6';
|
||||
|
||||
has protection => ( is => 'rw', isa => 'Str' );
|
||||
has rule => ( is => 'rw', isa => 'Str' );
|
||||
|
|
@ -177,6 +177,13 @@ sub user {
|
|||
|| _whatToTrace => 'anonymous' };
|
||||
}
|
||||
|
||||
## @method hashRef custom()
|
||||
# @return hash of custom data
|
||||
sub custom {
|
||||
my ( $self, $req ) = @_;
|
||||
return { $Lemonldap::NG::Handler::Main::tsv->{customToTrace} };
|
||||
}
|
||||
|
||||
## @method string userId()
|
||||
# @return user identifier to log
|
||||
sub userId {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package Lemonldap::NG::Handler::Main::Reload;
|
||||
|
||||
our $VERSION = '2.0.4';
|
||||
our $VERSION = '2.0.6';
|
||||
|
||||
package Lemonldap::NG::Handler::Main;
|
||||
|
||||
|
|
@ -197,7 +197,7 @@ sub defaultValuesInit {
|
|||
securedCookie timeout timeoutActivity
|
||||
timeoutActivityInterval useRedirectOnError useRedirectOnForbidden
|
||||
useSafeJail whatToTrace handlerInternalCache
|
||||
handlerServiceTokenTTL
|
||||
handlerServiceTokenTTL customToTrace
|
||||
)
|
||||
);
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
# Main running methods file
|
||||
package Lemonldap::NG::Handler::Main::Run;
|
||||
|
||||
our $VERSION = '2.0.3';
|
||||
our $VERSION = '2.0.6';
|
||||
|
||||
package Lemonldap::NG::Handler::Main;
|
||||
|
||||
|
|
@ -147,6 +147,7 @@ sub run {
|
|||
|
||||
# ACCOUNTING (1. Inform web server)
|
||||
$class->set_user( $req, $session->{ $class->tsv->{whatToTrace} } );
|
||||
$class->set_custom( $req, $session->{ $class->tsv->{customToTrace} } );
|
||||
|
||||
# AUTHORIZATION
|
||||
return ( $class->forbidden( $req, $session ), $session )
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ package Lemonldap::NG::Handler::PSGI::Main;
|
|||
|
||||
use strict;
|
||||
use base 'Lemonldap::NG::Handler::Main';
|
||||
our $VERSION = '2.0.3';
|
||||
our $VERSION = '2.0.6';
|
||||
|
||||
# Specific modules and constants for Test or CGI
|
||||
use constant FORBIDDEN => 403;
|
||||
|
|
@ -41,6 +41,14 @@ sub set_user {
|
|||
push @{ $req->{respHeaders} }, 'Lm-Remote-User' => $user;
|
||||
}
|
||||
|
||||
## @method void set_custom(string custom)
|
||||
# sets remote_custom in response headers
|
||||
# @param custom string custom_value
|
||||
sub set_custom {
|
||||
my ( $class, $req, $custom ) = @_;
|
||||
push @{ $req->{respHeaders} }, 'Lm-Remote-Custom' => $custom;
|
||||
}
|
||||
|
||||
## @method void set_header_in(hash headers)
|
||||
# sets or modifies request headers
|
||||
# @param headers hash containing header names => header value
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ package Lemonldap::NG::Handler::Server::Main;
|
|||
|
||||
use strict;
|
||||
|
||||
our $VERSION = '2.0.2';
|
||||
our $VERSION = '2.0.6';
|
||||
|
||||
use base 'Lemonldap::NG::Handler::PSGI::Main';
|
||||
|
||||
|
|
@ -39,6 +39,7 @@ sub unset_header_in {
|
|||
*setServerSignature = *Lemonldap::NG::Handler::PSGI::Main::setServerSignature;
|
||||
*thread_share = *Lemonldap::NG::Handler::PSGI::Main::thread_share;
|
||||
*set_user = *Lemonldap::NG::Handler::PSGI::Main::set_user;
|
||||
*set_custom = *Lemonldap::NG::Handler::PSGI::Main::set_custom;
|
||||
*set_header_out = *Lemonldap::NG::Handler::PSGI::Main::set_header_out;
|
||||
*is_initial_req = *Lemonldap::NG::Handler::PSGI::Main::is_initial_req;
|
||||
*print = *Lemonldap::NG::Handler::PSGI::Main::print;
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ use strict;
|
|||
use Mouse;
|
||||
use Lemonldap::NG::Handler::Server::Main;
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
our $VERSION = '2.0.6';
|
||||
|
||||
extends 'Lemonldap::NG::Handler::PSGI';
|
||||
|
||||
|
|
@ -72,7 +72,7 @@ sub handler {
|
|||
my $i = 0;
|
||||
while ( my $k = shift @$hdrs ) {
|
||||
my $v = shift @$hdrs;
|
||||
if ( $k =~ /^(?:Lm-Remote-User|Cookie)$/ ) {
|
||||
if ( $k =~ /^(?:Lm-Remote-(?:User|Custom)|Cookie)$/ ) {
|
||||
push @convertedHdrs, $k, $v;
|
||||
}
|
||||
else {
|
||||
|
|
|
|||
|
|
@ -1019,6 +1019,10 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.]
|
|||
'customRegister' => {
|
||||
'type' => 'text'
|
||||
},
|
||||
'customToTrace' => {
|
||||
'default' => '',
|
||||
'type' => 'lmAttrOrMacro'
|
||||
},
|
||||
'customUserDB' => {
|
||||
'type' => 'text'
|
||||
},
|
||||
|
|
|
|||
|
|
@ -879,6 +879,12 @@ sub attributes {
|
|||
documentation => 'Session parameter used to fill REMOTE_USER',
|
||||
flags => 'hp',
|
||||
},
|
||||
customToTrace => {
|
||||
type => 'lmAttrOrMacro',
|
||||
default => '',
|
||||
documentation => 'Session parameter used to fill REMOTE_CUSTOM',
|
||||
flags => 'hp',
|
||||
},
|
||||
lwpOpts => {
|
||||
type => 'keyTextContainer',
|
||||
documentation => 'Options given to LWP::UserAgent',
|
||||
|
|
|
|||
|
|
@ -499,7 +499,7 @@ sub tree {
|
|||
title => 'logParams',
|
||||
help => 'logs.html',
|
||||
form => 'simpleInputContainer',
|
||||
nodes => [ 'whatToTrace', 'hiddenAttributes' ]
|
||||
nodes => [ 'whatToTrace', 'customToTrace', 'hiddenAttributes' ]
|
||||
},
|
||||
{
|
||||
title => 'cookieParams',
|
||||
|
|
|
|||
|
|
@ -204,6 +204,7 @@
|
|||
"customPassword":"وحدة كلمة المرورالمخصصة",
|
||||
"customPortalSkin":"غلاف البوابة مخصص",
|
||||
"customRegister":"وحدة تسجيل مخصص",
|
||||
"customToTrace":"REMOTE_CUSTOM",
|
||||
"customUserDB":"وحدة قاعدة البيانات المخصصة",
|
||||
"date":"تاريخ",
|
||||
"dbiAuthChain":"سلسلة",
|
||||
|
|
|
|||
|
|
@ -204,6 +204,7 @@
|
|||
"customPassword":"Custom password module",
|
||||
"customPortalSkin":"Custom portal skin",
|
||||
"customRegister":"Custom register module",
|
||||
"customToTrace":"REMOTE_CUSTOM",
|
||||
"customUserDB":"Custom user DB module",
|
||||
"date":"Datum",
|
||||
"dbiAuthChain":"Chain",
|
||||
|
|
|
|||
|
|
@ -204,6 +204,7 @@
|
|||
"customPassword":"Custom password module",
|
||||
"customPortalSkin":"Custom portal skin",
|
||||
"customRegister":"Custom register module",
|
||||
"customToTrace":"REMOTE_CUSTOM",
|
||||
"customUserDB":"Custom user DB module",
|
||||
"date":"Date",
|
||||
"dbiAuthChain":"Chain",
|
||||
|
|
|
|||
|
|
@ -204,6 +204,7 @@
|
|||
"customPassword":"Module de mots-de-passe personnalisé",
|
||||
"customPortalSkin":"Style personnalisé du portail",
|
||||
"customRegister":"Module d'enregistrement personnalisé",
|
||||
"customToTrace":"REMOTE_CUSTOM",
|
||||
"customUserDB":"Module BD utilisateurs personnalisé",
|
||||
"date":"Date",
|
||||
"dbiAuthChain":"Chaîne",
|
||||
|
|
|
|||
|
|
@ -204,6 +204,7 @@
|
|||
"customPassword":"Personalizza il modulo password",
|
||||
"customPortalSkin":"Personalizza faccia del portale ",
|
||||
"customRegister":"Personalizza modulo di registro",
|
||||
"customToTrace":"REMOTE_CUSTOM",
|
||||
"customUserDB":"Personalizza modulo utente DB",
|
||||
"date":"Data",
|
||||
"dbiAuthChain":"Catena",
|
||||
|
|
|
|||
|
|
@ -204,6 +204,7 @@
|
|||
"customPassword":"Mô đun mật khẩu tùy chỉnh",
|
||||
"customPortalSkin":"Tùy chỉnh giao diện cổng thông tin",
|
||||
"customRegister":"Module đăng ký tùy chỉnh",
|
||||
"customToTrace":"REMOTE_CUSTOM",
|
||||
"customUserDB":"Mô đun DB người dùng tùy chỉnh",
|
||||
"date":"Ngày",
|
||||
"dbiAuthChain":"Chuỗi",
|
||||
|
|
|
|||
|
|
@ -204,6 +204,7 @@
|
|||
"customPassword":"Custom password module",
|
||||
"customPortalSkin":"Custom portal skin",
|
||||
"customRegister":"Custom register module",
|
||||
"customToTrace":"REMOTE_CUSTOM",
|
||||
"customUserDB":"Custom user DB module",
|
||||
"date":"日期",
|
||||
"dbiAuthChain":"Chain",
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -37,44 +37,33 @@ ok( $res->[2]->[0] =~ m%<span id="languages"></span>%, ' Language icons found' )
|
|||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(2);
|
||||
|
||||
my %policy = @{ $res->[1] };
|
||||
|
||||
# CORS
|
||||
ok( $res->[1]->[12] eq 'Access-Control-Allow-Origin', ' CORS origin found' )
|
||||
ok( $policy{'Access-Control-Allow-Origin'} eq '', "CORS origin '' found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[13] eq '', " CORS origin ''" )
|
||||
ok( $policy{'Access-Control-Allow-Credentials'} eq 'true',
|
||||
"CORS credentials 'true' found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[14] eq 'Access-Control-Allow-Credentials',
|
||||
' CORS credentials found' )
|
||||
ok( $policy{'Access-Control-Allow-Headers'} eq '*', "CORS headers '*' found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[15] eq 'true', " CORS credentials 'true'" )
|
||||
ok( $policy{'Access-Control-Allow-Methods'} eq 'POST',
|
||||
"CORS methods 'POST' found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[16] eq 'Access-Control-Allow-Headers', " CORS headers found" )
|
||||
ok( $policy{'Access-Control-Expose-Headers'} eq '*',
|
||||
"CORS expose-headers '*' found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[17] eq '*', " CORS headers '*'" )
|
||||
ok( $policy{'Access-Control-Max-Age'} eq '86400', "CORS max-age '86400' found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[18] eq 'Access-Control-Allow-Methods', " CORS methods found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[19] eq 'POST', " CORS methods 'POST'" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[20] eq 'Access-Control-Expose-Headers',
|
||||
" CORS expose-headers found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[21] eq '*', " CORS expose-headers '*'" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[22] eq 'Access-Control-Max-Age', ' CORS max-age found' )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[23] == 86400, ' CORS max-age 86400' )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
count(12);
|
||||
count(6);
|
||||
|
||||
#CSP
|
||||
ok( $res->[1]->[26] eq 'Content-Security-Policy', ' CSP found' )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok(
|
||||
$res->[1]->[27] =~
|
||||
$policy{'Content-Security-Policy'} =~
|
||||
/default-src 'self';img-src 'self' data:;style-src 'self';font-src 'self';connect-src 'self';script-src 'self';form-action \*;frame-ancestors 'none'/,
|
||||
' CSP headers found'
|
||||
'CSP header value found'
|
||||
) or print STDERR Dumper( $res->[1] );
|
||||
count(2);
|
||||
count(1);
|
||||
|
||||
# Try to authenticate with good password
|
||||
# --------------------------------------
|
||||
|
|
@ -115,39 +104,27 @@ ok(
|
|||
);
|
||||
count(1);
|
||||
|
||||
ok( $res->[1]->[14] eq 'Access-Control-Allow-Origin', ' CORS origin found' )
|
||||
# CORS
|
||||
%policy = @{ $res->[1] };
|
||||
ok( $policy{'Access-Control-Allow-Origin'} eq '', "CORS origin '' found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[15] eq '', " CORS origin ''" )
|
||||
ok( $policy{'Access-Control-Allow-Credentials'} eq 'true',
|
||||
"CORS credentials 'true' found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[16] eq 'Access-Control-Allow-Credentials',
|
||||
' CORS credentials found' )
|
||||
ok( $policy{'Access-Control-Allow-Headers'} eq '*', "CORS headers '*' found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[17] eq 'true', " CORS credentials 'true'" )
|
||||
ok( $policy{'Access-Control-Allow-Methods'} eq 'POST',
|
||||
"CORS methods 'POST' found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[18] eq 'Access-Control-Allow-Headers', " CORS headers found" )
|
||||
ok( $policy{'Access-Control-Expose-Headers'} eq '*',
|
||||
"CORS expose-headers '*' found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[19] eq '*', " CORS headers '*'" )
|
||||
ok( $policy{'Access-Control-Max-Age'} eq '86400', "CORS max-age '86400' found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[20] eq 'Access-Control-Allow-Methods', " CORS methods found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[21] eq 'POST', " CORS methods 'POST'" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[22] eq 'Access-Control-Expose-Headers',
|
||||
" CORS expose-headers found" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[23] eq '*', " CORS expose-headers '*'" )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[24] eq 'Access-Control-Max-Age', ' CORS max-age found' )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
ok( $res->[1]->[25] == 86400, ' CORS max-age 86400' )
|
||||
or print STDERR Dumper( $res->[1] );
|
||||
count(12);
|
||||
count(6);
|
||||
|
||||
# Test logout
|
||||
$client->logout($id);
|
||||
|
||||
#print STDERR Dumper($res);
|
||||
|
||||
clean_sessions();
|
||||
|
||||
done_testing( count() );
|
||||
|
|
|
|||
Loading…
Reference in New Issue