Annotation of loncom/auth/lonshibauth.pm, revision 1.1

1.1     ! raeburn     1: # The LearningOnline Network
        !             2: # Redirect Shibboleth authentication to designated URL (/adm/sso).
        !             3: #
        !             4: # $Id: lonshibauth.pm $
        !             5: #
        !             6: # Copyright Michigan State University Board of Trustees
        !             7: #
        !             8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
        !             9: #
        !            10: # LON-CAPA is free software; you can redistribute it and/or modify
        !            11: # it under the terms of the GNU General Public License as published by
        !            12: # the Free Software Foundation; either version 2 of the License, or
        !            13: # (at your option) any later version.
        !            14: #
        !            15: # LON-CAPA is distributed in the hope that it will be useful,
        !            16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
        !            17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
        !            18: # GNU General Public License for more details.
        !            19: #
        !            20: # You should have received a copy of the GNU General Public License
        !            21: # along with LON-CAPA; if not, write to the Free Software
        !            22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
        !            23: #
        !            24: # /home/httpd/html/adm/gpl.txt
        !            25: #
        !            26: # http://www.lon-capa.org/
        !            27: #
        !            28: 
        !            29: =head1 NAME
        !            30: 
        !            31: Apache::lonshibauth - Redirect Shibboleth authentication
        !            32: 
        !            33: =head1 SYNOPSIS
        !            34: 
        !            35: Invoked when lonOtherAuthen is set to yes, and type is Shibboleth 
        !            36: 
        !            37: If server is configured as a Shibboleth SP, the main Apache 
        !            38: configuration file, e.g.,  /etc/httpd/conf/httpd.conf
        !            39: (for RHEL/CentOS/Scentific Linux/Fedora) should contain:
        !            40: 
        !            41: LoadModule mod_shib /usr/lib/shibboleth/mod_shib_22.so
        !            42: 
        !            43: or equivalent (depending on Apache version) 
        !            44: before the line to include conf/loncapa_apache.conf
        !            45: 
        !            46: =head1 INTRODUCTION
        !            47: 
        !            48: Redirects a user requiring Single Sign On via Shibboleth to a  
        !            49: URL -- /adm/sso -- on the server which is configured to use that service.
        !            50: 
        !            51: =head1 HANDLER SUBROUTINE
        !            52: 
        !            53: This routine is called by Apache and mod_perl.
        !            54: 
        !            55: =over 4
        !            56: 
        !            57: If $r->user defined and requested uri not /adm/sso
        !            58: redirect to /adm/sso
        !            59: 
        !            60: Otherwise return DECLINED
        !            61: 
        !            62: =back
        !            63: 
        !            64: =cut
        !            65: 
        !            66: package Apache::lonshibauth;
        !            67: 
        !            68: use strict;
        !            69: use lib '/home/httpd/lib/perl/';
        !            70: use Apache::Constants qw(:common);
        !            71: use LONCAPA qw(:DEFAULT);
        !            72: 
        !            73: sub handler {
        !            74:     my $r = shift;
        !            75:     my $target = '/adm/sso';
        !            76:     if (($r->user eq '') && ($r->uri() ne $target)) {
        !            77:         my $dest = &Apache::lonnet::absolute_url($r->hostname()).$target;
        !            78:         $r->subprocess_env;
        !            79:         if ($ENV{'QUERY_STRING'} ne '') {
        !            80:             $dest .= '?'.$ENV{'QUERY_STRING'};
        !            81:         }
        !            82:         $r->header_out(Location => $dest);
        !            83:         return REDIRECT;
        !            84:     } else {
        !            85:         return DECLINED;
        !            86:     }
        !            87: }
        !            88: 
        !            89: 1;
        !            90: __END__

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>