view release on metacpan or  search on metacpan

AuthCookieDBI.pm  view on Meta::CPAN

        return;
    }

    # Decrypt the session key.
    my $session_key;
    if ( $c{DBI_encryptiontype} eq 'none' ) {
        $session_key = $encrypted_session_key;
    }
    else {

        # Check that this looks like an encrypted hex-encoded string.
        unless ( $encrypted_session_key =~ /^[0-9a-fA-F]+$/ ) {
            $r->log_reason(
"Apache::AuthCookieDBI: encrypted session key $encrypted_session_key doesn't look like it's properly hex-encoded for auth realm $auth_name",
                $r->uri
            );
            return;
        }

        # Get the cipher from the cache, or create a new one if the
        # cached cipher hasn't been created, & decrypt the session key.

README  view on Meta::CPAN

Apache::AuthCookieDBI is a module that subclasses Apache::AuthCookie and is
designed to be directly used for authentication in a mod_perl server.

It is a ticket-issuing system that looks up username/passwords in a DBI
database using generic SQL and issues MD5-checksummed tickets valid for
a configurable time period.  Incoming requests with tickets are
checksummed and expire-time checked.