File:
[LON-CAPA] /
loncom /
auth /
lonshibauth.pm
Revision
1.3:
download - view:
text,
annotated -
select for diffs
Sun May 17 17:34:43 2015 UTC (9 years, 8 months ago) by
raeburn
Branches:
MAIN
CVS tags:
version_2_11_3_uiuc,
version_2_11_3_msu,
version_2_11_3,
version_2_11_2_uiuc,
version_2_11_2_msu,
version_2_11_2_educog,
version_2_11_2,
version_2_11_1,
HEAD
- Too early in request for $ENV{'SERVER_PORT'} to be set, so determine if
this server needs https or http from configuration in hosts.tab
# The LearningOnline Network
# Redirect Shibboleth authentication to designated URL (/adm/sso).
#
# $Id: lonshibauth.pm,v 1.3 2015/05/17 17:34:43 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
#
# LON-CAPA is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# LON-CAPA is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with LON-CAPA; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# /home/httpd/html/adm/gpl.txt
#
# http://www.lon-capa.org/
#
=head1 NAME
Apache::lonshibauth - Redirect Shibboleth authentication
=head1 SYNOPSIS
Invoked when lonOtherAuthen is set to yes, and type is Shibboleth
If server is configured as a Shibboleth SP, the main Apache
configuration file, e.g., /etc/httpd/conf/httpd.conf
(for RHEL/CentOS/Scentific Linux/Fedora) should contain:
LoadModule mod_shib /usr/lib/shibboleth/mod_shib_22.so
or equivalent (depending on Apache version)
before the line to include conf/loncapa_apache.conf
=head1 INTRODUCTION
Redirects a user requiring Single Sign On via Shibboleth to a
URL -- /adm/sso -- on the server which is configured to use that service.
=head1 HANDLER SUBROUTINE
This routine is called by Apache and mod_perl.
=over 4
If $r->user defined and requested uri not /adm/sso
redirect to /adm/sso
Otherwise return DECLINED
=back
=cut
package Apache::lonshibauth;
use strict;
use lib '/home/httpd/lib/perl/';
use Apache::lonnet;
use Apache::Constants qw(:common REDIRECT);
use LONCAPA qw(:DEFAULT);
sub handler {
my $r = shift;
my $target = '/adm/sso';
if (($r->user eq '') && ($r->uri() ne $target)) {
my $lonhost = $Apache::lonnet::perlvar{'lonHostID'};
my $hostname = &Apache::lonnet::hostname($lonhost);
if (!$hostname) { $hostname = $r->hostname(); }
my $protocol = $Apache::lonnet::protocol{$lonhost};
unless ($protocol eq 'https') { $protocol = 'http'; }
my $dest = $protocol.'://'.$hostname.$target;
$r->subprocess_env;
if ($ENV{'QUERY_STRING'} ne '') {
$dest .= '?'.$ENV{'QUERY_STRING'};
}
$r->header_out(Location => $dest);
return REDIRECT;
} else {
return DECLINED;
}
}
1;
__END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lonshibauth.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / auth