Apache-AuthzCache
2 results

 view release on metacpan or  search on metacpan

AuthzCache.pm  view on Meta::CPAN 

				     namespace  => $ns });
    my @keys = $cache->get_keys();
    foreach my $key (sort(@keys)) {
      my $obj = $cache->get_object($key);
      my $user_groups = $obj->get_data;
      my $created = Time::Object->new($obj->get_created_at);
      my $expires = Time::Object->new($obj->get_expires_at);
      push(@s, "<TR><TD VALIGN=\"TOP\">$ns</TD>\n",
	   "<TD VALIGN=\"TOP\">$key</TD>\n<TD VALIGN=\"TOP\">");
      foreach my $user_group (sort(@$user_groups)) {
	next if $user_group eq '';
	push(@s, "$user_group<BR>\n");
      }
      push(@s, "</TD>\n<TD VALIGN=\"TOP\">$created</TD>\n",
	   "<TD VALIGN=\"TOP\">$expires</TD>\n</TR>\n");
    }
  }

  push(@s, '</TABLE>');

  return \@s;
}

1;

__END__

# Documentation - try 'pod2text AuthzCache'

=head1 NAME

Apache::AuthzCache - mod_perl Cache Authorization Module

=head1 SYNOPSIS

 <Directory /foo/bar>
 # Authorization Realm and Type (only Basic supported)
 AuthName "Foo Bar Authentication"
 AuthType Basic

 # Any of the following variables can be set.
 # Defaults are listed to the right.
 PerlSetVar AuthzCache_CaseSensitive Off       # Default: On
 PerlSetVar AuthzCache_CacheTime       60        # Default: Empty String ("")

 PerlAuthzHandler Apache::AuthzCache <Primary Authorization Module> Apache::AuthzCache::manage_cache

 require group "My Group" GroupA "Group B"     # Authorize user against
                                               # multiple groups
 </Directory>

=head1 DESCRIPTION

B<Apache::AuthzCache> is designed to work with a mod_perl
authorization module to provide caching of group membership for
site users. For a list of mod_perl authorization modules see:

http://www.cpan.org/modules/by-module/Apache/apache-modlist.html

When a request that requires authorization is received,
Apache::AuthzCache looks up the REMOTE_USER in a shared-memory
cache (using IPC::Cache) and compares the list of groups in the
cache against the groups enumerated within the "require"
configuration directive. If a match is found, the handler returns
OK and clears the downstream Authz handlers from the
stack. Otherwise, it returns DECLINED and allows the next
PerlAuthzHandler in the chain to be called.

After the primary authorization handler completes with an OK,
Apache::AuthzCache::manage_cache adds the new group (listed in
REMOTE_GROUP) to the cache.

=head1 CONFIGURATION OPTIONS

The following variables can be defined within the configuration
of Directory, Location, or Files blocks or within .htaccess
files.

=over 4

=item B<AuthzCache_CaseSensitive>

If this directive is set to 'Off', group matches will be case
insensitive.

=back

=over 4

=item B<AuthzCache_CacheTime>

The time with which a user's entry within the cache will remain,
measured in minutes.

=back

=head1 NOTES

This module requires that the primary authorization handler set
the REMOTE_GROUP environment variable with the group to which the
user successfully was authorized.

This module also has a workaround to the bugs in the
set_handlers() method of mod_perl-1.2x. It will write notes to
downstream handlers.

At the time of publication, the only primary authorization
handler established to both set the REMOTE_GROUP and read the
notes left by AuthzCache is Apache::AuthzLDAP.

=head1 AVAILABILITY

This module is available via CPAN at
http://www.cpan.org/modules/by-authors/id/C/CG/CGILMORE/.

=head1 AUTHORS

Christian Gilmore <cag@us.ibm.com>

=head1 SEE ALSO



( run in 1.878 second using v1.01-cache-2.11-cpan-39bf76dae61 )