You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
119 lines
3.5 KiB
119 lines
3.5 KiB
{
|
|
|
|
use esmith::AccountsDB;
|
|
my $a = esmith::AccountsDB->open_ro() or die "Couldn't open AccountsDB\n";
|
|
|
|
if ( $port ne ($modSSL{'TCPPort'} || '443')){
|
|
$OUT .=<<"EOF";
|
|
|
|
#====================================================================
|
|
# HTTPS redirection for LemonLDAP::NG Portal
|
|
#====================================================================
|
|
|
|
RewriteEngine on
|
|
RewriteRule ^/(.*|\$) https://%{HTTP_HOST}/\$1 \[L,R\]
|
|
|
|
EOF
|
|
}
|
|
else{
|
|
my $soapAllow = join (" ", split(/[;,]/, ($lemonldap{'SoapAllowFrom'} || '')));
|
|
$soapAllow = ( $soapAllow eq '' ) ? '' : "Allow from $soapAllow\n ";
|
|
my $soapPassword = $lemonldap{'SoapPassword'} || '';
|
|
$soapAllow .= ($soapPassword eq '') ? '' :
|
|
'AuthName "LemonLDAP SOAP interface"' . "\n " .
|
|
'AuthType Basic' . "\n " .
|
|
'AuthBasicProvider file' . "\n " .
|
|
'AuthUserFile /etc/lemonldap-ng/soap-htpasswd' . "\n " .
|
|
'Require valid-user' . "\n " .
|
|
'Satisfy all';
|
|
|
|
$OUT .=<<"EOF";
|
|
|
|
SSLEngine On
|
|
|
|
PerlOptions +Parent
|
|
|
|
#====================================================================
|
|
# Apache configuration for LemonLDAP::NG Portal
|
|
#====================================================================
|
|
|
|
# DocumentRoot
|
|
DocumentRoot /var/lib/lemonldap-ng/portal/
|
|
|
|
<Perl>
|
|
require Lemonldap::NG::Portal::SharedConf;
|
|
Lemonldap::NG::Portal::SharedConf->compile(
|
|
qw(delete header cache read_from_client cookie redirect unescapeHTML));
|
|
# Uncomment this line if you use portal SOAP capabilities
|
|
require SOAP::Lite;
|
|
</Perl>
|
|
|
|
<Directory /var/lib/lemonldap-ng/portal/>
|
|
Order allow,deny
|
|
Allow from all
|
|
Options +ExecCGI +FollowSymlinks
|
|
</Directory>
|
|
|
|
# Perl script
|
|
<Files *.pl>
|
|
SetHandler perl-script
|
|
PerlResponseHandler ModPerl::Registry
|
|
</Files>
|
|
|
|
<IfModule mod_dir.c>
|
|
DirectoryIndex index.pl index.html
|
|
</IfModule>
|
|
|
|
# SOAP functions for sessions management (disabled by default)
|
|
<Location /index.pl/adminSessions>
|
|
Order deny,allow
|
|
Deny from all
|
|
$soapAllow
|
|
</Location>
|
|
|
|
# SOAP functions for sessions access (disabled by default)
|
|
<Location /index.pl/sessions>
|
|
Order deny,allow
|
|
Deny from all
|
|
$soapAllow
|
|
</Location>
|
|
|
|
# SOAP functions for configuration access (disabled by default)
|
|
<Location /index.pl/config>
|
|
Order deny,allow
|
|
Deny from all
|
|
$soapAllow
|
|
</Location>
|
|
|
|
# SOAP functions for notification insertion (disabled by default)
|
|
<Location /index.pl/notification>
|
|
Order deny,allow
|
|
Deny from all
|
|
$soapAllow
|
|
</Location>
|
|
|
|
<Location />
|
|
<IfModule mod_deflate.c>
|
|
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
|
|
SetOutputFilter DEFLATE
|
|
BrowserMatch ^Mozilla/4 gzip-only-text/html
|
|
BrowserMatch ^Mozilla/4\.0[678] no-gzip
|
|
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
|
|
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)\$ no-gzip dont-vary
|
|
</IfModule>
|
|
<IfModule mod_headers.c>
|
|
Header append Vary User-Agent env=!dont-vary
|
|
</IfModule>
|
|
</Location>
|
|
<Location /skins/>
|
|
<IfModule mod_expires.c>
|
|
ExpiresActive On
|
|
ExpiresDefault "access plus 1 month"
|
|
</IfModule>
|
|
</Location>
|
|
|
|
EOF
|
|
}
|
|
}
|
|
|
|
|
|
|