Apache-AuthenPasswd
view release on metacpan or search on metacpan
AuthenPasswd.pm view on Meta::CPAN
unless ($user) {
$r->note_basic_auth_failure;
MP2 ? $r->log_error("Apache::AuthenPasswd - user $name: unknown", $r->uri) : $r->log_reason("Apache::AuthenPasswd - user $name: unknown", $r->uri);
return MP2 ? Apache::HTTP_UNAUTHORIZED : Apache::Constants::HTTP_UNAUTHORIZED;
}
if(crypt($sent_pwd, $passwd) eq $passwd) {
return MP2 ? Apache::OK : Apache::Constants::OK;
} else {
$r->note_basic_auth_failure;
MP2 ? $r->log_error("Apache::AuthenPasswd - user $name: bad password", $r->uri) : $r->log_reason("Apache::AuthenPasswd - user $name: bad password", $r->uri);
return MP2 ? Apache::HTTP_UNAUTHORIZED : Apache::Constants::HTTP_UNAUTHORIZED;
}
return MP2 ? Apache::OK : Apache::Constants::OK;
}
1;
__END__
AuthenPasswd.pm view on Meta::CPAN
</Directory>
These directives can also be used in the <Location> directive or in
an .htaccess file.
= head1 DESCRIPTION
**************** NOTICE *********************
Please, please, realize that this module will
only work with passwords that are stored in
/etc/passwd. Most systems use shadow
passwords now, and the call that this module
uses to access the password ONLY checks for
the password in the /etc/passwd file. Also,
the call that is needed to access passwords
in /etc/shadow cannot be called by anyone
other than root, so, (unless you are crazy
enough to run apache as root), you will not
be able to access /etc/shadow.
For more info on shadow passwords:
http://www.tldp.org/HOWTO/Shadow-Password-HOWTO.html
For alternatives that can access /etc/shadow from
apache:
http://mod-auth-shadow.sourceforge.net/
*********************************************
This perl module is designed to work with mod_perl. It is a direct
adaptation (i.e. I modified the code) of Michael Parker's
(B<parker@austx.tandem.com>) Apache::AuthenSmb module.
The module uses getpwnam to retrieve the B<passwd> entry from the
B</etc/passwd> file, using the supplied username as the search key. It
then uses B<crypt()> to verify that the supplied password matches the
retrieved hashed password.
= head2 Apache::AuthenPasswd vs. Apache::AuthzPasswd
I've taken "authentication" to be meaningful only in terms of a user and
password combination, not group membership. This means that you can use
Apache::AuthenPasswd with the B<require user> and B<require valid-user>
directives. In the /etc/passwd and /etc/group context I consider B<require
group> to be an "authorization" concern. I.e., group authorization
consists of establishing whether the already authenticated user is a member
of one of the indicated groups in the B<require group> directive. This
process may be handled by B<Apache::AuthzPasswd>. Admittedly, AuthzPasswd
is a misnomer, but I wanted to keep AuthenPasswd and AuthzPasswd related,
if only by name.
I welcome any feedback on this module, esp. code improvements, given
Makefile.PL view on Meta::CPAN
$^X,"-MCPANPLUS","-e","CPANPLUS::install $p");eval"use $p $v;1"
||system('sudo', $^X, "-MCPAN", "-e", "CPAN::install $p")}eval{
require CPANPLUS;CPANPLUS::install$p};eval"use $p $v;1"or eval{
require CPAN;CPAN::install$p};eval"use $p $v;1"||die"*** Please
manually install $p $v from cpan.org first...\n"}}}
# notify the user about the dangers of using /etc/passwd
BEGIN { print q{
**************** NOTICE *********************
Please, please, realize that this module will
only work with passwords that are stored in
/etc/passwd. Most systems use shadow
passwords now, and the call that this module
uses to access the password ONLY checks for
the password in the /etc/passwd file. Also,
the call that is needed to access passwords
in /etc/shadow cannot be called by anyone
other than root, so, (unless you are crazy
enough to run apache as root), you will not
be able to access /etc/shadow.
For more info on shadow passwords:
http://www.tldp.org/HOWTO/Shadow-Password-HOWTO.html
For alternatives that can access /etc/shadow from
apache:
http://mod-auth-shadow.sourceforge.net/
*********************************************
} }
# notify the user about mod_perl 2
BEGIN { print q{
**************** NOTICE *********************
Please, please, realize that this module will
only work with passwords that are stored in
/etc/passwd. Most systems use shadow
passwords now, and the call that this module
uses to access the password ONLY checks for
the password in the /etc/passwd file. Also,
the call that is needed to access passwords
in /etc/shadow cannot be called by anyone
other than root, so, (unless you are crazy
enough to run apache as root), you will not
be able to access /etc/shadow.
For more info on shadow passwords:
http://www.tldp.org/HOWTO/Shadow-Password-HOWTO.html
For alternatives that can access /etc/shadow from
apache:
http://mod-auth-shadow.sourceforge.net/
*********************************************
NAME
Apache::AuthenPasswd - mod_perl passwd Authentication module
DESCRIPTION
This perl module is designed to work with mod_perl and the
Net::NIS module by Rik Haris (rik.harris@fulcrum.com.au).
It is a direct adaptation (i.e. I modified the code) of
Michael Parker's (parker@austx.tandem.com) Apache::AuthenSmb
module.
The module uses getpwnam to retrieve the passwd entry from
the /etc/passwd file, using the supplied username as the
search key. It then uses crypt() to verify that the
supplied password matches the retrieved hashed password.
Apache::AuthenPasswdApache::AuthzPasswd
I've taken "authentication" to be meaningful only in terms
of a user and password combination, not group membership.
This means that you can use Apache::AuthenPasswd with the
require user and require valid-user directives. In the
/etc/passwd and /etc/group context I consider require group
to be an "authorization" concern. I.e., group authorization
consists of establishing whether the already authenticated
user is a member of one of the indicated groups in the
require group directive. This process may be handled by
Apache::AuthzPasswd. Admittedly, AuthzPasswd is a misnomer,
but I wanted to keep AuthenPasswd and AuthzPasswd related,
if only by name.
( run in 1.002 second using v1.01-cache-2.11-cpan-49f99fa48dc )