- DEVELOPER INSTRUCTIONS
- SEE ALSO
- BUG REPORT
- COPYRIGHT AND LICENSE
Lemonldap::NG::Portal - The authentication portal part of Lemonldap::NG Web-SSO system.
Use any of Plack launcher. Example:
#!/usr/bin/env plackup use Lemonldap::NG::Portal; # This must be the last instruction! See PSGI for more Lemonldap::NG::Portal->run($opts);
Lemonldap::NG is a modular Web-SSO based on Apache::Session modules. It provides an easy way to build a secured area to protect applications with very few changes.
Lemonldap::NG manages both authentication and authorization. Furthermore it provides headers for accounting. So you can have a full AAA protection for your web space as described below.
Lemonldap::NG::Portal provides portal components. See http://lemonldap-ng.org for more.
The portal object is based on Lemonldap::NG::Handler::Try: underlying handler tries to authenticate user and follows initialized auth / unauth routes.
Initialization process subscribes portal to handler configuration reload and requests handler initialization (Lemonldap::NG::Portal::Main::Init). So configuration is read by handler at each reload.
During configuration reload, each enabled components are loaded as plugins:
init() is called for each plugin. If a plugin initialization fails (init() returns 0), the portal responds a 500 status code for each request.
See Lemonldap::NG::Portal::Main::Plugin to see how to write modules.
do() stores methods to call in $req->steps and launches Lemonldap::NG::Portal::Main::Process::process(). This method removes each method stored in $req->steps and launches it. If the result is PE_OK, process() continues, else it returns the error code.
If it is an Ajax request, do() responds in JSON format else it manages redirection if any. Else it calls Lemonldap::NG::Portal::Main::Display::display() to load template and arguments, and launches Lemonldap::NG::Common::PSGI::sendHtml() using them.
Portal main object is defined in Lemonldap::NG::Portal::Main::* classes. Other components are plugins. Plugins do not have to store any hash key in main object.
Main and plugin keys must be set during initialization process. They must be read-only during requests receiving.
The Lemonldap::NG::Portal::Main::Request request has fixed keys. A plugin that wants to store a temporary key must store it in
$req->data or use defined keys, but it must never create a root key. Plugin keys may have explicit names to avoid conflicts.
Whole configuration is always available. It is stored in $self->conf. It must not be modified by any components even during initialization process or receiving request (during initialization, copy the value in the plugin namespace instead).
All plugins can access to portal methods using $self->p which points to portal main object. Some main methods are mapped to the plugin namespace:
- logger() accessor to log
- userLogger() accessor to log user actions
- error() accessor (use it to store error during initialization)
Most of the documentation is available on http://lemonldap-ng.org website
- Writing an authentication module: Lemonldap::NG::Portal::Auth
- Writing a UserDB module: Lemonldap::NG::Portal::UserDB
- Writing a second factor module: Lemonldap::NG::Portal::Main::SecondFactor
- Writing an issuer module: Lemonldap::NG::Portal::Main::Issuer
- Writing another plugin: Lemonldap::NG::Portal::Main::Plugin
- Request object: Lemonldap::NG::Portal::Main::Request
- Adding parameters in the manager: Lemonldap::NG::Manager::Build
- LemonLDAP::NG team http://lemonldap-ng.org/team
Use OW2 system to report bug or ask for features: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues
Lemonldap::NG is available at http://forge.objectweb.org/project/showfiles.php?group_id=274
See COPYING file for details.
This library is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.