1# NOTE: THIS CONFIGURATION IS FOR APACHE 2 ONLY. 2# 3# Modify this to your liking and include it in httpd.conf. 4# ----------------------------------------------------------------------------- 5 6PerlModule ModPerl::Util 7PerlModule Apache2::Request 8PerlModule Apache2::RequestRec 9PerlModule Apache2::RequestIO 10PerlModule Apache2::RequestUtil 11PerlModule Apache2::ServerUtil 12PerlModule Apache2::Connection 13PerlModule Apache2::Log 14PerlModule Apache::Session 15PerlModule APR::Table 16PerlModule ModPerl::Registry 17PerlModule "Apache2::Const => ':common'" 18PerlModule "APR::Const => ':common'" 19 20PerlModule Apache2::SiteControl 21PerlModule HTML::Mason::ApacheHandler 22 23# Uncomment this next line if you get errors from libapreq2 24# about an 'undefined symbol' 25LoadModule perl_module libexec/apache22/mod_perl.so 26LoadModule apreq_module libexec/apache22/mod_apreq2.so 27 28# Add Netdot's libraries to @INC 29PerlSwitches -I<<Make:PREFIX>>/lib 30 31<Perl> 32# Set up the Mason handler and global variables and import modules. 33use Netdot::Mason; 34 35# Override SiteControl's login method 36use Netdot::SiteControlLoginWrapper; 37</Perl> 38 39 40# If you would like to put netdot somewhere other than ``/netdot'' 41# just change this alias, the location of the login target 42# (i.e. /netdot/NetdotLogin), and the variable NetdotPath below. 43Alias /netdot "<<Make:PREFIX>>/htdocs/" 44 45# Force UTF8 46PerlSetVar MasonPreamble "use utf8;" 47AddDefaultCharset utf-8 48 49# Set the path that will be protected. 50# 51# *NOTE* This variable is used to determine absolute paths where 52# needed in the netdot pages. The Netdot corresponds to AuthName 53# Netdot below. If you want to change the AuthName you will still 54# need this variable as the Mason code assumes you didn't change the 55# AuthName. 56PerlSetVar NetdotPath "/netdot/" 57 58# Indicate the path to the login page. Be careful, HTML::Mason can 59# interfere with proper handling...make sure you know your dependencies. 60# See samples and Apache::AuthCookie for more information. 61PerlSetVar NetdotLoginScript /netdot/login.html 62 63# See Apache::AuthCookie for descriptions of these. 64# 65# A general note about these Netdot variables: Some are accessed when 66# a user requests a page and others are accessed when a user attempts 67# to login. In our setup the login target (NetdotLogin) is in the 68# same apache scope as the netdot pages (/netdot) and these variables 69# are specified at the global scope so there isn't an issue, but if 70# you decide to move them inside a Directory, Files, or Location block 71# and move the login target be sure that you put the right variables 72# in the right places (hint: you will probably have to read the 73# AuthCookie code as it is not clear from the docs, if you don't want 74# any duplicates). The same probably goes for the SiteControl and 75# other non prefixed variables, but since they don't have prefixes it 76# would be inconsiderate to put them at the top level (pollute the 77# global name space), and so if you move the login target be sure to 78# duplicate any relevant variables (again, it might not be obvious 79# which). 80PerlSetVar NetdotSatisfy All 81# If this is set you wont be able to use unqualified hostnames and 82# rely on DNS to supply the domain. DNS will supply the domain no 83# doubt, but the browser doesn't see it so the cookie will be invalid. 84# Also, a hostname isn't valid here. 85#PerlSetVar NetdotDomain .uoregon.edu 86PerlSetVar NetdotCache 1 87 88# We change the value of NetdotExpires dynamically to implement both 89# temporary and permanent sessions. NetdotTemporySessionExpires 90# specifies the length of the tempory sessions, i.e. it corresponds to 91# NetdotExpires in a typical AuthCookie setup. 92PerlSetVar NetdotTemporarySessionExpires +2h 93 94<Directory <<Make:PREFIX>>/htdocs/> 95 Order Deny,Allow 96 Allow from all 97 98 # Other applications may have attempted to override how .html files are 99 # interpreted. We need to reset this so that HTML::Mason can work 100 # correctly. 101 AddType text/html .html 102 103 104 # This is hackish but it works. It is preferred over handling all 105 # files in /netdot as this causes requests for /netdot or /netdot/ 106 # to fail (DirectoryIndex doesn't get handled correctly). The 107 # "proper" way to handle this is with rewrite rules or 108 # fixuphandlers I think, but this works: Handle everything which 109 # isn't /netdot or /netdot/, i.e. which has atleast one non / char 110 # in its name relative /netdot/, with mason. 111 <FilesMatch .> 112 SetHandler perl-script 113 PerlHandler Netdot::Mason 114 </FilesMatch> 115 116 # Prevent mason from handling css and javascript 117 <FilesMatch (\.css|\.js)$> 118 SetHandler default-handler 119 </FilesMatch> 120 121 AuthType Apache2::SiteControl 122 AuthName Netdot 123 # Choose a name for the instance of the authenticator. This name is 124 # used as part of the remaining variable names. 125 PerlSetVar AuthName Netdot 126 require valid-user 127 128 # Allow access to the css and and title image so the login page 129 # displays correctly. The anonymous sub is somehow equiv to the 130 # specification of the constant explicitly. The point is that you 131 # can't simply turn off authentication for particular files, you 132 # must provide a new handler which allows all requests instead. 133 <FilesMatch (\.css|title\.png)$> 134 PerlAuthenHandler Apache2::Const::OK #'sub { return OK }' 135 PerlAuthzHandler Apache2::Const::OK #'sub { return OK }' 136 </FilesMatch> 137 138 # Use Local authentication 139 PerlSetVar SiteControlMethod Netdot::AuthLocal 140 141 # Turn on debugging 142 PerlSetVar AccessControllerDebug 1 143 PerlSetVar AuthCookieDebug 1 144 PerlSetVar SiteControlDebug 1 145 146 # Configure the factories. See SiteControl::UserFactory and 147 # SiteControl::ManagerFactory 148 PerlSetVar SiteControlManagerFactory Netdot::NetdotPermissionFactory 149 150 # Configure the location of the session data on server disks 151 # NOTE: apache should have read/write access to these locations. 152 PerlSetVar SiteControlSessions <<Make:PREFIX>>/tmp/sessions 153 PerlSetVar SiteControlLocks <<Make:PREFIX>>/tmp/sessions/locks 154 155 # Tell mod_perl that you want this module to control access: 156 PerlAuthenHandler Apache2::SiteControl->authenticate 157 PerlAuthzHandler Apache2::SiteControl->authorize 158 159 # See Apache2::SiteControl::UserFactory. There are more variables, 160 # but this seems to be the only one which makess SiteControl insult 161 # you in the logs :P 162 PerlSetVar UserObjectPasswordKey "Netdot gets the last laugh" 163</Directory> 164 165<Location /netdot/NetdotLogin> 166 SetHandler perl-script 167 PerlHandler Netdot::SiteControlLoginWrapper->login 168 169 # Stop AuthCookie from preventing access to NetdotLogin 170 # (which would create an authen loop). 171 PerlAuthenHandler Apache2::Const::OK 172 PerlAuthzHandler Apache2::Const::OK 173 174</Location> 175