NAME

Apache::Wyrd::Services::LoginServer - Login service For Auth object

SYNOPSIS

  <Location /logins/login.html>
    SetHandler  perl-script
    PerlHandler Apache::Wyrd::Services::LoginServer
    PerlSetVar  TicketDBFile   /var/run/www/ticketfile.db
    PerlSetVar  Debug   0
  </Location>

DESCRIPTION

The Login Server provides SSL encryption for a login to a Apache::Wyrd::Auth module when it must run on an insecure port. This behavior is described in the documentation for Apache::Wyrd::Services::Auth.

It uses the TicketPad module to keep a cache of 100 recent tickets. If presented with a POST request with a 'key' parameter, it stores the key and returns OK. If presented with an authorization set (on_success, [on_fail], user, password, ticket), it returns the data to the server via a redirected GET request with the challenge parameter set to the encrypted data.

The TicketPad has a limited capacity, and old tickets are removed as new ones are added. If the authorization request is so stale it asks for a ticket that has been discarded, the LoginServer returns the status HTTP_SERVICE_UNAVAILABLE.

All other accesses fail with an AUTH_REQUIRED

PERL METHODS

(format: (returns) name (arguments after self))

(RESPONSE) handler (Apache)

The handler handles all functions.

PERLSETVAR DIRECTIVES

TicketDBFile

Location of the DB file holding the tickets. It should be writable by the Apache process. It should probably be unreadable by anyone else.

Debug

Set to true to allow debugging, which will go to the error log.

BUGS/CAVEATS/RESERVED METHODS

Size of the ticketpad is not configurable.

AUTHOR

Barry King <wyrd@nospam.wyrdwright.com>

SEE ALSO

Apache::Wyrd::Services::Auth

Authorization handler

Apache::Wyrd::Services::Key

Shared-memory encryption key and cypher.

LICENSE

Copyright 2002-2007 Wyrdwright, Inc. and licensed under the GNU GPL.

See LICENSE under the documentation for Apache::Wyrd.