Home · Authors · Recent · News · Mirrors · FAQ · Feedback

in  
Sean P. Quinlan > SQCAS-0.24 > SQCAS::Apache::Authentication

Download:
SQCAS-0.24.tar.gz

Dependencies

Annotate this POD

CPAN RT

Open  0
Report a bug
Module Version: 0.4   Source  

NAME ^

SQCAS::Apache::Authentication - Apache handler for authenticating users.

SYNOPSIS ^

  use SQCAS::Apache::Authentication;
  blah blah blah

ABSTRACT ^

  This should be the abstract for SQCAS::Apache::Authentication.
  The abstract is used when making PPD (Perl Package Description) files.
  If you don't want an ABSTRACT you should also edit Makefile.PL to
  remove the ABSTRACT_FROM option.

DESCRIPTION ^

Stub documentation for SQCAS::Apache::Authentication, created by h2xs. It looks like the author of the extension was negligent enough to leave the stub unedited.

Blah blah blah.

EXPORT

None by default.

METHODS ^

handler

This function is called to verify the username and password provided to the login CGI by the user. It will imediatly return unless both the username and password were provided (well, technically, evaluate to true). It then connects to the database (using DNAcore::Auth) and gets the user ID and password for the supplied username.

Perls crypt function is called using the suplied password as the word and the password from the db as the salt. If the result matches the stored password, access will be granted. A session key is generated using md5_hex and the user ID, remote IP and time are stored in the db on that key.

If authentication fails, the reason is returned. Otherwise the OK Apache constant is returned.

## NEW

OK, since this will be the same - server version we can continue to use custom_response. It's worth noting however that the remote check version needs to return just the AUTH_REQUIRED response & let the caller handle redirects.

%CONFIG comes from base class

 ###
 # COOKIE is the biggest hangup I have ATM in making this function as a truly
 # centralized authorization server. It looks like I can specify the domain
 # name as well as path in HTTP1.1, but I have yet to test this, nor do I
 # know the syntax using set_header. But in theory I can loop over all defined
 # domains (yeah, I need to extend schema to record them) that SQCAS services
 # and set the cookie in that domain.
 ###

##

HISTORY ^

0.01

Original version; created by h2xs 1.22 with options

  -AXC
        -n
        SQCAS::Apache::Authentication
0.4

First prototype, adapted from concepts in the functional MGH::Auth module.

SEE ALSO ^

Mention other useful documentation such as the documentation of related modules or operating system documentation (such as man pages in UNIX), or any relevant external documentation such as RFCs or standards.

If you have a mailing list set up for your module, mention it here.

If you have a web site set up for your module, mention it here.

AUTHOR ^

Sean Quinlan, <seanq@darwin.bu.edu>

COPYRIGHT AND LICENSE ^

Copyright 2004 by Sean Quinlan, Trustees of Boston University

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

59777 Uploads, 19137 Distributions 76354 Modules, 7845 Uploaders
hosted by YellowBot
do. tag. write. share.