documentation:2.0:selfmadeapplication

Your application can know the connected user using:

REMOTE_USER environment variable (with local Handler or SetEnvIf trick)
HTTP header (in all cases)

To get more information on user (name, mail, etc.), you have to read HTTP headers.

If your application is based on Perl CGI package, you can simply replace CGI by Lemonldap::NG::Handler::CGI

LL::NG now uses FastCGI instead of CGI, but you still can write your own protected CGI.

First create a PSGI module based on Lemonldap::NG::Handler:

  package My::PSGI;
 
  use base Lemonldap::NG::Handler;
 
  sub init {
    my ($self,$args) = @_;
    $self->protection('manager');
    # See Lemonldap::NG::Common::PSGI for more
    ...
    # Return a boolean. If false, then error message has to be stored in
    # $self->error
    return 1;
  }
 
  sub handler {
    my ( $self, $req ) = @_;
 
    # Will be called only if authorisated
    my $userId = $self->userId;
    ...
    $self->sendJSONresponse(...);
  }

See our LLNG Nginx/Apache configurations to see how to launch it or read PSGI/Plack documentation.

The protection parameter must be set when calling the init() method:

none: no protection
authenticate: check authentication but do not manage authorization
manager: rely on virtual host configuration in Manager
rule: xxx: apply a specific rule

Table of Contents

Protect your application

Presentation

Code snippet

Perl

PHP

Perl auto-protected CGI