Lemonldap:NG::Portal::UserDB - Writing user storage modules for LemonLDAP::NG.

       LemonLDAP::NG team <http://lemonldap-ng.org/team>

       Use       OW2       system       to       report       bug       or       ask        for        features:
       <https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>

       See COPYING file for details.

       This  library  is  free  software;  you  can  redistribute it and/or modify it under the terms of the GNU
       General Public License as published by the Free Software  Foundation;  either  version  2,  or  (at  your
       option) any later version.

       This  program  is  distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even
       the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General  Public
       License for more details.

       You  should  have received a copy of the GNU General Public License along with this program.  If not, see
       <http://www.gnu.org/licenses/>.

perl v5.40.1                                       2025-05-01                 Lemonldap::NG::Portal::UserDB(3pm)

       UserDB modules are used to search a user in user database. UserDB modules are independent objects that
       are instantiated by Lemonldap::NG portal. They must provide methods described below.

       Lemonldap::NG is available at <https://lemonldap-ng.org/download>

       Logging is provided by $self->logger and $self->userLogger. The following rules must be applied:

       logger->debug: technical debugging messages
       logger->info: simple technical information
       logger->notice: technical information that could interest administrators
       logger->warn: technical warning
       logger->error: error that must be reported to administrator
       userLogger->info: simple information about user's action
       userLogger->notice: information that may be registered (auth success,...)
       userLogger->warn: bad action of a user (auth failure). Auth/Combination transform it to "info" when
       another authentication scheme is available
       userLogger->error: bad action of a user that must be reported, (even if another backend is available with
       Combination)

AccessorsandmethodsprovidedbyLemonldap::NG::Common::Module
       p: portal object
       conf: configuration hash (as reference)
       logger alias for p->logger accessor
       userLogger alias for p->userLogger accessor
       error: alias for p->error method

       "Routes"management

       Like  any  module  that  inherits  from  Lemonldap::NG::Portal::Plugin, Lemonldap::NG::Portal::Main::Auth
       provides URI path functions:

       addAuthRoute: wrapper to Lemonldap::NG::Handler::PSGI::Try addAuthRoute() method
       addUnauthRoute: wrapper to Lemonldap::NG::Handler::PSGI::Try addUnauthRoute() method

       Example:

         sub init {
             ...
             $self->addAuthRoute( saml => { proxy => "proxySub" }, [ 'GET', 'POST' ] );
             ...
         }
         sub proxySub {
             my ( $self, $req ) = @_;
             ...
             # This sub must return a PSGI response. Example
             return [ 302, [ Location => 'http://x.y/' ], [] ];
         }

       This means that requests http://auth.../saml/proxy will be given to proxySub() method.

   MethodsthatmustbeprovidedbyaUserDBmoduleinit()

       Method launched after object creation (after each configuration reload). It must return a true  value  if
       authentication module is ready, false else.

       Methodscalledateachrequest

       All  these  methods must return a Lemonldap::NG::Portal::Main::Constants value.  They are called with one
       argument: a Lemonldap::NG::Portal::Main::Request object.

       Note: if you want to change process() next steps, you just have to change $req->steps array.

       getUser($req,%args)

       First method called to search user in database. If $args{useMail} is set  then  $req->{user}  contains  a
       mail address.

       setSessionInfo($req)

       This method is called after authentication process. It must populate $req->sessionInfo.

       setGroups($req)

       This  method  populates  $req->{sessionInfo}->{groups}  if backend is able to provide groups (LikeLDAP).
       Else, it juste return PE_OK.

       Lemonldap:NG::Portal::UserDB - Writing user storage modules for LemonLDAP::NG.

         package Lemonldap::NG::Portal::UserDB::My;

         use strict;
         use Mouse;
         # Add constants used by this module
         use Lemonldap::NG::Portal::Main::Constants qw(PE_OK);

         our $VERSION = '0.1';

         extends 'Lemonldap::NG::Portal::Main::UserDB';

         sub init {
             ...
         }

         sub getUser {
             my ( $self, $req, %args ) = @_;
             ...
         }

         sub setSessionInfo {
             my ( $self, $req ) = @_;
             ...
         }

         sub setGroups {
             my ( $self, $req ) = @_;
             ...
         }