Contentment::Security::Manager - Interface implemented by Contentment security managers
The security manager is a singleton object used by the Contentment::Security class to determine the security permissions to grant the current request.
both documents the interface and provides a very simple implementation.
This implementation will be used if no other is provided.
The security manager interface must implement the following method:
Return an instance of the security manager.
This is named
instance because it is generally assumed that this object will be a single (see Class::Singleton).
It doesn't really have to be a singleton,
but this method will still only be called once.
Contentment::Security::Principal to associate with the request.
Contentment::Security::Principal matching the given username,
undef if no match can be found.
If you create a security manager, you need to modify the value of "security_manager" in the "Contentment::Plugin::Security" settings.
The built-in security system is simple. It uses Contentment::Security::Profile::Persistent to store usernames with passwords for authenticated users. It uses Contentment::Security::Profile::Scratch to store the rest. It will create a generic principal if no authentication has taken place (i.e., no principal has already been recorded in the Contentment::Session).
Authentication may be performed using the
logout method will return the session to an anonymous principal.
Any authenticated principal will always have at least two roles: "everybody" and "authenticated". Any anonymous principal will always have only two roles: "everybody" and "anonymous".
this method will return a true value and
get_principal may be used to fetch the newly authenticated principal.
this value returns false and
get_principal will continue to return whatever value was there before.
This method replaces the principal currently stored in the session with an anonymous principal.
This hook handler is for the "Contentment::Session::begin" hook. The handler loads the current principal.
This hook handler is for the "Contentment::Session::end" hook. The handler saves the current principal.
On success, this logs the user in.
It expects the following query parameters:
Andrew Sterling Hanenkamp, <email@example.com>
Copyright 2005 Andrew Sterling Hanenkamp. All Rights Reserved.
Contentment is licensed and distributed under the same terms as perl itself.