File: INSTALL

package info (click to toggle)
mod-authz-securepass 0~20140715+0git93f271f5-3
  • links: PTS, VCS
  • area: main
  • in suites: jessie, jessie-kfreebsd
  • size: 216 kB
  • ctags: 182
  • sloc: ansic: 1,748; makefile: 71
file content (82 lines) | stat: -rwxr-xr-x 3,158 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
There isn't yet a ready to use package available, but compiling this module is really simple.
Follow the steps below:

1)
Configure Apache to use cas. Follow the guide:
http://support.secure-pass.net/wiki/index.php/Apache

2)
Install apxs (APache eXtenSion tool) usually provided with the development package of Apache.

For Debian-like distro install apxs with:
	apt-get install apache2-prefork-dev 
	# or
	apt-get install apache2-threaded-dev

For RedHat distro install apxs with
	yum install -y httpd-devel make gcc

3)
Download the source from git from the stable branch:
	git clone https://github.com/garlsecurity/mod_authz_securepass.git -b master
	cd mod_authz_securepass

4)
Compile the module and install it:

make install

5)
configure mod_authz_securepass using the following directives:

Valid Server/VirtualHost Directives
-----------------------------------
Directive:      AuthzSecurepassDebug
Default:        Off
Description:    Set to On to enable debugging mode for troubleshooting.

Directive:      AuthzSecurepassCheckGroup
Default:        On
Description:    Set to Off to disable checking of group associated to the user

Directive:      AuthzSecurepassRESTfulAPI
Default:        NULL
Description:    URL of RESTful API where to check if a user belongs to a group

Directive:      AuthzSecurepassAppID
Default:        NULL
Description:    Value of X-SecurePass-App-ID to be inserted into HTTP header to invoke Securepass RESTful API

Directive:      AuthzSecurepassAppSecret
Default:        NULL
Description:    Value of X-SecurePass-App-Secret to be inserted into HTTP header to invoke Securepass RESTful API

Directive:      AuthzSecurepassGroupCachePath
Default:        NULL 
Description:    The file system directory where mappings betweeen users and Securepass groups are cached

Directive:      AuthzSecurepassGroupTimeout
Default:        600 (10 minutes)
Description:    The limit in seconds for the cached mappings between users and Securepass groups.
                When a mapping has reached this age, the user is checked again against the Securepass RESTful API.
                If set to 0, the mapping will not be cached

Directive:      AuthzSecurepassCacheCleanInterval
Default:        1800 (30 minutes)
Description:    The minimum amount of time that must pass inbetween cache
                cleanings.  When a new mapping is cached, the time of the last cache
                clean is compared against this value. If  AuthzSecurepassCacheCleanInterval seconds 
                have passed since the last cleaning, then all files in AuthzSecurepassGroupCachePath 
                are examined and if they have expired, they are removed.  This is to prevent the
                file system from becoming excessively cluttered.

Valid Directory/.htaccess Directives
-----------------------------------
Directive:      AuthzSecurepass
Default:        Off
Description:    Set to On to enable SecurePass module

Directive:      AuthzSecurepassAuthoritative
Default:        On
Description:    Set to Off to allow access control to be passed along to lower 
                modules if this module can't confirm access rights