LEMONLDAP::NG : SOAP HTTP basic authentication
This commit is contained in:
parent
6af2a2c60b
commit
a156a2d825
|
@ -98,6 +98,8 @@ http://manager.example.com/
|
||||||
2 - ADVANCED INSTALLATION
|
2 - ADVANCED INSTALLATION
|
||||||
-------------------------
|
-------------------------
|
||||||
|
|
||||||
|
It is recommended to install the example first then to adapt it.
|
||||||
|
|
||||||
2.1 - PREREQ
|
2.1 - PREREQ
|
||||||
|
|
||||||
2.1.1 - Apache
|
2.1.1 - Apache
|
||||||
|
|
|
@ -94,18 +94,20 @@ example: all
|
||||||
@echo "1 - Add this in your Apache configuration file:"
|
@echo "1 - Add this in your Apache configuration file:"
|
||||||
@echo " with Apache-1.3.x"
|
@echo " with Apache-1.3.x"
|
||||||
@echo
|
@echo
|
||||||
@echo " include ${EXAMPLEDIR}apache.conf"
|
@echo " include ${EXAMPLEDIR}apache.conf"
|
||||||
@echo
|
@echo
|
||||||
@echo " or with Apache-2.x:"
|
@echo " or with Apache-2.x:"
|
||||||
@echo
|
@echo
|
||||||
@echo " include ${EXAMPLEDIR}apache2.conf"
|
@echo " include ${EXAMPLEDIR}apache2.conf"
|
||||||
@echo
|
@echo
|
||||||
@echo "2 - Add test.example.com and auth.example.com in yout /etc/hosts :"
|
@echo "2 - Add test.example.com and auth.example.com in your /etc/hosts or"
|
||||||
|
@echo " modify apache.conf to use NameVirtualHost, different port or"
|
||||||
|
@echo " address;"
|
||||||
@echo
|
@echo
|
||||||
@echo " cat ${EXAMPLEDIRBUILD}/for_etc_hosts >> /etc/hosts"
|
@echo " cat ${EXAMPLEDIRBUILD}/for_etc_hosts >> /etc/hosts"
|
||||||
@echo
|
@echo
|
||||||
@echo "3 - edit ${EXAMPLEDIR}/conf/lmConf-1 and set ldapServer and ldapBase."
|
@echo "3 - Use the manager at http://manager.example.com/ (after apache restart)"
|
||||||
@echo " or use the manager at http://manager.example.com/ (after apache restart)"
|
@echo " or edit ${EXAMPLEDIR}/conf/lmConf-1 and set ldapServer and ldapBase."
|
||||||
@echo
|
@echo
|
||||||
@echo "4 - Restart Apache (or Apache2)"
|
@echo "4 - Restart Apache (or Apache2)"
|
||||||
@echo
|
@echo
|
||||||
|
|
|
@ -2,26 +2,25 @@ Lemonldap::NG TODO
|
||||||
------------------
|
------------------
|
||||||
TODO list for Lemonldap::NG development
|
TODO list for Lemonldap::NG development
|
||||||
|
|
||||||
- Priority: Low Status: N/A Created: 2007\05\03 11-40-36
|
|
||||||
Delete buttons in virtualHosts if 'read"-"only'
|
|
||||||
- Priority: Normal Status: Planning Created: 2007\05\03 12-28-30
|
|
||||||
Modify example to use nameVirtualHost instead of 127.0.0.x adresses
|
|
||||||
- Priority: Normal Status: In progress Created: 2007\05\03 10-41-36
|
|
||||||
Modify install to make a running example as debian install
|
|
||||||
- Priority: Normal Status: In progress Created: 2007\05\03 11-45-05
|
- Priority: Normal Status: In progress Created: 2007\05\03 11-45-05
|
||||||
Display errors in saveConf
|
Display errors in saveConf
|
||||||
- Priority: Normal Status: N/A Created: 2007\05\03 11-50-17
|
- Priority: Normal Status: In progress Created: 2007\05\03 10-41-36
|
||||||
Test and documentation for SOAP authentication
|
Modify install to make a running example as debian install
|
||||||
- Priority: Low Status: Planning Created: 2007\05\03 11-46-55
|
- Priority: Normal Status: Planning Created: 2007\05\03 12-28-30
|
||||||
|
Modify example to use nameVirtualHost instead of 127.0.0.x adresses
|
||||||
|
- Priority: Low Status: Planning Created: 2007\04\23 21-26-18
|
||||||
|
TLS in LDAP connection. SSL works, but start_tls cannot yet be called.
|
||||||
|
- Priority: Low Status: N/A Created: 2007\05\05 21-58-53
|
||||||
Documentation :
|
Documentation :
|
||||||
* logout documentation
|
* Translate FAQ in English (http://lemonldap.objectweb.org/)
|
||||||
|
* Security document
|
||||||
- Priority: Low Status: N/A Created: 2007\05\03 11-47-42
|
- Priority: Low Status: N/A Created: 2007\05\03 11-47-42
|
||||||
Order rules :
|
Order rules :
|
||||||
* find a system to move up and down rules in manager interface
|
* find a system to move up and down rules in manager interface
|
||||||
* split locationRules into 2 arrays
|
* split locationRules into 2 arrays
|
||||||
|
- Priority: Low Status: N/A Created: 2007\05\03 11-40-36
|
||||||
|
Delete buttons in virtualHosts if 'read"-"only'
|
||||||
- Priority: Low Status: N/A Created: 2007\04\21 13-14-55
|
- Priority: Low Status: N/A Created: 2007\04\21 13-14-55
|
||||||
Simplified manager interface fo rules:
|
Simplified manager interface fo rules:
|
||||||
* simplified regexp (* instead of .*,...)
|
* simplified regexp (* instead of .*,...)
|
||||||
* simple combobox to choose groups
|
* simple combobox to choose groups
|
||||||
- Priority: Low Status: Planning Created: 2007\04\23 21-26-18
|
|
||||||
TLS in LDAP connection. SSL works, but start_tls cannot yet be called.
|
|
||||||
|
|
|
@ -10,8 +10,10 @@ lemonldap-ng (0.8.1.2) unstable; urgency=low
|
||||||
configuration file has moved to /var/lib/lemonldap-ng/conf/ and first
|
configuration file has moved to /var/lib/lemonldap-ng/conf/ and first
|
||||||
configuration file is managed by debconf
|
configuration file is managed by debconf
|
||||||
* Buttons to manage configurations in manager (next, previous, last, delete)
|
* Buttons to manage configurations in manager (next, previous, last, delete)
|
||||||
|
* SOAP: HTTP basic authentication and little bug correction in 'sessions'
|
||||||
|
mode
|
||||||
|
|
||||||
-- Xavier Guimard <x.guimard@free.fr> Thu, 03 May 2007 10:39:51 +0200
|
-- Xavier Guimard <x.guimard@free.fr> Sun, 06 May 2007 16:18:40 +0200
|
||||||
|
|
||||||
lemonldap-ng (0.8.1.1) unstable; urgency=low
|
lemonldap-ng (0.8.1.1) unstable; urgency=low
|
||||||
|
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
debian/tmp/usr/share/perl5/Lemonldap/NG/Manager/Apache/*
|
||||||
debian/tmp/usr/share/perl5/Lemonldap/NG/Manager/Conf*
|
debian/tmp/usr/share/perl5/Lemonldap/NG/Manager/Conf*
|
||||||
debian/tmp/usr/share/man/man3/Lemonldap::NG::Manager::Conf*
|
debian/tmp/usr/share/man/man3/Lemonldap::NG::Manager::Conf*
|
||||||
debian/tmp/usr/share/man/man1/lmConfig_File2MySQL.1p
|
debian/tmp/usr/share/man/man1/lmConfig_File2MySQL.1p
|
||||||
|
|
|
@ -253,8 +253,6 @@ local store.
|
||||||
L<Lemonldap::NG::Handler>, L<Lemonldap::NG::Manager>, L<Lemonldap::NG::Portal>,
|
L<Lemonldap::NG::Handler>, L<Lemonldap::NG::Manager>, L<Lemonldap::NG::Portal>,
|
||||||
http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation
|
http://wiki.lemonldap.objectweb.org/xwiki/bin/view/NG/Presentation
|
||||||
|
|
||||||
=back
|
|
||||||
|
|
||||||
=head1 AUTHOR
|
=head1 AUTHOR
|
||||||
|
|
||||||
Xavier Guimard, E<lt>x.guimard@free.frE<gt>
|
Xavier Guimard, E<lt>x.guimard@free.frE<gt>
|
||||||
|
|
|
@ -1,5 +1,10 @@
|
||||||
Revision history for Perl extension Lemonldap::NG::Manager.
|
Revision history for Perl extension Lemonldap::NG::Manager.
|
||||||
|
|
||||||
|
0.65 Sun May 6 16:15:49 2007
|
||||||
|
- SOAP: HTTP basic authentication and little bug correction in 'sessions'
|
||||||
|
mode
|
||||||
|
- More tests in conf
|
||||||
|
|
||||||
0.64 Sun Apr 29 16:18:31 2007
|
0.64 Sun Apr 29 16:18:31 2007
|
||||||
- File permissions fix to 0640 in File.pm
|
- File permissions fix to 0640 in File.pm
|
||||||
- Multiple configuration in the same server is now possible
|
- Multiple configuration in the same server is now possible
|
||||||
|
|
|
@ -72,6 +72,7 @@ t/Lemonldap-NG-Manager-Conf-DBI.t
|
||||||
t/Lemonldap-NG-Manager-Conf-File.t
|
t/Lemonldap-NG-Manager-Conf-File.t
|
||||||
t/Lemonldap-NG-Manager-Conf-SOAP.t
|
t/Lemonldap-NG-Manager-Conf-SOAP.t
|
||||||
t/Lemonldap-NG-Manager-Conf.t
|
t/Lemonldap-NG-Manager-Conf.t
|
||||||
|
t/Lemonldap-NG-Manager-SOAPServer.t
|
||||||
t/Lemonldap-NG-Manager.t
|
t/Lemonldap-NG-Manager.t
|
||||||
t/Lemonldap-NG-Manager_en.t
|
t/Lemonldap-NG-Manager_en.t
|
||||||
t/Lemonldap-NG-Manager_fr.t
|
t/Lemonldap-NG-Manager_fr.t
|
||||||
|
|
|
@ -16,7 +16,7 @@ use MIME::Base64;
|
||||||
|
|
||||||
our @ISA = qw(Lemonldap::NG::Manager::Base);
|
our @ISA = qw(Lemonldap::NG::Manager::Base);
|
||||||
|
|
||||||
our $VERSION = '0.64';
|
our $VERSION = '0.65';
|
||||||
|
|
||||||
sub new {
|
sub new {
|
||||||
my ( $class, $args ) = @_;
|
my ( $class, $args ) = @_;
|
||||||
|
|
|
@ -3,15 +3,20 @@ package Lemonldap::NG::Manager::Apache::Session::SOAP;
|
||||||
use strict;
|
use strict;
|
||||||
use SOAP::Lite;
|
use SOAP::Lite;
|
||||||
|
|
||||||
our $VERSION = 0.1;
|
our $VERSION = 0.2;
|
||||||
|
|
||||||
# Variables shared with SOAP::Transport::HTTP::Client
|
# Variables shared with SOAP::Transport::HTTP::Client
|
||||||
my ( $username, $password );
|
our ( $user, $password ) = ( '', '' );
|
||||||
|
|
||||||
|
BEGIN {
|
||||||
|
sub SOAP::Transport::HTTP::Client::get_basic_credentials {
|
||||||
|
return $Lemonldap::NG::Manager::Apache::Session::SOAP::user => $Lemonldap::NG::Manager::Apache::Session::SOAP::password;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
# PUBLIC INTERFACE
|
# PUBLIC INTERFACE
|
||||||
|
|
||||||
sub TIEHASH {
|
sub TIEHASH {
|
||||||
print STDERR "TIEHASH\n";
|
|
||||||
my $class = shift;
|
my $class = shift;
|
||||||
|
|
||||||
my $session_id = shift;
|
my $session_id = shift;
|
||||||
|
@ -26,7 +31,7 @@ sub TIEHASH {
|
||||||
foreach (qw(proxy proxyOptions)) {
|
foreach (qw(proxy proxyOptions)) {
|
||||||
$self->{$_} = $args->{$_};
|
$self->{$_} = $args->{$_};
|
||||||
}
|
}
|
||||||
($username, $password) = ( $args->{username}, $args->{password} );
|
( $user, $password ) = ( $args->{User}, $args->{Password} );
|
||||||
bless $self, $class;
|
bless $self, $class;
|
||||||
|
|
||||||
if (defined $session_id && $session_id) {
|
if (defined $session_id && $session_id) {
|
||||||
|
@ -41,14 +46,12 @@ sub TIEHASH {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub FETCH {
|
sub FETCH {
|
||||||
print STDERR "FETCH\n";
|
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
my $key = shift;
|
my $key = shift;
|
||||||
return $self->{data}->{$key};
|
return $self->{data}->{$key};
|
||||||
}
|
}
|
||||||
|
|
||||||
sub STORE {
|
sub STORE {
|
||||||
print STDERR "STORE\n";
|
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
my $key = shift;
|
my $key = shift;
|
||||||
my $value = shift;
|
my $value = shift;
|
||||||
|
@ -59,7 +62,6 @@ sub STORE {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub DELETE {
|
sub DELETE {
|
||||||
print STDERR "DELETE\n";
|
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
my $key = shift;
|
my $key = shift;
|
||||||
|
|
||||||
|
@ -69,7 +71,6 @@ sub DELETE {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub CLEAR {
|
sub CLEAR {
|
||||||
print STDERR "CLEAR\n";
|
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
|
|
||||||
$self->{modified} = 1;
|
$self->{modified} = 1;
|
||||||
|
@ -78,27 +79,23 @@ sub CLEAR {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub EXISTS {
|
sub EXISTS {
|
||||||
print STDERR "EXISTS\n";
|
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
my $key = shift;
|
my $key = shift;
|
||||||
return exists $self->{data}->{$key};
|
return exists $self->{data}->{$key};
|
||||||
}
|
}
|
||||||
|
|
||||||
sub FIRSTKEY {
|
sub FIRSTKEY {
|
||||||
print STDERR "FIRESTKEY\n";
|
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
my $reset = keys %{$self->{data}};
|
my $reset = keys %{$self->{data}};
|
||||||
return each %{$self->{data}};
|
return each %{$self->{data}};
|
||||||
}
|
}
|
||||||
|
|
||||||
sub NEXTKEY {
|
sub NEXTKEY {
|
||||||
print STDERR "NEXTKEY\n";
|
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
return each %{$self->{data}};
|
return each %{$self->{data}};
|
||||||
}
|
}
|
||||||
|
|
||||||
sub DESTROY {
|
sub DESTROY {
|
||||||
print STDERR "DESTROY\n";
|
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
$self->save;
|
$self->save;
|
||||||
}
|
}
|
||||||
|
@ -139,14 +136,6 @@ sub save {
|
||||||
return $self->_soapCall( "set", $self->{_session_id}, $self->{data} );
|
return $self->_soapCall( "set", $self->{_session_id}, $self->{data} );
|
||||||
}
|
}
|
||||||
|
|
||||||
BEGIN {
|
|
||||||
sub SOAP::Transport::HTTP::Client::get_basic_credentials {
|
|
||||||
return $username => $password;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# TODO: test and documentation of authentication
|
|
||||||
|
|
||||||
1;
|
1;
|
||||||
__END__
|
__END__
|
||||||
|
|
||||||
|
@ -173,6 +162,9 @@ access to Lemonldap::NG Web-SSO sessions via SOAP.
|
||||||
proxyOptions => {
|
proxyOptions => {
|
||||||
timeout => 5,
|
timeout => 5,
|
||||||
},
|
},
|
||||||
|
# If soapserver is protected by HTTP Basic:
|
||||||
|
User => 'http-user',
|
||||||
|
Password => 'pass',
|
||||||
},
|
},
|
||||||
configStorage => {
|
configStorage => {
|
||||||
... # See Lemonldap::NG::Handler
|
... # See Lemonldap::NG::Handler
|
||||||
|
@ -187,8 +179,11 @@ access to Lemonldap::NG Web-SSO sessions via SOAP.
|
||||||
proxyOptions => {
|
proxyOptions => {
|
||||||
timeout => 5,
|
timeout => 5,
|
||||||
},
|
},
|
||||||
|
# If soapserver is protected by HTTP Basic:
|
||||||
|
User => 'http-user',
|
||||||
|
Password => 'pass',
|
||||||
},
|
},
|
||||||
configStorage => {
|
configStorage => {
|
||||||
... # See Lemonldap::NG::Portal
|
... # See Lemonldap::NG::Portal
|
||||||
|
|
||||||
You can also set parameters corresponding to "Apache::Session module" in the
|
You can also set parameters corresponding to "Apache::Session module" in the
|
||||||
|
@ -211,8 +206,9 @@ Apache::Session module (set as Lemonldap::NG::Manager::SOAPServer parameter).
|
||||||
|
|
||||||
As Lemonldap::NG::Manager::Conf::SOAP use SOAP::Lite, you have to see
|
As Lemonldap::NG::Manager::Conf::SOAP use SOAP::Lite, you have to see
|
||||||
L<SOAP::Transport> to know arguments that can be passed to C<proxyOptions>.
|
L<SOAP::Transport> to know arguments that can be passed to C<proxyOptions>.
|
||||||
|
Lemonldap::NG provides a system for HTTP basic authentication.
|
||||||
|
|
||||||
Example :
|
Examples :
|
||||||
|
|
||||||
=over
|
=over
|
||||||
|
|
||||||
|
@ -225,13 +221,6 @@ C<>SOAP::Transport::HTTP::Client::get_basic_credentials>:
|
||||||
|
|
||||||
use base Lemonldap::NG::Handler::SharedConf;
|
use base Lemonldap::NG::Handler::SharedConf;
|
||||||
|
|
||||||
# AUTHENTICATION
|
|
||||||
BEGIN {
|
|
||||||
sub SOAP::Transport::HTTP::Client::get_basic_credentials {
|
|
||||||
return 'username' => 'password';
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
__PACKAGE__->init ( {
|
__PACKAGE__->init ( {
|
||||||
localStorage => "Cache::FileCache",
|
localStorage => "Cache::FileCache",
|
||||||
localStorageOptions => {
|
localStorageOptions => {
|
||||||
|
@ -241,6 +230,8 @@ C<>SOAP::Transport::HTTP::Client::get_basic_credentials>:
|
||||||
configStorage => {
|
configStorage => {
|
||||||
type => 'SOAP',
|
type => 'SOAP',
|
||||||
proxy => 'http://manager.example.com/soapserver.pl',
|
proxy => 'http://manager.example.com/soapserver.pl',
|
||||||
|
User => 'http-user',
|
||||||
|
Password => 'pass',
|
||||||
},
|
},
|
||||||
https => 1,
|
https => 1,
|
||||||
} );
|
} );
|
||||||
|
|
|
@ -3,7 +3,17 @@ package Lemonldap::NG::Manager::Conf::SOAP;
|
||||||
use strict;
|
use strict;
|
||||||
use SOAP::Lite;
|
use SOAP::Lite;
|
||||||
|
|
||||||
our $VERSION = 0.11;
|
our $VERSION = 0.2;
|
||||||
|
|
||||||
|
BEGIN {
|
||||||
|
*Lemonldap::NG::Manager::Conf::_soapCall = \&_soapCall;
|
||||||
|
*Lemonldap::NG::Manager::Conf::_connect = \&_connect;
|
||||||
|
sub SOAP::Transport::HTTP::Client::get_basic_credentials {
|
||||||
|
return $Lemonldap::NG::Manager::Conf::SOAP::username => $Lemonldap::NG::Manager::Conf::SOAP::password;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
our ( $username, $password ) = ( '', '' );
|
||||||
|
|
||||||
sub prereq {
|
sub prereq {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
|
@ -28,6 +38,8 @@ sub _connect {
|
||||||
sub _soapCall {
|
sub _soapCall {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
my $func = shift;
|
my $func = shift;
|
||||||
|
$username = $self->{User};
|
||||||
|
$password = $self->{Password};
|
||||||
return $self->_connect->$func(@_)->result;
|
return $self->_connect->$func(@_)->result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -92,8 +104,11 @@ Lemonldap::NG Web-SSO configuration via SOAP.
|
||||||
'default_expires_in' => 600,
|
'default_expires_in' => 600,
|
||||||
},
|
},
|
||||||
configStorage => {
|
configStorage => {
|
||||||
type => 'SOAP',
|
type => 'SOAP',
|
||||||
proxy => 'http://manager.example.com/soapserver.pl',
|
proxy => 'http://manager.example.com/soapserver.pl',
|
||||||
|
# If soapserver is protected by HTTP Basic:
|
||||||
|
User => 'http-user',
|
||||||
|
Password => 'pass',
|
||||||
},
|
},
|
||||||
https => 0,
|
https => 0,
|
||||||
} );
|
} );
|
||||||
|
@ -106,6 +121,9 @@ Lemonldap::NG Web-SSO configuration via SOAP.
|
||||||
configStorage => {
|
configStorage => {
|
||||||
type => 'SOAP',
|
type => 'SOAP',
|
||||||
proxy => 'http://localhost/devel/test.pl',
|
proxy => 'http://localhost/devel/test.pl',
|
||||||
|
# If soapserver is protected by HTTP Basic:
|
||||||
|
User => 'http-user',
|
||||||
|
Password => 'pass',
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
# Next as usual... See Lemonldap::NG::Portal(3)
|
# Next as usual... See Lemonldap::NG::Portal(3)
|
||||||
|
@ -121,6 +139,9 @@ Lemonldap::NG Web-SSO configuration via SOAP.
|
||||||
configStorage=>{
|
configStorage=>{
|
||||||
type => 'SOAP',
|
type => 'SOAP',
|
||||||
proxy => 'http://localhost/devel/test.pl'
|
proxy => 'http://localhost/devel/test.pl'
|
||||||
|
# If soapserver is protected by HTTP Basic:
|
||||||
|
User => 'http-user',
|
||||||
|
Password => 'pass',
|
||||||
},
|
},
|
||||||
dhtmlXTreeImageLocation=> "/imgs/",
|
dhtmlXTreeImageLocation=> "/imgs/",
|
||||||
}
|
}
|
||||||
|
@ -152,27 +173,18 @@ configuration via SOAP.
|
||||||
|
|
||||||
As Lemonldap::NG::Manager::Conf::SOAP use SOAP::Lite, you have to see
|
As Lemonldap::NG::Manager::Conf::SOAP use SOAP::Lite, you have to see
|
||||||
L<SOAP::Transport> to know arguments that can be passed to C<proxyOptions>.
|
L<SOAP::Transport> to know arguments that can be passed to C<proxyOptions>.
|
||||||
|
Lemonldap::NG provides a system for HTTP basic authentication.
|
||||||
|
|
||||||
Example :
|
Examples :
|
||||||
|
|
||||||
=over
|
=over
|
||||||
|
|
||||||
=item * HTTP Basic authentication
|
=item * HTTP Basic authentication
|
||||||
|
|
||||||
SOAP::transport can use basic authentication by rewriting
|
|
||||||
C<>SOAP::Transport::HTTP::Client::get_basic_credentials>:
|
|
||||||
|
|
||||||
package My::Package;
|
package My::Package;
|
||||||
|
|
||||||
use base Lemonldap::NG::Handler::SharedConf;
|
use base Lemonldap::NG::Handler::SharedConf;
|
||||||
|
|
||||||
# AUTHENTICATION
|
|
||||||
BEGIN {
|
|
||||||
sub SOAP::Transport::HTTP::Client::get_basic_credentials {
|
|
||||||
return 'username' => 'password';
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
__PACKAGE__->init ( {
|
__PACKAGE__->init ( {
|
||||||
localStorage => "Cache::FileCache",
|
localStorage => "Cache::FileCache",
|
||||||
localStorageOptions => {
|
localStorageOptions => {
|
||||||
|
@ -182,6 +194,8 @@ C<>SOAP::Transport::HTTP::Client::get_basic_credentials>:
|
||||||
configStorage => {
|
configStorage => {
|
||||||
type => 'SOAP',
|
type => 'SOAP',
|
||||||
proxy => 'http://manager.example.com/soapserver.pl',
|
proxy => 'http://manager.example.com/soapserver.pl',
|
||||||
|
User => 'http-user',
|
||||||
|
Password => 'pass',
|
||||||
},
|
},
|
||||||
https => 1,
|
https => 1,
|
||||||
} );
|
} );
|
||||||
|
|
|
@ -5,7 +5,7 @@ use SOAP::Transport::HTTP;
|
||||||
use Lemonldap::NG::Manager::Conf;
|
use Lemonldap::NG::Manager::Conf;
|
||||||
use UNIVERSAL qw(isa);
|
use UNIVERSAL qw(isa);
|
||||||
|
|
||||||
our $VERSION = "0.1";
|
our $VERSION = "0.2";
|
||||||
|
|
||||||
# Initialization
|
# Initialization
|
||||||
|
|
||||||
|
@ -42,8 +42,8 @@ sub new {
|
||||||
sub init {
|
sub init {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
if( $self->{type} eq 'sessions' ) {
|
if( $self->{type} eq 'sessions' ) {
|
||||||
$Lemonldap::NG::Manager::SOAPService::Sessions::authorizatedFunc =
|
$Lemonldap::NG::Manager::SOAPService::Sessions::authorizedFunctions =
|
||||||
$self->{authorizatedFunc} || 'get';
|
$self->{AuthorizedFunctions} || 'get';
|
||||||
$Lemonldap::NG::Manager::SOAPService::Sessions::config = $self;
|
$Lemonldap::NG::Manager::SOAPService::Sessions::config = $self;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -99,17 +99,23 @@ sub load {
|
||||||
package Lemonldap::NG::Manager::SOAPService::Sessions;
|
package Lemonldap::NG::Manager::SOAPService::Sessions;
|
||||||
|
|
||||||
our $config;
|
our $config;
|
||||||
our $authorizedFunc = 'get';
|
our $authorizedFunctions = 'get';
|
||||||
|
|
||||||
sub newsession {
|
sub newsession {
|
||||||
return 0 unless( $authorizedFunc =~ /\bnew\b/ );
|
unless( $authorizedFunctions =~ /\bnew\b/ ) {
|
||||||
|
print STDERR "Lemonldap::NG::Manager::SOAPService: 'new' is not authorized. Set 'AuthorizedFunctions' parameter if needed.\n";
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
my( $class, $args ) = @_;
|
my( $class, $args ) = @_;
|
||||||
$args ||= {};
|
$args ||= {};
|
||||||
my %h;
|
my %h;
|
||||||
eval {
|
eval {
|
||||||
tie %h, $config->{realSessionStorage}, undef, $config->{realSessionStorageOptions};
|
tie %h, $config->{realSessionStorage}, undef, $config->{realSessionStorageOptions};
|
||||||
};
|
};
|
||||||
return 0 if ($@);
|
if ($@) {
|
||||||
|
print STDERR "Lemonldap::NG::Manager::SOAPService: $@\n";
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
# my $id = $h{_session_id};
|
# my $id = $h{_session_id};
|
||||||
$h{$_} = $args->{$_} foreach ( keys %{ $args } );
|
$h{$_} = $args->{$_} foreach ( keys %{ $args } );
|
||||||
$h{_utime} = time();
|
$h{_utime} = time();
|
||||||
|
@ -119,8 +125,7 @@ sub newsession {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub get {
|
sub get {
|
||||||
print STDERR "get\n";
|
return 0 unless( $authorizedFunctions =~ /\bget\b/ );
|
||||||
return 0 unless( $authorizedFunc =~ /\bget\b/ );
|
|
||||||
my( $class, $id ) = @_;
|
my( $class, $id ) = @_;
|
||||||
my %h;
|
my %h;
|
||||||
eval {
|
eval {
|
||||||
|
@ -135,7 +140,7 @@ sub get {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub set {
|
sub set {
|
||||||
return 0 unless( $authorizedFunc =~ /\bset\b/ );
|
return 0 unless( $authorizedFunctions =~ /\bset\b/ );
|
||||||
my( $class, $id, $args ) = @_;
|
my( $class, $id, $args ) = @_;
|
||||||
my %h;
|
my %h;
|
||||||
eval {
|
eval {
|
||||||
|
@ -168,7 +173,10 @@ Lemonldap::NG Web-SSO configuration or sessions via SOAP.
|
||||||
# 2 types are available :
|
# 2 types are available :
|
||||||
# * 'config' for configuration access
|
# * 'config' for configuration access
|
||||||
# * 'sessions' for sessions access
|
# * 'sessions' for sessions access
|
||||||
type => 'config',
|
type => 'sessions',
|
||||||
|
# For 'sessions' type, you can choose exported functions (get
|
||||||
|
# only by default):
|
||||||
|
AuthorizedFunctions => 'new get set',
|
||||||
);
|
);
|
||||||
|
|
||||||
=head2 Client side
|
=head2 Client side
|
||||||
|
@ -196,6 +204,9 @@ sessions access.
|
||||||
configStorage => {
|
configStorage => {
|
||||||
type => 'SOAP',
|
type => 'SOAP',
|
||||||
proxy => 'http://manager.example.com/soapserver.pl',
|
proxy => 'http://manager.example.com/soapserver.pl',
|
||||||
|
# If soapserver is protected by HTTP Basic:
|
||||||
|
User => 'http-user',
|
||||||
|
Password => 'pass',
|
||||||
},
|
},
|
||||||
https => 0,
|
https => 0,
|
||||||
} );
|
} );
|
||||||
|
@ -208,6 +219,9 @@ sessions access.
|
||||||
configStorage => {
|
configStorage => {
|
||||||
type => 'SOAP',
|
type => 'SOAP',
|
||||||
proxy => 'http://localhost/devel/test.pl',
|
proxy => 'http://localhost/devel/test.pl',
|
||||||
|
# If soapserver is protected by HTTP Basic:
|
||||||
|
User => 'http-user',
|
||||||
|
Password => 'pass',
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
# Next as usual...
|
# Next as usual...
|
||||||
|
@ -223,6 +237,9 @@ sessions access.
|
||||||
configStorage=>{
|
configStorage=>{
|
||||||
type => 'SOAP',
|
type => 'SOAP',
|
||||||
proxy => 'http://localhost/devel/test.pl'
|
proxy => 'http://localhost/devel/test.pl'
|
||||||
|
# If soapserver is protected by HTTP Basic:
|
||||||
|
User => 'http-user',
|
||||||
|
Password => 'pass',
|
||||||
},
|
},
|
||||||
dhtmlXTreeImageLocation=> "/imgs/",
|
dhtmlXTreeImageLocation=> "/imgs/",
|
||||||
}
|
}
|
||||||
|
@ -265,7 +282,11 @@ overload this package.
|
||||||
Since Lemonldap::NG::Manager::SOAPServer act as a CGI, you can protect
|
Since Lemonldap::NG::Manager::SOAPServer act as a CGI, you can protect
|
||||||
configuration access by any of the HTTP protection mecanisms.
|
configuration access by any of the HTTP protection mecanisms.
|
||||||
See L<Lemonldap::NG::Manager::Conf::SOAP> for the security in the client
|
See L<Lemonldap::NG::Manager::Conf::SOAP> for the security in the client
|
||||||
side.
|
side.
|
||||||
|
|
||||||
|
In "session" mode, you can control what functions can be used by SOAP. By
|
||||||
|
default, only "get" can be used: it means that only handlers can work with it.
|
||||||
|
Use "AuthorizedFunctions" parameter to grant other functions.
|
||||||
|
|
||||||
=head1 SEE ALSO
|
=head1 SEE ALSO
|
||||||
|
|
||||||
|
|
|
@ -5,11 +5,22 @@
|
||||||
|
|
||||||
# change 'tests => 1' to 'tests => last_test_to_print';
|
# change 'tests => 1' to 'tests => last_test_to_print';
|
||||||
|
|
||||||
use Test::More tests => 1;
|
use Test::More tests => 2;
|
||||||
BEGIN { use_ok('Lemonldap::NG::Manager::Conf::DBI') }
|
BEGIN { use_ok('Lemonldap::NG::Manager::Conf') }
|
||||||
|
|
||||||
#########################
|
#########################
|
||||||
|
|
||||||
# Insert your test code below, the Test::More module is use()ed here so read
|
# Insert your test code below, the Test::More module is use()ed here so read
|
||||||
# its man page ( perldoc Test::More ) for help writing this test script.
|
# its man page ( perldoc Test::More ) for help writing this test script.
|
||||||
|
|
||||||
|
my $h;
|
||||||
|
@ARGV = ("help=groups");
|
||||||
|
ok(
|
||||||
|
$h = new Lemonldap::NG::Manager::Conf(
|
||||||
|
{
|
||||||
|
type => 'DBI',
|
||||||
|
dbiChain => "DBI:mysql:database=lemonldap-ng",
|
||||||
|
dbiUser => 'lemonldap-ng',
|
||||||
|
}
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
|
@ -5,11 +5,21 @@
|
||||||
|
|
||||||
# change 'tests => 1' to 'tests => last_test_to_print';
|
# change 'tests => 1' to 'tests => last_test_to_print';
|
||||||
|
|
||||||
use Test::More tests => 1;
|
use Test::More tests => 2;
|
||||||
BEGIN { use_ok('Lemonldap::NG::Manager::Conf::File') }
|
BEGIN { use_ok('Lemonldap::NG::Manager::Conf') }
|
||||||
|
|
||||||
#########################
|
#########################
|
||||||
|
|
||||||
# Insert your test code below, the Test::More module is use()ed here so read
|
# Insert your test code below, the Test::More module is use()ed here so read
|
||||||
# its man page ( perldoc Test::More ) for help writing this test script.
|
# its man page ( perldoc Test::More ) for help writing this test script.
|
||||||
|
|
||||||
|
my $h;
|
||||||
|
@ARGV = ("help=groups");
|
||||||
|
ok(
|
||||||
|
$h = new Lemonldap::NG::Manager::Conf(
|
||||||
|
{
|
||||||
|
type => 'File',
|
||||||
|
dirName => ".",
|
||||||
|
}
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
|
@ -0,0 +1,42 @@
|
||||||
|
# Before `make install' is performed this script should be runnable with
|
||||||
|
# `make test'. After `make install' it should work as `perl Lemonldap-NG-Manager-SOAPServer.t'
|
||||||
|
|
||||||
|
#########################
|
||||||
|
|
||||||
|
# change 'tests => 1' to 'tests => last_test_to_print';
|
||||||
|
|
||||||
|
use Test::More tests => 3;
|
||||||
|
|
||||||
|
# SOAP::Lite is not required, so Lemonldap::NG::Manager::Conf::SOAP may
|
||||||
|
# not run.
|
||||||
|
SKIP: {
|
||||||
|
eval { require SOAP::Transport::HTTP };
|
||||||
|
skip "SOAP::Transport::HTTP is not installed, so Lemonldap::NG::Manager::SOAPServer will not be useable",
|
||||||
|
3
|
||||||
|
if ($@);
|
||||||
|
use_ok('Lemonldap::NG::Manager::SOAPServer');
|
||||||
|
my $s;
|
||||||
|
ok ( $s = Lemonldap::NG::Manager::SOAPServer->new (
|
||||||
|
type => 'config',
|
||||||
|
configStorage => {
|
||||||
|
type => 'File',
|
||||||
|
dirName => '.',
|
||||||
|
}
|
||||||
|
)
|
||||||
|
);
|
||||||
|
eval { require Apache::Session::File };
|
||||||
|
skip "Apache::Session::File is not installed. Lemonldap::NG::Manager::SOAPServer will not be tested in 'sessions' mode",
|
||||||
|
1
|
||||||
|
if ($@);
|
||||||
|
ok ( $s = Lemonldap::NG::Manager::SOAPServer->new (
|
||||||
|
type => 'sessions',
|
||||||
|
realSessionStorage => 'Apache::Session::File',
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
#########################
|
||||||
|
|
||||||
|
# Insert your test code below, the Test::More module is use()ed here so read
|
||||||
|
# its man page ( perldoc Test::More ) for help writing this test script.
|
||||||
|
|
|
@ -193,7 +193,6 @@ sub controlExistingSession {
|
||||||
}
|
}
|
||||||
|
|
||||||
# Logout if required
|
# Logout if required
|
||||||
# TODO: logout documentation
|
|
||||||
if($self->param('logout')) {
|
if($self->param('logout')) {
|
||||||
# Delete session in global storage
|
# Delete session in global storage
|
||||||
tied(%h)->delete;
|
tied(%h)->delete;
|
||||||
|
|
Loading…
Reference in New Issue