Apache-AuthzUserDir
view release on metacpan or search on metacpan
AuthzUserDir.pm view on Meta::CPAN
package Apache::AuthzUserDir;
use strict;
use Apache::Constants ':common';
$Apache::AuthzUserDir::VERSION = '0.92';
sub handler {
my $r = shift;
my $requires = $r->requires;
return OK unless $requires;
# get user's authentication credentials
my ($res, $sent_pw) = $r->get_basic_auth_pw;
return $res if $res != OK;
my $user = $r->connection->user;
unless($user and $sent_pw) {
$r->note_basic_auth_failure;
$r->log_reason("Both a username and password must be provided", $r->filename);
return AUTH_REQUIRED;
}
my($file,$userdir_user);
$file = $r->uri;
# validity checking - require something after /~ or DECLINE
unless ($file =~ (/\/\~.+/)) {
return DECLINED;
}
# user is everything after /~ until another slash is seen (or until the end
# of the string to accomodate sloppy http://foo.com/~user requests w/o
# trailing slash)
($userdir_user) = $file =~ /~([^\/]+)/;
for my $entry (@$requires) {
my($requirement, @rest) = split(/\s+/, $entry->{requirement});
if (lc $requirement eq 'valid-user') {
if ($userdir_user eq $user) {
return OK;
} else {
# Forbid a different user is trying to get in.
$r->log_reason("Apache::AuthzUserDir - declined $user access to $file");
return FORBIDDEN;
}
} else {
$r->log_reason("Apache::AuthzUserDir - unknown require $requirement");
}
}
$r->note_basic_auth_failure;
$r->log_reason("Apache::AuthzUserDir - user $user: not authorized", $r->uri);
return AUTH_REQUIRED;
}
1;
__END__
=head1 NAME
Apache::AuthzUserDir - mod_perl UserDir authorization module
=head1 SYNOPSIS
<Directory /home/*/public_html>
PerlAuthzHandler Apache::AuthzUserDir
# This is the standard authentication stuff.
# Any can be used, but basic .htpasswd authentication
# is shown for simplicity.
( run in 1.711 second using v1.01-cache-2.11-cpan-cdf2f3d4e48 )