Apache-AuthzPasswd
view release on metacpan or search on metacpan
AuthzPasswd.pm view on Meta::CPAN
valid-user> directives.
= head2 PerlSetVar SetRemoteGroup
Set to "yes" to set the CGI env variable REMOTE_GROUP to the group of the
authorized user. Defaults to "no".
= head2 Apache::AuthenPasswd vs. Apache::AuthzPasswd
I've taken "authentication" to be meaningful only in terms of a user and
password combination, not group membership. This means that you can use
Apache::AuthenPasswd with the B<require user> and B<require valid-user>
directives. In the /etc/passwd and /etc/group context I consider B<require
group> to be an "authorization" concern. I.e., group authorization
consists of establishing whether the already authenticated user is a member
of one of the indicated groups in the B<require group> directive. This
process may be handled by B<Apache::AuthzPasswd>. Admittedly, AuthzPasswd
is a misnomer, but I wanted to keep AuthenPasswd and AuthzPasswd related,
if only by name.
I welcome any feedback on this module, esp. code improvements, given
PerlSetVar SetRemoteGroup
This allows us to modify the REMOTE_GROUP CGI env variable.
When set to "yes" it sets REMOTE_GROUP to the group of the
authorized user. Defaults to "no".
Apache::AuthenPasswd vs. Apache::AuthzPasswd
I've taken "authentication" to be meaningful only in terms
of a user and password combination, not group membership.
This means that you can use Apache::AuthenPasswd with the
require user and require valid-user directives. In the
/etc/passwd and /etc/group context I consider require group
to be an "authorization" concern. I.e., group authorization
consists of establishing whether the already authenticated
user is a member of one of the indicated groups in the
require group directive. This process may be handled by
Apache::AuthzPasswd. Admittedly, AuthzPasswd is a misnomer,
but I wanted to keep AuthenPasswd and AuthzPasswd related,
if only by name.
( run in 0.646 second using v1.01-cache-2.11-cpan-ba5c0e88f22 )