The SecureToken Handler is a particular Handler that generates a token at each request and send it to protected application. User identifier is stored in a Memcached server and the protected application can retrieve the user identifier from the Memcached server.
This mechanism allows one to protect an application with an unsafe link between Handler and the application, but with a safe link between the Memcached server and the application.
Install Cache::Memcached dependency.
You just have to set “Type: SecureToken” in the VirtualHost options in manager.
If you want to protect only a virtualHost location, select “Main” in the manager and set type in your web server configuration file:
PerlSetVar VHOSTTYPE SecureToken
directivefastcgi_param VHOSTTYPE SecureToken;
parameterNote
This handler uses Apache2Filter Module to hide token, prefer Handling server webservice calls for other servers.
SecureToken parameters are the following:
Attention
SecureToken Handler paremeters must be set in lemonldap-ng.ini
file
not in Manager, for example:
[handler]
secureTokenMemcachedServers = 127.0.0.1:11211
secureTokenExpiration = 60
secureTokenAttribute = uid
secureTokenUrls = .*
secureTokenHeader = Auth-Token
secureTokenAllowOnError = 1