view release on metacpan or  search on metacpan

lib/Apache/AuthenURL/Cache.pm  view on Meta::CPAN

my(%ConfigDefaults) = (
    AuthenCache_Encrypted => 'on',
    AuthenCache_CacheTime => 'never',
    AuthenCache_NoPasswd => 'off',
);


sub handler {
    my($r) = @_;
 
    my($status, $password) = $r->get_basic_auth_pw;

    return Apache2::Const::OK unless $r->is_initial_req;
 
    return $status unless ($status == Apache2::Const::OK);

    my $auth_name = $r->auth_name;

    my $attribute = {};
    while(my($key, $value) = each %ConfigDefaults) {
        $value = $r->dir_config($key) || $value;

lib/Apache/AuthenURL/Cache.pm  view on Meta::CPAN

        $attribute->{$key} = lc $value;
    }

    my $cache = new Cache::SharedMemoryCache(
        { namespace => $auth_name },
        default_expires_in => $attribute->{CacheTime},
    );

    my $user = $r->user;
    
    if (my $cached_password = $cache->get($user)) {
        $r->log->debug($prefix, "::handler: using cached password for $user");

        if (length($password) == 0 and $attribute->{NoPasswd} eq 'off') {
            $r->log->debug($prefix, "::handler: no password sent, failing");
            $r->note_basic_auth_failure;
            return Apache2::Const::HTTP_UNAUTHORIZED;
        }
            
        if ($attribute->{Encrypted} eq 'on') {
            $r->log->debug($prefix, "::handler: encrypt password for check");
            my $salt = substr($cached_password, 0, 2);
            $password = crypt($password, $salt);
        }

        if ($password eq $cached_password) {
            $r->log->debug($prefix, "::handler: passwords match");
            return Apache2::Const::OK;
        }
        else {
            $r->note_basic_auth_failure;
            return Apache2::Const::HTTP_UNAUTHORIZED;
        }
    }
    $r->push_handlers(PerlFixupHandler => \&manage_cache);
    return Apache2::Const::DECLINED;
}

sub manage_cache {
    my($r) = @_;

    my($status, $password) = $r->get_basic_auth_pw;

    my $attribute = {};
    while(my($key, $value) = each %ConfigDefaults) {
        $value = $r->dir_config($key) || $value;
        $key =~ s/^AuthenCache_//;
        $attribute->{$key} = $value;
    }

    my $user = $r->user;

    my $auth_name = $r->auth_name;

    if ($attribute->{Encrypted} eq 'on') {
        $r->log->debug($prefix, "::manage_cache: encrypt password for storage");
        my @alphabet = ('a' .. 'z', 'A' .. 'Z', '0' .. '9', '.', '/');
        my $salt = join ('', @alphabet[rand (64), rand (64)]);
        $password = crypt($password, $salt);
    }

    my $cache = new Cache::SharedMemoryCache(
        { namespace => $auth_name },
        default_expires_in => $attribute->{CacheTime},
    );

    $cache->purge;

    $cache->set($user, $password, $attribute->{CacheTime});

    $r->log->debug($prefix, "::manage_cache: storing user:", $user);

    return Apache2::Const::OK;
}

Apache2::Status->menu_item(
    $prefix => "Authentication Cache",
    sub {
        my $caches = new Cache::SharedMemoryCache;

lib/Apache/AuthenURL/Cache.pm  view on Meta::CPAN

=over

=item B<AuthenCache_CacheTime>

This directive contains the number of seconds before the cache is
expired. Default is an indefinite time limit.

=item B<AuthenCache_Encrypted>
 
If this directive is set to 'Off', passwords are not encrypted.
Default is 'On', ie passwords use standard Unix crypt.
 
=back

=item B<AuthenCache_NoPasswd>
 
If this directive is set to 'On', passwords may be zero length.
Default is 'Off', ie passwords may not be zero length.
 
=back

=head1 PREREQUISITES

mod_perl2, Cache::SharedMemoryCache, Date::Format

=head1 CREDITS

This module is a rewrite for mod_perl2 of Apache::AuthenCache