File Coverage

blib/lib/Lemonldap/NG/Portal/IssuerDBCAS.pm

Criterion	Covered	Total	%
statement	4	6	66.6
branch			n/a
condition			n/a
subroutine	2	2	100.0
pod			n/a
total	6	8	75.0

line	stmt	sub	time	code
1				## @file
2				# CAS Issuer file
3
4				## @class
5				# CAS Issuer class
6				package Lemonldap::NG::Portal::IssuerDBCAS;
7
8	1	1	23098	use strict;
	1		2
	1		95
9	1	1	909	use Lemonldap::NG::Portal::Simple;
	0
	0
10				use Lemonldap::NG::Portal::_CAS;
11				use base qw(Lemonldap::NG::Portal::_CAS Lemonldap::NG::Portal::_LibAccess);
12
13				our $VERSION = '1.4.3';
14
15				## @method void issuerDBInit()
16				# Nothing to do
17				# @return Lemonldap::NG::Portal error code
18				sub issuerDBInit {
19				my $self = shift;
20
21				return PE_OK;
22				}
23
24				## @apmethod int issuerForUnAuthUser()
25				# Manage CAS request for unauthenticated user
26				# @return Lemonldap::NG::Portal error code
27				sub issuerForUnAuthUser {
28				my $self = shift;
29
30				# CAS URLs
31				my $issuerDBCASPath = $self->{issuerDBCASPath};
32				my $cas_login = 'login';
33				my $cas_logout = 'logout';
34				my $cas_validate = 'validate';
35				my $cas_serviceValidate = 'serviceValidate';
36				my $cas_proxyValidate = 'proxyValidate';
37				my $cas_proxy = 'proxy';
38
39				# Called URL
40				my $url = $self->url();
41				my $url_path = $self->url( -absolute => 1 );
42				$url_path =~ s#^//#/#;
43
44				# 1. LOGIN
45				if ( $url_path =~ m#${issuerDBCASPath}${cas_login}# ) {
46
47				$self->lmLog( "URL $url detected as an CAS LOGIN URL", 'debug' );
48
49				# GET parameters
50				my $service = $self->getHiddenFormValue('service')
51				\|\| $self->param('service');
52				my $renew = $self->getHiddenFormValue('renew') \|\| $self->param('renew');
53				my $gateway = $self->getHiddenFormValue('gateway')
54				\|\| $self->param('gateway');
55
56				# Keep values in hidden fields
57				$self->setHiddenFormValue( 'service', $service );
58				$self->setHiddenFormValue( 'renew', $renew );
59				$self->setHiddenFormValue( 'gateway', $gateway );
60
61				# Gateway
62				if ( $gateway eq 'true' ) {
63
64				# User should already be authenticated
65				$self->lmLog(
66				"Gateway authentication requested, but user is not logged in",
67				'error' );
68
69				# Redirect user to the service
70				$self->lmLog( "Redirect user to $service", 'debug' );
71
72				$self->{urldc} = $service;
73
74				return $self->_subProcess(qw(autoRedirect));
75
76				}
77
78				}
79
80				# 2. LOGOUT
81				if ( $url_path =~ m#${issuerDBCASPath}${cas_logout}# ) {
82
83				$self->lmLog( "URL $url detected as an CAS LOGOUT URL", 'debug' );
84
85				# GET parameters
86				my $logout_url = $self->param('url');
87
88				if ($logout_url) {
89
90				# Display a link to the provided URL
91				$self->lmLog( "Logout URL $logout_url will be displayed", 'debug' );
92
93				$self->info( "<h3>" . $self->msg(PM_BACKTOCASURL) . "</h3>" );
94				$self->info("<p><a href=\"$logout_url\">$logout_url</a></p>");
95				$self->{activeTimer} = 0;
96
97				return PE_CONFIRM;
98				}
99
100				return PE_LOGOUT_OK;
101
102				}
103
104				# 3. VALIDATE [CAS 1.0]
105				if ( $url_path =~ m#${issuerDBCASPath}${cas_validate}# ) {
106
107				$self->lmLog( "URL $url detected as an CAS VALIDATE URL", 'debug' );
108
109				# GET parameters
110				my $service = $self->param('service');
111				my $ticket = $self->param('ticket');
112				my $renew = $self->param('renew');
113
114				# Required parameters: service and ticket
115				unless ( $service and $ticket ) {
116				$self->lmLog( "Service and Ticket parameters required", 'error' );
117				$self->returnCasValidateError();
118				}
119
120				$self->lmLog(
121				"Get validate request with ticket $ticket for service $service",
122				'debug' );
123
124				unless ( $ticket =~ s/^ST-// ) {
125				$self->lmLog( "Provided ticket is not a service ticket (ST)",
126				'error' );
127				$self->returnCasValidateError();
128				}
129
130				my $casServiceSession = $self->getCasSession($ticket);
131
132				unless ($casServiceSession) {
133				$self->lmLog( "Service ticket session $ticket not found", 'error' );
134				$self->returnCasValidateError();
135				}
136
137				$self->lmLog( "Service ticket session $ticket found", 'debug' );
138
139				# Check service
140				unless ( $service eq $casServiceSession->data->{service} ) {
141				$self->lmLog(
142				"Submitted service $service does not match initial service "
143				. $casServiceSession->data->{service},
144				'error'
145				);
146				$self->deleteCasSession($casServiceSession);
147				$self->returnCasValidateError();
148				}
149
150				$self->lmLog( "Submitted service $service math initial servce",
151				'debug' );
152
153				# Check renew
154				if ( $renew eq 'true' ) {
155
156				# We should check the ST was delivered with primary credentials
157				$self->lmLog( "Renew flag detected ", 'debug' );
158
159				unless ( $casServiceSession->data->{renew} ) {
160				$self->lmLog(
161				"Authentication renew requested, but not done in former authentication process",
162				'error'
163				);
164				$self->deleteCasSession($casServiceSession);
165				$self->returnCasValidateError();
166				}
167				}
168
169				# Open local session
170				my $localSession =
171				$self->getApacheSession( $casServiceSession->data->{_cas_id}, 1 );
172
173				unless ($localSession) {
174				$self->lmLog(
175				"Local session "
176				. $casServiceSession->data->{_cas_id}
177				. " notfound",
178				'error'
179				);
180				$self->deleteCasSession($casServiceSession);
181				$self->returnCasValidateError();
182				}
183
184				# Get username
185				my $username =
186				$localSession->data->{ $self->{casAttr} \|\| $self->{whatToTrace} };
187
188				$self->lmLog( "Get username $username", 'debug' );
189
190				# Return success message
191				$self->deleteCasSession($casServiceSession);
192				$self->returnCasValidateSuccess($username);
193
194				# We should not be there
195				return PE_ERROR;
196				}
197
198				# 4. SERVICE VALIDATE [CAS 2.0]
199				# 5. PROXY VALIDATE [CAS 2.0]
200				if ( ( $url_path =~ m#${issuerDBCASPath}${cas_serviceValidate}# )
201				\|\| ( $url_path =~ m#${issuerDBCASPath}${cas_proxyValidate}# ) )
202				{
203
204				my $urlType = (
205				$url_path =~ m#${issuerDBCASPath}${cas_serviceValidate}#
206				? 'SERVICE'
207				: 'PROXY'
208				);
209
210				$self->lmLog( "URL $url detected as an CAS $urlType VALIDATE URL",
211				'debug' );
212
213				# GET parameters
214				my $service = $self->param('service');
215				my $ticket = $self->param('ticket');
216				my $pgtUrl = $self->param('pgtUrl');
217				my $renew = $self->param('renew');
218
219				# PGTIOU
220				my $casProxyGrantingTicketIOU;
221
222				# Required parameters: service and ticket
223				unless ( $service and $ticket ) {
224				$self->lmLog( "Service and Ticket parameters required", 'error' );
225				$self->returnCasServiceValidateError( 'INVALID_REQUEST',
226				'Missing mandatory parameters (service, ticket)' );
227				}
228
229				$self->lmLog(
230				"Get "
231				. lc($urlType)
232				. " validate request with ticket $ticket for service $service",
233				'debug'
234				);
235
236				# Get CAS session corresponding to ticket
237				if ( $urlType eq 'SERVICE' and !( $ticket =~ s/^ST-// ) ) {
238				$self->lmLog( "Provided ticket is not a service ticket (ST)",
239				'error' );
240				$self->returnCasServiceValidateError( 'INVALID_TICKET',
241				'Provided ticket is not a service ticket' );
242				}
243				elsif ( $urlType eq 'PROXY' and !( $ticket =~ s/^(P\|S)T-// ) ) {
244				$self->lmLog(
245				"Provided ticket is not a service or proxy ticket ($1T)",
246				'error' );
247				$self->returnCasServiceValidateError( 'INVALID_TICKET',
248				'Provided ticket is not a service or proxy ticket' );
249				}
250
251				my $casServiceSession = $self->getCasSession($ticket);
252
253				unless ($casServiceSession) {
254				$self->lmLog( "$urlType ticket session $ticket not found",
255				'error' );
256				$self->returnCasServiceValidateError( 'INVALID_TICKET',
257				'Ticket not found' );
258				}
259
260				$self->lmLog( "$urlType ticket session $ticket found", 'debug' );
261
262				# Check service
263				unless ( $service eq $casServiceSession->data->{service} ) {
264				$self->lmLog(
265				"Submitted service $service does not match initial service "
266				. $casServiceSession->data->{service},
267				'error'
268				);
269
270				$self->deleteCasSession($casServiceSession);
271				$self->returnCasServiceValidateError( 'INVALID_SERVICE',
272				'Submitted service does not match initial service' );
273				}
274
275				$self->lmLog( "Submitted service $service match initial servce",
276				'debug' );
277
278				# Check renew
279				if ( $renew eq 'true' ) {
280
281				# We should check the ST was delivered with primary credentials
282				$self->lmLog( "Renew flag detected ", 'debug' );
283
284				unless ( $casServiceSession->data->{renew} ) {
285				$self->lmLog(
286				"Authentication renew requested, but not done in former authentication process",
287				'error'
288				);
289				$self->deleteCasSession($casServiceSession);
290				$self->returnCasValidateError();
291				}
292
293				}
294
295				# Proxies (for PROXY VALIDATE only)
296				my $proxies = $casServiceSession->data->{proxies};
297
298				# Proxy granting ticket
299				if ($pgtUrl) {
300
301				# Create a proxy granting ticket
302				$self->lmLog(
303				"Create a CAS proxy granting ticket for service $service",
304				'debug' );
305
306				my $casProxyGrantingSession = $self->getCasSession();
307
308				if ($casProxyGrantingSession) {
309
310				my $PGinfos;
311
312				# PGT session
313				$PGinfos->{type} = 'casProxyGranting';
314				$PGinfos->{service} = $service;
315				$PGinfos->{_cas_id} = $casServiceSession->data->{_cas_id};
316				$PGinfos->{_utime} = $casServiceSession->data->{_utime};
317
318				# Trace proxies
319				$PGinfos->{proxies} = (
320				$proxies
321				? $proxies . $self->{multiValuesSeparator} . $pgtUrl
322				: $pgtUrl
323				);
324
325				my $casProxyGrantingSessionID = $casProxyGrantingSession->id;
326				my $casProxyGrantingTicket =
327				"PGT-" . $casProxyGrantingSessionID;
328
329				$casProxyGrantingSession->update($PGinfos);
330
331				$self->lmLog(
332				"CAS proxy granting session $casProxyGrantingSessionID created",
333				'debug'
334				);
335
336				# Generate the proxy granting ticket IOU
337				my $tmpCasSession = $self->getCasSession();
338
339				if ($tmpCasSession) {
340
341				$casProxyGrantingTicketIOU = "PGTIOU-" . $tmpCasSession->id;
342				$self->deleteCasSession($tmpCasSession);
343				$self->lmLog(
344				"Generate proxy granting ticket IOU $casProxyGrantingTicketIOU",
345				'debug'
346				);
347
348				# Request pgtUrl
349				if (
350				$self->callPgtUrl(
351				$pgtUrl,
352				$casProxyGrantingTicketIOU,
353				$casProxyGrantingTicket
354				)
355				)
356				{
357				$self->lmLog(
358				"Proxy granting URL $pgtUrl called with success",
359				'debug' );
360				}
361				else {
362				$self->lmLog(
363				"Error calling proxy granting URL $pgtUrl",
364				'warn' );
365				$casProxyGrantingTicketIOU = undef;
366				}
367				}
368
369				}
370				else {
371				$self->lmLog(
372				"Error in proxy granting ticket management, bypass it",
373				'warn' );
374				}
375				}
376
377				# Open local session
378				my $localSession =
379				$self->getApacheSession( $casServiceSession->data->{_cas_id}, 1 );
380
381				unless ($localSession) {
382				$self->lmLog(
383				"Local session "
384				. $casServiceSession->data->{_cas_id}
385				. " notfound",
386				'error'
387				);
388				$self->deleteCasSession($casServiceSession);
389				$self->returnCasServiceValidateError( 'INTERNAL_ERROR',
390				'No session associated to ticket' );
391				}
392
393				# Get username
394				my $username =
395				$localSession->data->{ $self->{casAttr} \|\| $self->{whatToTrace} };
396
397				$self->lmLog( "Get username $username", 'debug' );
398
399				# Return success message
400				$self->deleteCasSession($casServiceSession);
401				$self->returnCasServiceValidateSuccess( $username,
402				$casProxyGrantingTicketIOU, $proxies );
403
404				# We should not be there
405				return PE_ERROR;
406				}
407
408				# 6. PROXY [CAS 2.0]
409				if ( $url_path =~ m#${issuerDBCASPath}${cas_proxy}# ) {
410
411				$self->lmLog( "URL $url detected as an CAS PROXY URL", 'debug' );
412
413				# GET parameters
414				my $pgt = $self->param('pgt');
415				my $targetService = $self->param('targetService');
416
417				# Required parameters: pgt and targetService
418				unless ( $pgt and $targetService ) {
419				$self->lmLog( "Pgt and TargetService parameters required",
420				'error' );
421				$self->returnCasProxyError( 'INVALID_REQUEST',
422				'Missing mandatory parameters (pgt, targetService)' );
423				}
424
425				$self->lmLog(
426				"Get proxy request with ticket $pgt for service $targetService",
427				'debug' );
428
429				# Get CAS session corresponding to ticket
430				unless ( $pgt =~ s/^PGT-// ) {
431				$self->lmLog(
432				"Provided ticket is not a proxy granting ticket (PGT)",
433				'error' );
434				$self->returnCasProxyError( 'BAD_PGT',
435				'Provided ticket is not a proxy granting ticket' );
436				}
437
438				my $casProxyGrantingSession = $self->getCasSession($pgt);
439
440				unless ($casProxyGrantingSession) {
441				$self->lmLog( "Proxy granting ticket session $pgt not found",
442				'error' );
443				$self->returnCasProxyError( 'BAD_PGT', 'Ticket not found' );
444				}
445
446				$self->lmLog( "Proxy granting session $pgt found", 'debug' );
447
448				# Create a proxy ticket
449				$self->lmLog( "Create a CAS proxy ticket for service $targetService",
450				'debug' );
451
452				my $casProxySession = $self->getCasSession();
453
454				unless ($casProxySession) {
455				$self->lmLog( "Unable to create CAS proxy session", 'error' );
456				$self->returnCasProxyError( 'INTERNAL_ERROR',
457				'Error in proxy session management' );
458				}
459
460				my $Pinfos;
461				$Pinfos->{type} = 'casProxy';
462				$Pinfos->{service} = $targetService;
463				$Pinfos->{_cas_id} = $casProxyGrantingSession->data->{_cas_id};
464				$Pinfos->{_utime} = $casProxyGrantingSession->data->{_utime};
465				$Pinfos->{proxies} = $casProxyGrantingSession->data->{proxies};
466
467				$casProxySession->update($Pinfos);
468
469				my $casProxySessionID = $casProxySession->id;
470				my $casProxyTicket = "PT-" . $casProxySessionID;
471
472				$self->lmLog( "CAS proxy session $casProxySessionID created", 'debug' );
473
474				# Return success message
475				$self->returnCasProxySuccess($casProxyTicket);
476
477				# We should not be there
478				return PE_ERROR;
479				}
480
481				return PE_OK;
482				}
483
484				## @apmethod int issuerForAuthUser()
485				# Manage CAS request for unauthenticated user
486				# @return Lemonldap::NG::Portal error code
487				sub issuerForAuthUser {
488				my $self = shift;
489
490				# CAS URLs
491				my $issuerDBCASPath = $self->{issuerDBCASPath};
492				my $cas_login = 'login';
493				my $cas_logout = 'logout';
494				my $cas_validate = 'validate';
495				my $cas_serviceValidate = 'serviceValidate';
496				my $cas_proxyValidate = 'proxyValidate';
497				my $cas_proxy = 'proxy';
498
499				# Called URL
500				my $url = $self->url();
501				my $url_path = $self->url( -absolute => 1 );
502				$url_path =~ s#^//#/#;
503
504				# Session ID
505				my $session_id = $self->{sessionInfo}->{_session_id} \|\| $self->{id};
506
507				# Session creation timestamp
508				my $time = $self->{sessionInfo}->{_utime} \|\| time();
509
510				# 1. LOGIN
511				if ( $url_path =~ m#${issuerDBCASPath}${cas_login}# ) {
512
513				$self->lmLog( "URL $url detected as an CAS LOGIN URL", 'debug' );
514
515				# GET parameters
516				my $service = $self->getHiddenFormValue('service')
517				\|\| $self->param('service');
518				my $renew = $self->getHiddenFormValue('renew') \|\| $self->param('renew');
519				my $gateway = $self->getHiddenFormValue('gateway')
520				\|\| $self->param('gateway');
521				my $casServiceTicket;
522
523				# Renew
524				if ( $renew eq 'true' ) {
525
526				# Authentication must be replayed
527				$self->lmLog( "Authentication renew requested", 'debug' );
528				$self->{updateSession} = 1;
529				$self->{error} = $self->_subProcess(
530				qw(issuerDBInit authInit issuerForUnAuthUser extractFormInfo
531				userDBInit getUser setAuthSessionInfo setSessionInfo
532				setMacros setGroups setPersistentSessionInfo
533				setLocalGroups authenticate store authFinish)
534				);
535
536				# Return error if any
537				if ( $self->{error} > 0 ) {
538				$self->lmLog( "Error in authentication renew process",
539				'error' );
540				return $self->{error};
541				}
542				}
543
544				# If no service defined, exit
545				unless ( defined $service ) {
546				$self->lmLog( "No service defined in CAS URL", 'debug' );
547				return PE_OK;
548				}
549
550				# Check access on the service
551				my $casAccessControlPolicy = $self->{casAccessControlPolicy};
552
553				if ( $casAccessControlPolicy =~ /^(error\|faketicket)$/i ) {
554				$self->lmLog( "CAS access control requested on service $service",
555				'debug' );
556
557				if ( $self->_grant($service) ) {
558				$self->lmLog( "CAS service $service access allowed", 'debug' );
559				}
560
561				else {
562				$self->lmLog( "CAS service $service access not allowed",
563				'error' );
564
565				if ( $casAccessControlPolicy =~ /^(error)$/i ) {
566				$self->lmLog(
567				"Return error instead of redirecting user on CAS service",
568				'debug'
569				);
570				return PE_CAS_SERVICE_NOT_ALLOWED;
571				}
572
573				else {
574				$self->lmLog(
575				"Redirect user on CAS service with a fake ticket",
576				'debug' );
577				$casServiceTicket = "ST-F4K3T1CK3T";
578				}
579				}
580				}
581
582				unless ($casServiceTicket) {
583
584				# Check last authentication time to decide if
585				# the authentication is recent or not
586				my $casRenewFlag = 0;
587				my $last_authn_utime = $self->{sessionInfo}->{_lastAuthnUTime} \|\| 0;
588				if (
589				time() - $last_authn_utime < $self->{portalForceAuthnInterval} )
590				{
591				$self->lmLog(
592				"Authentication is recent, will set CAS renew flag to true",
593				'debug'
594				);
595				$casRenewFlag = 1;
596				}
597
598				# Create a service ticket
599				$self->lmLog( "Create a CAS service ticket for service $service",
600				'debug' );
601
602				my $casServiceSession = $self->getCasSession();
603
604				unless ($casServiceSession) {
605				$self->lmLog( "Unable to create CAS session", 'error' );
606				return PE_ERROR;
607				}
608
609				my $Sinfos;
610				$Sinfos->{type} = 'casService';
611				$Sinfos->{service} = $service;
612				$Sinfos->{renew} = $casRenewFlag;
613				$Sinfos->{_cas_id} = $session_id;
614				$Sinfos->{_utime} = $time;
615
616				$casServiceSession->update($Sinfos);
617
618				my $casServiceSessionID = $casServiceSession->id;
619				$casServiceTicket = "ST-" . $casServiceSessionID;
620
621				$self->lmLog( "CAS service session $casServiceSessionID created",
622				'debug' );
623				}
624
625				# Redirect to service
626				my $service_url = $service;
627				$service_url .= (
628				$service =~ /\?/
629				? '&ticket=' . $casServiceTicket
630				: '?ticket=' . $casServiceTicket
631				);
632
633				$self->lmLog( "Redirect user to $service_url", 'debug' );
634
635				$self->{urldc} = $service_url;
636
637				return $self->_subProcess(qw(autoRedirect));
638				}
639
640				# 2. LOGOUT
641				if ( $url_path =~ m#${issuerDBCASPath}${cas_logout}# ) {
642
643				$self->lmLog( "URL $url detected as an CAS LOGOUT URL", 'debug' );
644
645				# GET parameters
646				my $logout_url = $self->param('url');
647
648				# Delete linked CAS sessions
649				$self->deleteCasSecondarySessions($session_id);
650
651				# Delete local session
652				unless (
653				$self->_deleteSession( $self->getApacheSession( $session_id, 1 ) ) )
654				{
655				$self->lmLog( "Fail to delete session $session_id ", 'error' );
656				}
657
658				if ($logout_url) {
659
660				# Display a link to the provided URL
661				$self->lmLog( "Logout URL $logout_url will be displayed", 'debug' );
662
663				$self->info( "<h3>" . $self->msg(PM_BACKTOCASURL) . "</h3>" );
664				$self->info("<p><a href=\"$logout_url\">$logout_url</a></p>");
665				$self->{activeTimer} = 0;
666
667				return PE_CONFIRM;
668				}
669
670				return PE_LOGOUT_OK;
671
672				}
673
674				# 3. VALIDATE [CAS 1.0]
675				if ( $url_path =~ m#${issuerDBCASPath}${cas_validate}# ) {
676
677				$self->lmLog( "URL $url detected as an CAS VALIDATE URL", 'debug' );
678
679				# This URL must not be called by authenticated users
680				$self->lmLog(
681				"CAS VALIDATE URL called by authenticated user, ignore it",
682				'info' );
683
684				return PE_OK;
685				}
686
687				# 4. SERVICE VALIDATE [CAS 2.0]
688				if ( $url_path =~ m#${issuerDBCASPath}${cas_serviceValidate}# ) {
689
690				$self->lmLog( "URL $url detected as an CAS SERVICE VALIDATE URL",
691				'debug' );
692
693				# This URL must not be called by authenticated users
694				$self->lmLog(
695				"CAS SERVICE VALIDATE URL called by authenticated user, ignore it",
696				'info'
697				);
698
699				return PE_OK;
700				}
701
702				# 5. PROXY VALIDATE [CAS 2.0]
703				if ( $url_path =~ m#${issuerDBCASPath}${cas_proxyValidate}# ) {
704
705				$self->lmLog( "URL $url detected as an CAS PROXY VALIDATE URL",
706				'debug' );
707
708				# This URL must not be called by authenticated users
709				$self->lmLog(
710				"CAS PROXY VALIDATE URL called by authenticated user, ignore it",
711				'info' );
712
713				return PE_OK;
714				}
715
716				# 6. PROXY [CAS 2.0]
717				if ( $url_path =~ m#${issuerDBCASPath}${cas_proxy}# ) {
718
719				$self->lmLog( "URL $url detected as an CAS PROXY URL", 'debug' );
720
721				# This URL must not be called by authenticated users
722				$self->lmLog( "CAS PROXY URL called by authenticated user, ignore it",
723				'info' );
724
725				return PE_OK;
726				}
727
728				return PE_OK;
729				}
730
731				## @apmethod int issuerLogout()
732				# Destroy linked CAS sessions
733				# @return Lemonldap::NG::Portal error code
734				sub issuerLogout {
735				my $self = shift;
736
737				# Session ID
738				my $session_id = $self->{sessionInfo}->{_session_id} \|\| $self->{id};
739
740				# Delete linked CAS sessions
741				$self->deleteCasSecondarySessions($session_id);
742
743				return PE_OK;
744				}
745
746				1;
747
748				__END__
749
750				=head1 NAME
751
752				=encoding utf8
753
754				Lemonldap::NG::Portal::IssuerDBCAS - CAS IssuerDB for LemonLDAP::NG
755
756				=head1 DESCRIPTION
757
758				CAS Issuer implementation in LemonLDAP::NG
759
760				=head1 SEE ALSO
761
762				L<Lemonldap::NG::Portal>,
763				L<http://www.jasig.org/cas/protocol>
764
765				=head1 AUTHOR
766
767				=over
768
769				=item Clement Oudot, E<lt>clem.oudot@gmail.comE<gt>
770
771				=item FranÃ§ois-Xavier Deltombe, E<lt>fxdeltombe@gmail.com.E<gt>
772
773				=item Xavier Guimard, E<lt>x.guimard@free.frE<gt>
774
775				=back
776
777				=head1 BUG REPORT
778
779				Use OW2 system to report bug or ask for features:
780				L<http://jira.ow2.org>
781
782				=head1 DOWNLOAD
783
784				Lemonldap::NG is available at
785				L<http://forge.objectweb.org/project/showfiles.php?group_id=274>
786
787				=head1 COPYRIGHT AND LICENSE
788
789				=over
790
791				=item Copyright (C) 2010 by Xavier Guimard, E<lt>x.guimard@free.frE<gt>
792
793				=item Copyright (C) 2012 by FranÃ§ois-Xavier Deltombe, E<lt>fxdeltombe@gmail.com.E<gt>
794
795				=item Copyright (C) 2010, 2011, 2012 by Clement Oudot, E<lt>clem.oudot@gmail.comE<gt>
796
797				=back
798
799				This library is free software; you can redistribute it and/or modify
800				it under the terms of the GNU General Public License as published by
801				the Free Software Foundation; either version 2, or (at your option)
802				any later version.
803
804				This program is distributed in the hope that it will be useful,
805				but WITHOUT ANY WARRANTY; without even the implied warranty of
806				MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
807				GNU General Public License for more details.
808
809				You should have received a copy of the GNU General Public License
810				along with this program. If not, see L<http://www.gnu.org/licenses/>.
811
812				=cut