1 |
# $Id: mod_auth_tkt.spec 8700 2010-03-23 13:48:00Z shuff $ |
2 |
# Authority: shuff |
3 |
# Upstream: <modauthtkt-users$lists,sourceforge,net> |
4 |
# ExcludeDist: el3 el4 |
5 |
|
6 |
Summary: Single-sign-on authentication module for Apache |
7 |
Name: mod_auth_tkt |
8 |
Version: 2.1.0 |
9 |
Release: 2%{?dist} |
10 |
License: GPL |
11 |
Group: System Environment/Daemons |
12 |
URL: http://www.openfusion.com.au/labs/mod_auth_tkt/ |
13 |
|
14 |
Packager: Steve Huff <shuff@vecna.org> |
15 |
Vendor: Dag Apt Repository, http://dag.wieers.com/apt/ |
16 |
|
17 |
Source: http://www.openfusion.com.au/labs/dist/mod_auth_tkt/mod_auth_tkt-%{version}.tar.gz |
18 |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root |
19 |
|
20 |
BuildRequires: httpd-devel |
21 |
Requires: httpd |
22 |
|
23 |
%description |
24 |
mod_auth_tkt is a lightweight single-sign-on authentication module for apache, |
25 |
supporting versions 2.0.x and 2.2.x. It uses secure cookie-based tickets to |
26 |
implement a single-signon framework that works across multiple apache instances |
27 |
and servers. |
28 |
|
29 |
mod_auth_tkt itself is completely repository-agnostic, as the actual |
30 |
authentication is done by a user-supplied CGI or script in your language of |
31 |
choice (examples are provided in Perl, with contrib libraries for use with |
32 |
python and PHP). This allows authentication against virtually any kind of user |
33 |
repository you can imagine (password files, ldap directories, databases, etc.) |
34 |
|
35 |
mod_auth_tkt supports inactivity timeouts (including the ability to control how |
36 |
aggressively the ticket is refreshed), the ability to include arbitrary user |
37 |
data within the cookie, configurable cookie names and domains, and token-based |
38 |
access to subsections of a site. |
39 |
|
40 |
mod_auth_tkt works by checking incoming Apache requests for a (user-defined) |
41 |
cookie containing a valid authentication ticket. The ticket is checked by |
42 |
generating an MD5 checksum for the username and any (optional) user data from |
43 |
the ticket together with the requesting IP address and a shared secret |
44 |
available to the server. If the generated MD5 checksum matches the ticket's |
45 |
checksum, the ticket is valid and the request is authorised. Requests without a |
46 |
valid ticket are redirected to a configurable URL which is expected to validate |
47 |
the user and generate a ticket for them. This package includes a Perl module |
48 |
and working CGI scripts for generating the cookies, as well as contributed |
49 |
classes for PHP and Python environments. |
50 |
|
51 |
%package cgi |
52 |
Summary: CGI scripts for mod_auth_tkt |
53 |
Group: Applications/System |
54 |
Requires: %{name} = %{version} |
55 |
Requires: perl(Apache::Htpasswd) |
56 |
|
57 |
%description cgi |
58 |
Perl CGI scripts for use with mod_auth_tkt. |
59 |
|
60 |
%prep |
61 |
%setup -n %{name}-%{version} |
62 |
|
63 |
%build |
64 |
./configure --apxs="%{_sbindir}/apxs" --apachever="2.2" |
65 |
%{__make} %{?_smp_mflags} |
66 |
|
67 |
%install |
68 |
%{__rm} -rf %{buildroot} |
69 |
mkdir -p $RPM_BUILD_ROOT%{_libdir}/httpd/modules |
70 |
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d |
71 |
mkdir -p $RPM_BUILD_ROOT/var/www/auth |
72 |
/usr/sbin/apxs -i -n "auth_tkt" -S LIBEXECDIR=$RPM_BUILD_ROOT%{_libdir}/httpd/modules src/mod_auth_tkt.la |
73 |
install -m 644 conf/02_auth_tkt.conf $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/ |
74 |
install -m 644 conf/auth_tkt_cgi.conf $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/ |
75 |
cp -pr cgi/* $RPM_BUILD_ROOT/var/www/auth |
76 |
rm -rf $RPM_BUILD_ROOT/var/www/auth/Apache |
77 |
pushd doc |
78 |
make DESTDIR=$RPM_BUILD_ROOT install |
79 |
popd |
80 |
|
81 |
%clean |
82 |
%{__rm} -rf %{buildroot} |
83 |
|
84 |
%files |
85 |
%defattr(-, root, root) |
86 |
%doc README* INSTALL LICENSE ChangeLog CREDITS contrib/ |
87 |
%doc %{_mandir}/man?/* |
88 |
%config(noreplace) %{_sysconfdir}/httpd/conf.d/02_auth_tkt.conf |
89 |
%{_libdir}/httpd/modules/* |
90 |
|
91 |
%files cgi |
92 |
%defattr(-, root, root) |
93 |
%attr(0640,root,apache) %config(noreplace) %{_sysconfdir}/httpd/conf.d/auth_tkt_cgi.conf |
94 |
%config(noreplace)/var/www/auth/AuthTktConfig.pm |
95 |
%config(noreplace)/var/www/auth/tkt.css |
96 |
/var/www/auth/*.cgi |
97 |
|
98 |
%changelog |
99 |
* Tue Mar 23 2010 Steve Huff <shuff@vecna.org> - 2.1.0-2 - 8700/shuff |
100 |
- The CGI Apache config file goes in the cgi package. |
101 |
|
102 |
* Wed Feb 10 2010 Steve Huff <shuff@vecna.org> - 2.1.0-1 |
103 |
- Initial package. |