Your application can know the connected user using:
To get more information on user (name, mail, etc.), you have to read HTTP headers.
Examples with a configured header named 'Auth-User':
print "Connected user: ".$ENV{HTTP_AUTH_USER};
print "Connected user: ".$_SERVER["HTTP_AUTH_USER"];
Using this feature, you don't have to use virtual host protection: protection is embedded in Lemonldap::NG::Handler::CGI.
The protection parameter must be set when calling the new() method:
none
: no protectionauthenticate
: check authentication but do not manage authorizationmanager
: rely on virtual host configuration in Managerrule: xxx
: apply a specific rule Example:
my $cgi = new CGI; ...
my $cgi = Lemonldap::NG::Handler::CGI->new ({ protection => 'authenticate' }); print $cgi->header; print $cgi->start_html; ...
Then you can access to user datas
# Get attributes (or macros) my $cn = $cgi->user->{cn} # Test if user is member of a Lemonldap::NG group (or LDAP mapped group) if( $cgi->group('admin') ) { # special html code for admins } else { # another HTML code }