Apache-SecSess
view release on metacpan or search on metacpan
## don't perform in subrequests
unless ($r->is_initial_req) { return OK; }
$log->debug(ref($self), "->renew():");
$cred = $self->getCredentials($r);
$resp = $self->validateCredentials($r, $cred);
unless (ref($resp)) { $log->error($resp); return SERVER_ERROR; }
unless ($resp->{renew}) { # make sure credentials are sufficiently fresh
$log->warn("Timeout before renewal."); # or replay attempt?
if ($msg = $resp->{message}) { $log->info($msg); }
unless ($resp->{uri}) { return SERVER_ERROR; }
$r->header_out(Location => $resp->{uri});
return REDIRECT;
}
$resp = $self->issueCredentials($r);
unless (ref($resp)) { $log->error($resp); return SERVER_ERROR; }
if ($msg = $resp->{message}) { $log->info($msg); }
unless ($resp->{uri}) { return SERVER_ERROR; }
$r->header_out(Location => $resp->{uri});
These have the obvious meaning and must agree in host, scheme, and
path with the corresponding Apache directives, as shown in the EXAMPLE
section. Generally for example,
authenURL => Where to go to get the appropriate credentials for a requested
resource.
defaultURL => Where to go after logging in (if no initial request was made).
timeoutURL => Where to go to delete credentials. Timeouts and signouts
are both sent here.
=head2 URL Chaining Arguments
chainURLS => <arrayref>, issueURL => <string>
Apache::SecSess is designed to use cookies for most local authentication. By
their definition, cookies are restricted to a host, a DNS domain or subdomain.
The subclass Apache::SecSess::URL, which allows you to span authentication
across DNS domains, requires additional arguments to accomplish this. The
demo/ht/adam.acme.com/signout/timeout.html view on Meta::CPAN
<& /index.comp, title => 'Session Timeout', content => $content &>
<%init>
my %messages = (
idle =>
'<b>Idle Timeout:</b> your session remained inactive for too long.',
expire =>
'<b>Expiration:</b> your session has expired.',
notvalid =>
'<b>No Longer Valid:</b> your session credentials are no longer valid.',
unknown =>
'<b>Unknown Reason.</b>'
);
my $content = <<"ENDCONTENT";
<font color="#f42424" size=5>Session Timeout.</font><p>
Your login session has timed out due to the following reason:
<ul>
<li> $messages{$type}
</ul>
Please log in again.
ENDCONTENT
</%init>
<%args>
demo/ht/john.sec.acme.com/signout/timeout.html view on Meta::CPAN
<& /index.comp, title => 'Session Timeout', content => $content &>
<%init>
my %messages = (
idle =>
'<b>Idle Timeout:</b> your session remained inactive for too long.',
expire =>
'<b>Expiration:</b> your session has expired.',
notvalid =>
'<b>No Longer Valid:</b> your session credentials are no longer valid.',
unknown =>
'<b>Unknown Reason.</b>'
);
my $content = <<"ENDCONTENT";
<font color="#f42424" size=5>Session Timeout.</font><p>
Your login session has timed out due to the following reason:
<ul>
<li> $messages{$type}
</ul>
Please log in again.
ENDCONTENT
</%init>
<%args>
demo/ht/lysander.acme.com/signout/timeout.html view on Meta::CPAN
<& /index.comp, title => 'Session Timeout', content => $content &>
<%init>
my %messages = (
idle =>
'<b>Idle Timeout:</b> your session remained inactive for too long.',
expire =>
'<b>Expiration:</b> your session has expired.',
notvalid =>
'<b>No Longer Valid:</b> your session credentials are no longer valid.',
unknown =>
'<b>Unknown Reason.</b>'
);
my $content = <<"ENDCONTENT";
<font color="#f42424" size=5>Session Timeout.</font><p>
Your login session has timed out due to the following reason:
<ul>
<li> $messages{$type}
</ul>
Please log in again.
ENDCONTENT
</%init>
<%args>
demo/ht/milt.sec.acme.com/signout/timeout.html view on Meta::CPAN
<& /index.comp, title => 'Session Timeout', content => $content &>
<%init>
my %messages = (
idle =>
'<b>Idle Timeout:</b> your session remained inactive for too long.',
expire =>
'<b>Expiration:</b> your session has expired.',
notvalid =>
'<b>No Longer Valid:</b> your session credentials are no longer valid.',
unknown =>
'<b>Unknown Reason.</b>'
);
my $content = <<"ENDCONTENT";
<font color="#f42424" size=5>Session Timeout.</font><p>
Your login session has timed out due to the following reason:
<ul>
<li> $messages{$type}
</ul>
Please log in again.
ENDCONTENT
</%init>
<%args>
demo/ht/noam.acme.org/signout/timeout.html view on Meta::CPAN
<& /index.comp, title => 'Session Timeout', content => $content &>
<%init>
my %messages = (
idle =>
'<b>Idle Timeout:</b> your session remained inactive for too long.',
expire =>
'<b>Expiration:</b> your session has expired.',
notvalid =>
'<b>No Longer Valid:</b> your session credentials are no longer valid.',
unknown =>
'<b>Unknown Reason.</b>'
);
my $content = <<"ENDCONTENT";
<font color="#f42424" size=5>Session Timeout.</font><p>
Your login session has timed out due to the following reason:
<ul>
<li> $messages{$type}
</ul>
Please log in again.
ENDCONTENT
</%init>
<%args>
demo/ht/stu.transacme.com/signout/timeout.html view on Meta::CPAN
<& /index.comp, title => 'Session Timeout', content => $content &>
<%init>
my %messages = (
idle =>
'<b>Idle Timeout:</b> your session remained inactive for too long.',
expire =>
'<b>Expiration:</b> your session has expired.',
notvalid =>
'<b>No Longer Valid:</b> your session credentials are no longer valid.',
unknown =>
'<b>Unknown Reason.</b>'
);
my $content = <<"ENDCONTENT";
<font color="#f42424" size=5>Session Timeout.</font><p>
Your login session has timed out due to the following reason:
<ul>
<li> $messages{$type}
</ul>
Please log in again.
ENDCONTENT
</%init>
<%args>
demo/ht/tom.acme.com/signout/timeout.html view on Meta::CPAN
<& /index.comp, title => 'Session Timeout', content => $content &>
<%init>
my %messages = (
idle =>
'<b>Idle Timeout:</b> your session remained inactive for too long.',
expire =>
'<b>Expiration:</b> your session has expired.',
notvalid =>
'<b>No Longer Valid:</b> your session credentials are no longer valid.',
unknown =>
'<b>Unknown Reason.</b>'
);
my $content = <<"ENDCONTENT";
<font color="#f42424" size=5>Session Timeout.</font><p>
Your login session has timed out due to the following reason:
<ul>
<li> $messages{$type}
</ul>
Please log in again.
ENDCONTENT
</%init>
<%args>
demo/httpdconf/httpd.sec1.conf view on Meta::CPAN
# in that order. The latter two files are now distributed empty, as it is
# recommended that all directives be kept in a single file for simplicity.
# The commented-out values below are the built-in defaults. You can have the
# server ignore these files altogether by using "/dev/null" (for Unix) or
# "nul" (for Win32) for the arguments to the directives.
#
#ResourceConfig conf/srm.conf
#AccessConfig conf/access.conf
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15
#
# Server-pool size regulation. Rather than making you guess how many
# server processes you need, Apache dynamically adapts to the load it
# sees --- that is, it tries to maintain enough server processes to
# handle the current load, plus a few spare servers to handle transient
# load spikes (e.g., multiple simultaneous requests from a single
# Netscape browser).
#
# It does this by periodically checking how many servers are waiting
demo/httpdconf/httpd.sec2.conf view on Meta::CPAN
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog builtin
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First either `none'
# or `dbm:/path/to/file' for the mechanism to use and
# second the expiring timeout (in seconds).
#SSLSessionCache none
#SSLSessionCache shm:/usr/local/apache/logs/ssl_scache(512000)
SSLSessionCache dbm:/usr/local/apache/logs/ssl_scache
SSLSessionCacheTimeout 300
# Semaphore:
# Configure the path to the mutual explusion semaphore the
# SSL engine uses internally for inter-process synchronization.
SSLMutex file:/usr/local/apache/logs/ssl_mutex
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the
# SSL library. The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
( run in 1.100 second using v1.01-cache-2.11-cpan-a5abf4f5562 )