Aut - Authorization framework with flexible backends and UIs.
use Aut;
use Aut::UI::Console;
use Aut::Backend::Conf;
use Config::Frontend;
use Config::Backend::INI;
use strict;
my $cfg=new Config::Frontend(new Config::Backend::INI("./accounts.ini"));
my $backend=new Aut::Backend::Conf($cfg);
my $ui=new Aut::UI::Console();
my $aut=new Aut( Backend => $backend,
UI => $ui,
RSA_Bits => 512,
Levels => [ "admin", "user", "guest" ],
Adminlevel => "admin"
);
my $ticket=$aut->ticket_get("admin","testpass");
if (not $ticket->valid()) {
$ticket=new Aut::Ticket("admin","testpass");
$ticket->set_rights("admin");
$aut->ticket_create($ticket);
}
$ticket=$aut->login();
print "account :",$ticket->account(),"\n";
print "rights :",$ticket->rights(),"\n";
if ($ui->is_admin($ticket)) {
$aut->admin($ticket);
}
else {
$ui->message_ok(_T("You don't have administrator rights\n".
"You may not administer accounts."));
}
print "account :",$ticket->account(),"\n";
print "rights :",$ticket->rights(),"\n";
$aut->change_pass($ticket);
Aut is an authorization framework that provides flexible backends and flexible UIs (User Interfaces). It is build up around a combination of backend hashing (see Aut::Backend::Conf for an example) and RSA password encrypting and a ticket system and can be used to encrypt user data, while providing a secure escape to decrypt user data of a user whom lost his/hers password.
The goal of Aut is to provide a component that can be used to provide user authorization for applications. It's features are described in the following sections.
Aut can be instantiated with your own backend. This could be a backend that just uses e.g. the UNIX passwd system in combination with some extra features. Or you could connect to LDAP, etc.
The backend provides the basis for security. A good backend should be as secure as possible. The reference backend provided with this package does not guarantee this security, because it's based on configuration files. Configuration files tend to be able to be edited. So if someone wants to do harm, he/she could just delete the RSA keys (explained later on) from the configuration file.
See Aut::Backend::Conf for a reference interface.
Aut can be instantiated with your own User Interface. The reference implementation is a Console Based one, that is clearly utterly simple. There exists an other interface for wxPerl (Aut::UI::Wx).
E.g., when a user logs in using Aut, Aut will call the right UI functions to establish the interaction with the user. See Aut::UI::Console for a reference interface.
Aut works with a ticket system. If a user logs in, he/she gets a ticket. This ticket gives the user his/hers rights in the context of an application.
Also a ticket is a container for other application specific things. So an application can set() and get() all kinds of information that it needs to provide context to a certain authorization level. E.g., an administrator can have access to adminstration functionality through the ticket.
A default feature that is provided by the Aut framework is the possibility to encrypt and decrypt data with the ticket. If a user has a valid ticket, he/she can encrypt and decrypt his/hers data. This makes it possible to use this ticket system with applications that store data that has to be private. E.g. a patient document system.
There's a catch in such systems. If the user looses his/hers password, he/she won't be able to decrypt his/hers data. This poses a problem for helpdesks. The Aut systems provides the following backup for this situation.
If a user looses his/hers password, an administrator would normally provide the user with a new password. However, this would mean that the users looses all his/hers encrypted data, because his/hers password is connected to the encrypted data by means of encryption/decryption keys. This section describes the solution that Aut uses to address this problem.
new(Backend => ..., UI => ..., RSA_bits => ..., Levels => ..., Adminlevel => ...) --> Aut
Backend=> AnAut::Backend::...object.
UI=> anAut::UI:...object.
RSA_bits=> an integer >=512.
Levels> A list of application authorization levels. Defaults to[ "admin", "mutate", "view" ].
AdminLevel> the administrator authorization level (should be an element ofLevels.Instantiates a new Aut object with given paramters. This function calls an internal initialization function, that initializes the given backend, if this is necessary. It is necessary to initialize the backend, if there exists no RSA keypair in the backend. If this is the case, a user interaction follows, where the user is asked to provide a password for the RSA keypair.
has_accounts() --> booleanReturns true, if there are accounts in the Aut system; returns false otherwise.
is_admin(ticket) --> booleanReturns true, if the rights() method of ticket equals
Adminleveland the given ticket is valid. Returns false, otherwise.
status() --> stringReturns the current status of the Aut object. Possible states are:
last_error() --> stringReturns the last error message.
exists(account) --> booleanReturns true, if account exists, false otherwise.
list_accounts() --> (list string)Returns a list of all accounts that exist in the backend.
ticket_create(ticket) --> voidGiven a ticket with an account, password, seed and rights (see Aut::Ticket), this function will create a new account in the Aut Backend.
ticket_update(ticket) --> voidGiven a ticket with an account, password, seed and rights (see Aut::Ticket), this function will update an existing account in the Aut Backend.
ticket_get(account,password) --> Aut::TicketGiven an account and a password, this function will try to get the account information from the backend. If the account does not exist, or the password isn't correct, this function will return a ticket with property 'invalid' (see Aut::Ticket). Otherwise, this function will return a valid ticket with the rights and seed information from the backend. However, if seed or rights have been modified, the ticket won't be valid anymore. All retreived information will be there. In case of a problem: the status of the Aut object will have been modified. It can be set to the following values:
ticket_remove(ticket) --> voidRemoves the account that ticket stands for from the backend and invalidates the ticket.
These functions give the program the possibility to set, get and del configuration items. The items will be encrypted.
set(ticket,var,val) --> voidWill set the variable 'var' in the backend configuration part to value 'val'.
get(ticket,var) --> valueWill get the variable 'var' from the backend. The value retreived will be decrypted.
del(ticket,var) --> voidWill delete variable 'var' from the backend.
ticket_admin_get(user_account [, password]) --> ticketThis function does the same as
ticket_get, but from the administrators perspective. It takes a user_account and an optional password. This password is the password of the private key that can be used to decypher the rsa_encrypted variant of the user's password. With the decyphered rsa_encrypted user's password this function just callsticket_get.If the password for the private key is not correct, an invalid ticket will be returned. Otherwise, the result of
ticket_getis returned.
ticket_all_admin_get([pass]) --> (list Aut::Ticket)This function asks via the given User Interface Object (Aut::UI::...) the password for the private key that can be used to decypher the rsa_encrypted variants of account passwords (or gets it through the optional
passparameter) and uses it to return tickets for all accounts that are reported throughlist_accounts().Returns a list of tickets. Or, if the rsa private key could not be decrypted,
undef.Note! If undef is returned and put into a list by assignment (
@tickets=ticket_all_admin_get()),the undef will be inside the list!
login([Any]) --> Aut::TicketThis function calls the
login()function of the UI, which is expected to return anAut::Ticketobject. It passes through any given argument. Look at Aut::UI::Console for an implementation.
logout(ticket [,Any]) --> voidThis function calls the
logout()function of the UI. If this function returns true, the ticket is invalidated..
admin(ticket [,Any]) --> voidThis function takes a ticket. If this ticket has administrator rights (is_admin(ticket) equals true), it will call the
admin()function of the UI, otherwise it will call themessage_ok()function of the UI (see Aut::UI::Console).The admin() function is used to administer accounts.
change_pass(ticket [,Any]) --> voidThis function takes a ticket. If the ticket is valid, it will call the
change_pass()function of the UI, which will change the password for the account related to the given ticket. Otherwise, it will display a message about invalidity of the given ticket.See Aut::UI::Console for an implementation of this function.
check_pass(pass) --> stringThis function checks if a given password is conform some standards. At this moment the only thing checked, is the password's length (>=6 characters).
If you need a different implementation of this function, you may want to derive a new package from
Autand overload this function (all perl functions are virtual).This function returns the empty string (""), if the password is conform the implemented standard, otherwise it returns a (possibly localized) error message, sets the status of
Autto"EBADPASS"and sets thelast_error()string to the returned error string.
Aut::Ticket, Aut::Backend::Conf, Aut::UI::Console.
Hans Oesterholt-Dijkema <oesterhol@cpan.org>
(c)2004 Hans Oesterholt-Dijkema, This module is distributed under Artistic license.
