Apache::AuthenCache - Authentication caching used in conjuction with a primary authentication module (Apache::AuthenDBI, Apache::AuthenLDAP, etc.)
# In your httpd.conf PerlModule Apache::AuthenCache # In httpd.conf or .htaccess: AuthName Name AuthType Basic PerlAuthenHandler Apache::AuthenCache <Primary Authentication Module> Apache::AuthenCache::manage_cache require valid-user # Limited to valid-user # Optional parameters # Defaults are listed to the right. PerlSetVar AuthenCache_CacheTime 900 # Default: indefinite PerlSetVar AuthenCache_CaseSensitive Off # Default: On PerlSetVar AuthenCache_Encrypted Off # Default: On PerlSetVar AuthenCache_NoPasswd On # Default: Off
Apache::AuthenCache implements a caching mechanism in order to speed up authentication and to reduce the usage of system resources. It must be used in conjunction with a regular mod_perl authentication module (it was designed with AuthenDBI and AuthenLDAP in mind). For a list of mod_perl authentication modules see:
When a request that requires authorization is received, AuthenCache::handler looks up the REMOTE_USER in a per-realm file cache (using Cache::FileCache) and compares the cached password to the sent password. A new cache is created for the first request in a realm or if the realm's cache has expired. If the passwords match, the handler returns OK and clears the downstream Authen handlers from the stack. Otherwise, it returns DECLINED and allows the next PerlAuthenHandler in the chain to be called.
After the primary authentication handler completes with an OK, AuthenCache::manage_cache adds the new user to the cache.
The following variables can be defined within the configuration of Directory, Location, or Files blocks or within .htaccess files.
This directive contains the number of seconds before the cache is expired. Default is an indefinite time limit.
If this directive is set to 'Off', userid matches will be case insensitive. Default is 'On'.
The base directory for the cache. Defaults to /tmp.
If this directive is set to 'Off', passwords are not encrypted. Default is 'On', ie passwords use standard Unix crypt.
If this directive is set to 'On', passwords must be blank. Default is 'Off'.
Umask for the cache. Defaults to 007.
mod_perl 1.26 or greater is required. Cache::Cache is also required.
crypt(3c), httpd(8), mod_perl(1)
Jason Bodnar <firstname.lastname@example.org> Christian Gilmore <email@example.com>
Copyright (C) 1998-2002, Jason Bodnar. Copyright (C) 2003 International Business Machines Corporation and others. All Rights Reserved.
This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.