Your application can know the connected user using:
To get more information on user (name, mail, etc.), you have to read HTTP headers.
Examples with a configured header named 'Auth-User':
print "Connected user: ".$ENV{HTTP_AUTH_USER};
print "Connected user: ".$_SERVER["HTTP_AUTH_USER"];
LL::NG now uses FastCGI instead of CGI, but you still can write your own protected CGI.
First create a PSGI module based on Lemonldap::NG::Handler:
package My::PSGI; use base "Lemonldap::NG::Handler::PSGI"; # or Lemonldap::NG::Handler::PSGI::OAuth2, etc… sub init { my ($self,$args) = @_; $self->protection('manager'); $self->SUPER::init($args) or return 0; $self->staticPrefix("/static"); $self->templateDir("/usr/share/lemonldap-ng/portal/templates"); # See Lemonldap::NG::Common::PSGI for more #... # Return a boolean. If false, then error message has to be stored in # $self->error return 1; } sub handler { my ( $self, $req ) = @_; # Will be called only if authorisated my $userId = $self->userId($req); #... # Return JSON # $self->sendJSONresponse(...); # or Return HTML $self->sendHtml($req, "myskin/mytemplate", ( params => { 'userId' => $userId }) ); }
They create a FCGI script like this:
#!/usr/bin/env perl use My::PSGI; use Plack::Handler::FCGI; Plack::Handler::FCGI->new->run( My::PSGI->run() );
See our LLNG Nginx/Apache configurations to see how to launch it or read PSGI/Plack documentation.
The protection parameter must be set when calling the init() method:
none: no protectionauthenticate: check authentication but do not manage authorizationmanager: rely on virtual host configuration in Managerrule: xxx: apply a specific rule