Lemonldap::NG::Handler::SharedConf - Perl extension to use dynamic configuration provide by Lemonldap::NG::Manager.

  package My::Package;
  use Lemonldap::NG::Handler::SharedConf;
  @ISA = qw(Lemonldap::NG::Handler::SharedConf);
  __PACKAGE__->init ( {
    localStorage        => "Cache::FileCache",
    localStorageOptions => {
        'namespace' => 'MyNamespace',
        'default_expires_in' => 600,
      },
    configStorage       => {
       type                => "DBI"
       dbiChain            => "DBI:mysql:database=$database;host=$hostname;port=$port",
       dbiUser             => "lemonldap",
       dbiPassword         => "password",
      },
  } );

Call your package in /apache-dir/conf/httpd.conf :

  PerlRequire MyFile
  # TOTAL PROTECTION
  PerlHeaderParserHandler My::Package
  # OR SELECTED AREA
  <Location /protected-area>
    PerlHeaderParserHandler My::Package
  </Location>

The configuration is loaded only at Apache start. Create an URI to force configuration reload, so you don't need to restart Apache at each change :

  # /apache-dir/conf/httpd.conf
  <Location /location/that/I/ve/choosed>
    Order deny,allow
    Deny from all
    Allow from my.manager.com
    PerlHeaderParserHandler My::Package->refresh
  </Location>

This library inherit from Lemonldap::NG::Handler::Simple to build a complete SSO Handler System: a central database contains the policy of your domain. People that want to access to a protected applications are redirected to the portal that run Lemonldap::NG::Portal::SharedConf. After reading configuration from the database and authenticating the user, it stores a key word for each application the user is granted to access to. Then the user is redirected to the application he wanted to access and the Apache handler build with Lemonldap::NG::Handler::SharedConf::DBI has just to verify that the keyword corresponding to the protected area is stored in the database.

Like Lemonldap::NG::Handler::Simple::init() but read only localStorage related options. You may change default time between two configuration checks with the reloadTime parameter (default 600s).

Each new Apache child checks if there's a configuration stored in the local store. If not, it calls getConf to get one and store it in the local store by calling setconf.

Every 600 seconds, each Apache child checks if the local stored configuration has changed and reload it if it has.

When refresh subroutine is called (by http for example: see synopsis), getConf is called to get the new configuration and setconf is called to store it in the local store.

Lemonldap::NG::Handler, Lemonldap::NG::Manager, Lemonldap::NG::Portal, http://lemonldap-ng.org/

Xavier Guimard, <x.guimard@free.fr>

Use OW2 system to report bug or ask for features: http://jira.ow2.org

Lemonldap::NG is available at http://forge.objectweb.org/project/showfiles.php?group_id=274

Copyright (C) 2005, 2007, 2010 by Xavier Guimard <x.guimard@free.fr>

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.10.0 or, at your option, any later version of Perl 5 you may have available.