Remove old Sympa auto-login
This commit is contained in:
parent
039733c872
commit
c085cd23d8
|
@ -27,7 +27,6 @@ lib/Lemonldap/NG/Handler/Reload.pm
|
|||
lib/Lemonldap/NG/Handler/SharedConf.pm
|
||||
lib/Lemonldap/NG/Handler/Specific/AuthBasic.pm
|
||||
lib/Lemonldap/NG/Handler/Specific/SecureToken.pm
|
||||
lib/Lemonldap/NG/Handler/Specific/SympaAutoLogin.pm
|
||||
lib/Lemonldap/NG/Handler/Specific/UpdateCookie.pm
|
||||
lib/Lemonldap/NG/Handler/Specific/ZimbraPreAuth.pm
|
||||
lib/Lemonldap/NG/Handler/Status.pm
|
||||
|
|
|
@ -1,211 +0,0 @@
|
|||
##@file
|
||||
# Sympa autologin
|
||||
|
||||
##@class
|
||||
# Sympa autologin
|
||||
#
|
||||
# Build Sympa cookie and send it to Sympa
|
||||
|
||||
# This specific handler is intended to be called directly by Apache
|
||||
|
||||
package Lemonldap::NG::Handler::Specific::SympaAutoLogin;
|
||||
|
||||
use strict;
|
||||
use Lemonldap::NG::Handler::SharedConf qw(:all);
|
||||
use Lemonldap::NG::Handler::API qw(:httpCodes);
|
||||
use base qw(Lemonldap::NG::Handler::SharedConf);
|
||||
use Digest::MD5;
|
||||
use Lemonldap::NG::Handler::Main::Logger;
|
||||
|
||||
our $VERSION = '1.4.0';
|
||||
|
||||
# Shared variables
|
||||
our ( $sympaSecret, $sympaMailKey );
|
||||
|
||||
## @imethod protected void globalInit(hashRef args)
|
||||
# Overload globalInit to launch this class defaultValuesInit
|
||||
# @param $args reference to the configuration hash
|
||||
sub globalInit {
|
||||
my $class = shift;
|
||||
__PACKAGE__->defaultValuesInit(@_);
|
||||
$class->SUPER::globalInit(@_);
|
||||
}
|
||||
|
||||
## @imethod protected void defaultValuesInit(hashRef args)
|
||||
# Overload defaultValuesInit
|
||||
# @param $args reference to the configuration hash
|
||||
sub defaultValuesInit {
|
||||
my ( $class, $args ) = @_;
|
||||
|
||||
# Sympa secret should be in configuration
|
||||
$sympaSecret = $args->{'sympaSecret'} || $sympaSecret;
|
||||
|
||||
# If not, try to read it from /etc/lemonldap-ng/sympa.secret
|
||||
if ( !$sympaSecret and -r '/etc/lemonldap-ng/sympa.secret' ) {
|
||||
open S, '/etc/lemonldap-ng/sympa.secret'
|
||||
or die("Unable to open /etc/lemonldap-ng/sympa.secret");
|
||||
$sympaSecret = join( '', <S> );
|
||||
close S;
|
||||
$sympaSecret =~ s/[\r\n]//g;
|
||||
}
|
||||
|
||||
# Sympa mail key
|
||||
$sympaMailKey = $args->{'sympaMailKey'} || $sympaMailKey || "mail";
|
||||
|
||||
# Display found values in debug mode
|
||||
Lemonldap::NG::Handler::Main::Logger->lmLog( "sympaSecret: $sympaSecret",
|
||||
'debug' );
|
||||
Lemonldap::NG::Handler::Main::Logger->lmLog( "sympaMailKey: $sympaMailKey",
|
||||
'debug' );
|
||||
|
||||
# Delete Sympa parameters
|
||||
delete $args->{'sympaSecret'};
|
||||
delete $args->{'sympaMailKey'};
|
||||
|
||||
# Call main subroutine
|
||||
return $class->SUPER::defaultValuesInit($args);
|
||||
}
|
||||
|
||||
sub handler {
|
||||
my ( $class, $request ) = ( __PACKAGE__, shift );
|
||||
Lemonldap::NG::Handler::API->newRequest($request);
|
||||
$class->run($request);
|
||||
}
|
||||
|
||||
## @rmethod Apache2::Const run(Apache2::RequestRec r)
|
||||
# Overload main run method
|
||||
# @param r Current request
|
||||
# @return Apache2::Const value (OK, FORBIDDEN, REDIRECT or SERVER_ERROR)
|
||||
sub run {
|
||||
my $class = shift;
|
||||
my $r = $_[0];
|
||||
my $ret = $class->SUPER::run(@_);
|
||||
|
||||
# Continue only if user is authorized
|
||||
return $ret unless ( $ret == OK );
|
||||
|
||||
# Fail if no sympaSecret
|
||||
return $class->abort( $r, "No Sympa secret configured" )
|
||||
unless ($sympaSecret);
|
||||
|
||||
# Mail value
|
||||
my $mail = $datas->{$sympaMailKey};
|
||||
|
||||
# Building Sympa cookie
|
||||
my $tmp = new Digest::MD5;
|
||||
$tmp->reset;
|
||||
$tmp->add( $mail . $sympaSecret );
|
||||
my $str = "sympauser=$mail:" . substr( unpack( "H*", $tmp->digest ), -8 );
|
||||
|
||||
# Get cookie header, removing Sympa cookie if exists (avoid security
|
||||
# problems) and set the new value
|
||||
$tmp = Lemonldap::NG::Handler::API->header_in( $r, 'Cookie' );
|
||||
$tmp =~ s/\bsympauser=[^,;]*[,;]?//;
|
||||
$tmp .= $tmp ? ";$str" : $str;
|
||||
Lemonldap::NG::Handler::API->set_header_in( $r, 'Cookie' => $tmp );
|
||||
|
||||
# Return SUPER::run() result
|
||||
return $ret;
|
||||
}
|
||||
|
||||
__PACKAGE__->init( {} );
|
||||
|
||||
1;
|
||||
|
||||
__END__
|
||||
|
||||
=head1 NAME
|
||||
|
||||
=encoding utf8
|
||||
|
||||
Lemonldap::NG::Handler::SympaAutoLogin - Perl extension to generate Sympa cookie
|
||||
for users authenticated by LemonLDAP::NG
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
package My::Sympa;
|
||||
use Lemonldap::NG::Handler::SympaAutoLogin;
|
||||
@ISA = qw(Lemonldap::NG::Handler::SympaAutoLogin);
|
||||
|
||||
__PACKAGE__->init ( {
|
||||
|
||||
# Sympa parameters
|
||||
sympaSecret => 'XXXX',
|
||||
sympaMailKey => 'mail',
|
||||
|
||||
# See Lemonldap::NG::Handler for more
|
||||
} );
|
||||
1;
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
Lemonldap::NG::Handler::SympaAutoLogin is a special Lemonldap::NG handler that
|
||||
generates Sympa cookie for authenticated users. Use it instead of classic
|
||||
Lemonldap::NG::Handler to protect your Sympa web server. You have to set the
|
||||
configuration key containing user email (parameter sympaMailKey) and to
|
||||
store Sympa secret (cookie parameter on Sympa configuration file) in the
|
||||
corresponding configuration parameter (sympaSecret)
|
||||
|
||||
Edit you Sympa vhost configuration like this:
|
||||
|
||||
<VirtualHost *>
|
||||
ServerName sympa.example.com
|
||||
|
||||
# Load Sympa Handler
|
||||
PerlRequire __HANDLERDIR__/MyHandlerSympa.pm
|
||||
PerlHeaderParserHandler My::Sympa
|
||||
|
||||
</VirtualHost>
|
||||
|
||||
=head2 EXPORT
|
||||
|
||||
See L<Lemonldap::NG::Handler>
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<Lemonldap::NG::Handler>
|
||||
|
||||
=head1 AUTHOR
|
||||
|
||||
=over
|
||||
|
||||
=item Clement Oudot, E<lt>clem.oudot@gmail.comE<gt>
|
||||
|
||||
=item Xavier Guimard, E<lt>x.guimard@free.frE<gt>
|
||||
|
||||
=back
|
||||
|
||||
=head1 BUG REPORT
|
||||
|
||||
Use OW2 system to report bug or ask for features:
|
||||
L<http://jira.ow2.org>
|
||||
|
||||
=head1 DOWNLOAD
|
||||
|
||||
Lemonldap::NG is available at
|
||||
L<http://forge.objectweb.org/project/showfiles.php?group_id=274>
|
||||
|
||||
=head1 COPYRIGHT AND LICENSE
|
||||
|
||||
=over
|
||||
|
||||
=item Copyright (C) 2009-2010 by Xavier Guimard, E<lt>x.guimard@free.frE<gt>
|
||||
|
||||
=item Copyright (C) 2010-2012 by Clement Oudot, E<lt>clem.oudot@gmail.comE<gt>
|
||||
|
||||
=back
|
||||
|
||||
This library is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see L<http://www.gnu.org/licenses/>.
|
||||
|
||||
=cut
|
Loading…
Reference in New Issue
Block a user