Kjetil Kjernsmo > AxKit-XSP-BasicSession-0.23_3 > AxKit::XSP::BasicAuth



Annotate this POD


Open  0
Stalled  1
View/Report Bugs
Module Version: 0.22   Source  


AxKit::XSP::BasicAuth - Tag library for basic cookie-based authentication.


Add the session: namespace to your XSP <xsp:page> tag:


And add this taglib to AxKit (via httpd.conf or .htaccess):

    SetHandler AxKit
    PerlModule Apache::AxKit::Plugin::BasicAuth

    <Location />
      AuthType Apache::AxKit::Plugin::BasicAuth
      AuthName BasicSession
    <Location /style>
      require valid-user

    # Session Management
    AxAddPlugin Apache::AxKit::Plugin::BasicSession
    PerlSetVar BasicSessionDataStore DB_File
    PerlSetVar BasicSessionArgs      "FileName => /tmp/session"

    AxAddPlugin Apache::AxKit::Plugin::BasicSession
    AxAddPlugin Apache::AxKit::Plugin::AddXSLParams::BasicSession

    # Authentication
    PerlSetVar BasicSessionLoginScript /login


This taglib provides simple form-and-cookie based authentication using Apache::Session and Apache::AuthCookie.

In the tag reference below, AuthNameToken designates the name given for AuthName.

Tag Reference ^


Attempt to log the user in.

Typically, the page you set in AuthNameTokenLoginScript is an XSP page that uses a form built with PerForm to check the user. After verifying the identity of the user (e.g. in start_submit), you will have use this tag tell BasicAuth that the user is authenticated and that the username/password information should be stored in the session.

In constructing your form, it is important to understand that BasicAuth is expecting your username to be in a form field called credential_0. That is the only required form field name, but if other fields are named in the credential_? format, the will be stored in the session information as well. This allows you to store the plaintext user password in credential_1 if you need access to it (among other things).


Log the user out. This is done by removing any keys that match the credential_\d+ regular expression from the session information.


Returns the username that was used to log in.


Returns true if the page if the session contains a logged in user.


Mark A. Hershberger, mah@everybody.org


Copyright (c) 2003 Mark A. Hershberger. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.


AxKit, Apache::Session, AxKit::XSP::Session, AxKit::XSP::BasicSession

Cocoon2 Session Taglib (http://xml.apache.org/cocoon2/userdocs/xsp/session.html)

syntax highlighting: