/etc/lemonldap-ng/portal-apache2.X.conf is in liblemonldap-ng-portal-perl 1.9.16-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 | #====================================================================
# Apache configuration for LemonLDAP::NG Portal
#====================================================================
# Uncomment this if no previous NameVirtualHost declaration
#NameVirtualHost "*:80"
# Portal Virtual Host (auth.example.com)
<VirtualHost "*:80">
ServerName auth.example.com
# DocumentRoot
DocumentRoot /var/lib/lemonldap-ng/portal/
<Directory /var/lib/lemonldap-ng/portal/>
<IfVersion >= 2.3>
Require all granted
</IfVersion>
<IfVersion < 2.3>
Order Deny,Allow
Allow from all
</IfVersion>
Options +ExecCGI +FollowSymLinks
</Directory>
# Perl script
<Files *.pl>
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
#CGIPassAuth on
</Files>
<IfModule mod_dir.c>
DirectoryIndex index.pl index.html
</IfModule>
# SOAP functions for sessions management (disabled by default)
<Location /index.pl/adminSessions>
<IfVersion >= 2.3>
Require all denied
</IfVersion>
<IfVersion < 2.3>
Order Deny,Allow
Deny from all
</IfVersion>
</Location>
# SOAP functions for sessions access (disabled by default)
<Location /index.pl/sessions>
<IfVersion >= 2.3>
Require all denied
</IfVersion>
<IfVersion < 2.3>
Order Deny,Allow
Deny from all
</IfVersion>
</Location>
# SOAP functions for configuration access (disabled by default)
<Location /index.pl/config>
<IfVersion >= 2.3>
Require all denied
</IfVersion>
<IfVersion < 2.3>
Order Deny,Allow
Deny from all
</IfVersion>
</Location>
# SOAP functions for notification insertion (disabled by default)
<Location /index.pl/notification>
<IfVersion >= 2.3>
Require all denied
</IfVersion>
<IfVersion < 2.3>
Order Deny,Allow
Deny from all
</IfVersion>
</Location>
# SAML2 Issuer
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^/saml/metadata /metadata.pl
RewriteRule ^/saml/.* /index.pl
</IfModule>
# CAS Issuer
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^/cas/.* /index.pl
</IfModule>
# OpenID Issuer
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^/openidserver/.* /index.pl
</IfModule>
# OpenID Connect Issuer
<IfModule mod_rewrite.c>
RewriteEngine On
#RewriteCond %{HTTP:Authorization} .
#RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule ^/oauth2/.* /index.pl
RewriteRule ^/.well-known/openid-configuration$ /openid-configuration.pl
</IfModule>
# Get Issuer
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^/get/.* /index.pl
</IfModule>
# Public pages
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^/public* /public.pl
</IfModule>
<Location />
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css
SetOutputFilter DEFLATE
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
</IfModule>
<IfModule mod_headers.c>
Header append Vary User-Agent env=!dont-vary
</IfModule>
</Location>
<Location /skins/>
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 month"
</IfModule>
</Location>
# Uncomment this if site if you use SSL only
#Header set Strict-Transport-Security 15768000
</VirtualHost>
##############################################
## Best performance under ModPerl::Registry ##
##############################################
# Uncomment this to increase performance of Portal:
<Perl>
#require Lemonldap::NG::Portal::SharedConf;
#Lemonldap::NG::Portal::SharedConf->compile(
# qw(delete header cache read_from_client cookie redirect unescapeHTML));
# Uncomment this line if you use Lemonldap::NG menu
#require Lemonldap::NG::Portal::Menu;
# Uncomment this line if you use portal SOAP capabilities
#require SOAP::Lite;
</Perl>
|