NAME Lemonldap::Handlers::CAS - Perl extension for Lemonldap webSSO SYNOPSIS use Lemonldap::Handlers::Validate ### Validate service ticket use Lemonldap::Handlers::LoginCASFake ### Fake login : user must be egal to password (like CAS server demo) use Lemonldap::Handlers::LogoutCAS ### logout SSO DESCRIPTION Lemonldap is a Reverse-proxy webSSO and CAS (Central Authentification Service) is an another websso from Yales university . CAS acts like Authentification service NOT for authorization service . These modules give the capacity at a lemonldap to become CAS server. So , an user will be authenticate on CAS server AND on lemonldap. Then the service ticket is send to serviceValidate the lemonldap can retrieve all session for user and process to authorization like a lemonldap . Compatibility with CAS protocol. Lemonldap manages those parameters : service renew gateway INSTALLATION You must have an lemonldap websso installed (see doc on lemonldap.objectweb.org) Configures your Apache like this : servername authen.demo.net loglevel debug documentroot /usr/local/apache2/htdocs alias /portal /usr/local/monapache/portal/ ErrorLog logs/error_log setHandler modperl perlresponsehandler Lemonldap::Handlers::LoginCASFake PerlSetVar Domain demo.net PerlSetVar Configfile /usr/local/monapache/conf/application.xml PerlOptions +GlobalRequest setHandler modperl perlresponsehandler Lemonldap::Handlers::ValidateCAS PerlSetVar Domain demo.net PerlSetVar HandlerID validate PerlSetVar Configfile /usr/local/monapache/conf/application.xml PerlOptions +GlobalRequest setHandler modperl perlresponsehandler Lemonldap::Handlers::LogoutCAS PerlSetVar Domain demo.net PerlSetVar Configfile /usr/local/monapache/conf/application.xml PerlOptions +GlobalRequest YOU CAN MIXED lemonldap handler et CAS server Your application.xml is like this #### here normal lemonldap application ##### etc.. Put your login.html and logout.cas in the good directory (here /tmp) and the right name (here /tmp/login.htmlcas ) See the caspied and castete php examples (basic and standard CAS application) NOTES Lemonldapcas is just an emulation of CAS server , use the real CAS server if you have only CAS application . Lemonldap provides CAS version 1 and version 2 protocol ,if your location of validation contents the word 'Validate' (eg serviceValidation) the hanlder will use CAS version 2 overwise (eg service) it's CAS version 1 Lemonlap DOESN'T provide 'proxycas' service (in process) . Lemonldap shares its sessions with other lemonldap (unlike CAS server) . YOU MUST use HTTPS (by mod_ssl) in your apache server EXPORT None by default. SEE ALSO Mention other useful documentation such as the documentation of related modules or operating system documentation (such as man pages in UNIX), or any relevant external documentation such as RFCs or standards. AUTHOR root, COPYRIGHT AND LICENSE Copyright (C) 2007 by germanlinux at yahoo.fr This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.5 or, at your option, any later version of Perl 5 you may have available.