Apache-SecSess
3 results

 view release on metacpan or  search on metacpan

INSTALL  view on Meta::CPAN 

All relevant user login info is:

	user: bob
	password: sekret
	pin code: 0918

As you go from top to bottom in the menu, there are increasing
authentication requirements, and increasingly strong credentials are
issued.  When you get to milt.sec.acme.com, watch carefully, as you will 
be redirected to stu.transacme.com for login.  And, when stu issues
URL credentials you will be transparently redirected across domains to get
cookies for milt.sec.acme.com and noam.acme.org, before being redirected
back to the original milt request.  Then you may hop to noam and stu 
without further interruption.

README  view on Meta::CPAN 

5.  Security Architecture
-------------------------

5.1  The Authentication Processes
---------------------------------

There are three notions of 'authentication' in Apache::SecSess.

    User Authentication: This serves to identify the user and to provide
        a suitable proof of that identity.  This is typically a login form,
        which interrupts the user, but it might transparently use other 
        credentials which are already available electronically like an X.509
        client certificate or a persistent cookie.

    Session Authentication: This is Apache's notion of authentication as
        carried out by PerlAuthenHandler.  Here, an actual resource, like an 
        HTML doc, will be delivered if all is successful.

    Chaining Authentication:  In this type of authentication, credentials
        suitable for session authentication are interpreted instead as user
        authentication in order to issue another type of credential.  In the

SecSess.pm  view on Meta::CPAN 

  lifeTime => <minutes>

Session will expire after the specified number of minutes.

  idleTime => <minutes> 

A session idle for the specified number of minutes will time out.

  renewRate => <minutes>

A session which is constantly active will have a transparent
renewal (resetting an implicit 'idle timer') every period of the 
specified number of minutes.

=head2 Quality of Protection Arguments

minSessQOP => 128, minAuthQOP => 128, authQOP => 128, sessQOP => 128

When credentials are validated during a request, two checks of the 
qualities of protection (QOP's) are made, namely that



( run in 0.476 second using v1.01-cache-2.11-cpan-a1d94b6210f )