AxKit::XSP::BasicAuth - Tag library for basic cookie-based authentication.
Add the session: namespace to your XSP
<xsp:page language="Perl" xmlns:xsp="http://apache.org/xsp/core/v1" xmlns:auth="http://www.nichework.com/2003/XSP/BasicAuth" xmlns:session="http://www.axkit.org/2002/XSP/BasicSession">
And add this taglib to AxKit (via httpd.conf or .htaccess):
SetHandler AxKit PerlModule Apache::AxKit::Plugin::BasicAuth <Location /> AuthType Apache::AxKit::Plugin::BasicAuth AuthName BasicSession </Location> <Location /style> require valid-user </Location> # Session Management AxAddPlugin Apache::AxKit::Plugin::BasicSession PerlSetVar BasicSessionDataStore DB_File PerlSetVar BasicSessionArgs "FileName => /tmp/session" AxAddPlugin Apache::AxKit::Plugin::BasicSession AxAddPlugin Apache::AxKit::Plugin::AddXSLParams::BasicSession # Authentication PerlSetVar BasicSessionLoginScript /login
This taglib provides simple form-and-cookie based authentication using Apache::Session and Apache::AuthCookie.
In the tag reference below, AuthNameToken designates the name given for AuthName.
Attempt to log the user in.
Typically, the page you set in AuthNameTokenLoginScript is an XSP page that uses a form built with PerForm to check the user. After verifying the identity of the user (e.g. in start_submit), you will have use this tag tell BasicAuth that the user is authenticated and that the username/password information should be stored in the session.
In constructing your form, it is important to understand that BasicAuth is expecting your username to be in a form field called credential_0. That is the only required form field name, but if other fields are named in the credential_? format, the will be stored in the session information as well. This allows you to store the plaintext user password in credential_1 if you need access to it (among other things).
Log the user out. This is done by removing any keys that match the credential_\d+ regular expression from the session information.
Returns the username that was used to log in.
Returns true if the page if the session contains a logged in user.
Mark A. Hershberger, email@example.com
Copyright (c) 2003 Mark A. Hershberger. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
Cocoon2 Session Taglib (http://xml.apache.org/cocoon2/userdocs/xsp/session.html)