1# NOTE: THIS CONFIGURATION IS FOR APACHE 2.4 ONLY 2# (with Debian/Ubuntu version of Apache2::AuthCookie) 3# 4# Modify this to your liking and include it in httpd.conf. 5# ----------------------------------------------------------------------------- 6 7PerlModule ModPerl::Util 8PerlModule Apache2::Request 9PerlModule Apache2::RequestRec 10PerlModule Apache2::RequestIO 11PerlModule Apache2::RequestUtil 12PerlModule Apache2::ServerUtil 13PerlModule Apache2::Connection 14PerlModule Apache2::Log 15PerlModule Apache::Session 16PerlModule APR::Table 17PerlModule ModPerl::Registry 18PerlModule "Apache2::Const => ':common'" 19PerlModule "APR::Const => ':common'" 20 21PerlModule Apache2::SiteControl 22PerlModule HTML::Mason::ApacheHandler 23 24# Uncomment this next line if you get errors from libapreq2 25# about an 'undefined symbol' 26#LoadModule apreq_module /usr/lib/apache2/modules/mod_apreq2.so 27 28# Add Netdot's libraries to @INC 29PerlSwitches -I<<Make:PREFIX>>/lib 30 31<Perl> 32# Set up the Mason handler and global variables and import modules. 33use Netdot::Mason; 34 35# Override SiteControl's login method 36use Netdot::SiteControlLoginWrapper; 37</Perl> 38 39 40# If you would like to put netdot somewhere other than ``/netdot'' 41# just change this alias, the location of the login target 42# (i.e. /netdot/NetdotLogin), and the variable NetdotPath below. 43Alias /netdot "<<Make:PREFIX>>/htdocs/" 44 45# Force UTF8 46PerlSetVar MasonPreamble "use utf8;" 47AddDefaultCharset utf-8 48 49# Set the path that will be protected. 50# 51# *NOTE* This variable is used to determine absolute paths where 52# needed in the netdot pages. The Netdot corresponds to AuthName 53# Netdot below. If you want to change the AuthName you will still 54# need this variable as the Mason code assumes you didn't change the 55# AuthName. 56PerlSetVar NetdotPath "/netdot/" 57 58# Indicate the path to the login page. Be careful, HTML::Mason can 59# interfere with proper handling...make sure you know your dependencies. 60# See samples and Apache::AuthCookie for more information. 61PerlSetVar NetdotLoginScript /netdot/login.html 62 63# See Apache::AuthCookie for descriptions of these. 64# 65# A general note about these Netdot variables: Some are accessed when 66# a user requests a page and others are accessed when a user attempts 67# to login. In our setup the login target (NetdotLogin) is in the 68# same apache scope as the netdot pages (/netdot) and these variables 69# are specified at the global scope so there isn't an issue, but if 70# you decide to move them inside a Directory, Files, or Location block 71# and move the login target be sure that you put the right variables 72# in the right places (hint: you will probably have to read the 73# AuthCookie code as it is not clear from the docs, if you don't want 74# any duplicates). The same probably goes for the SiteControl and 75# other non prefixed variables, but since they don't have prefixes it 76# would be inconsiderate to put them at the top level (pollute the 77# global name space), and so if you move the login target be sure to 78# duplicate any relevant variables (again, it might not be obvious 79# which). 80 81# If this is set you wont be able to use unqualified hostnames and 82# rely on DNS to supply the domain. DNS will supply the domain no 83# doubt, but the browser doesn't see it so the cookie will be invalid. 84# Also, a hostname isn't valid here. 85#PerlSetVar NetdotDomain .uoregon.edu 86PerlSetVar NetdotCache 1 87 88# We change the value of NetdotExpires dynamically to implement both 89# temporary and permanent sessions. NetdotTemporySessionExpires 90# specifies the length of the tempory sessions, i.e. it corresponds to 91# NetdotExpires in a typical AuthCookie setup. 92PerlSetVar NetdotTemporarySessionExpires +2h 93 94# Apache 2.4 Authorization 95PerlAddAuthzProvider user Apache2::SiteControl->authz_handler 96 97<Directory <<Make:PREFIX>>/htdocs/> 98 # Other applications may have attempted to override how .html files are 99 # interpreted. We need to reset this so that HTML::Mason can work 100 # correctly. 101 AddType text/html .html 102 103 # Defaults: everything is protected and handled by mason 104 SetHandler perl-script 105 PerlHandler Netdot::Mason 106 AuthType Apache2::SiteControl 107 AuthName Netdot 108 Require valid-user 109 110 # Prevent mason from handling css and javascript 111 <FilesMatch (\.css|\.js)$> 112 SetHandler default-handler 113 </FilesMatch> 114 115 # Allow access to the css and and title image so the login page 116 # displays correctly. 117 <FilesMatch (\.css|title\.png)$> 118 Require all granted 119 </FilesMatch> 120 121 <Files login.html> 122 Require all granted 123 </Files> 124 125 <Files NetdotLogin> 126 Require all granted 127 PerlHandler Netdot::SiteControlLoginWrapper->login 128 </Files> 129 130 # Use Local authentication 131 PerlSetVar SiteControlMethod Netdot::AuthLocal 132 133 # Turn on debugging 134 PerlSetVar AccessControllerDebug 1 135 PerlSetVar AuthCookieDebug 1 136 PerlSetVar SiteControlDebug 1 137 138 # Configure the factories. See SiteControl::UserFactory and 139 # SiteControl::ManagerFactory 140 PerlSetVar SiteControlManagerFactory Netdot::NetdotPermissionFactory 141 142 # Configure the location of the session data on server disks 143 # NOTE: apache should have read/write access to these locations. 144 PerlSetVar SiteControlSessions <<Make:PREFIX>>/tmp/sessions 145 PerlSetVar SiteControlLocks <<Make:PREFIX>>/tmp/sessions/locks 146 147 # Tell mod_perl that you want this module to control access: 148 PerlAuthenHandler Apache2::SiteControl->authenticate 149 150 # See Apache2::SiteControl::UserFactory. There are more variables, 151 # but this seems to be the only one which makess SiteControl insult 152 # you in the logs :P 153 PerlSetVar UserObjectPasswordKey "Netdot gets the last laugh" 154</Directory> 155