view release on metacpan or  search on metacpan

Headers.pm  view on Meta::CPAN

	my $filename = $a->dir_config( 'HeadersAccessConf' ) ;	
		
	# return if the filename was not found,
	if ( ! defined $filename )
	{
		$e->error( "Config filename was not passed" ) ;
		return &SERVER_ERROR ;
	}
	
	# see if the filename is relative
	if ( $filename !~ m|^/| )
	{
		$filename = $a->server_root_relative( $filename ) ;
	}

	# return if the filename is not readable
	if ( ! -f $filename )
	{
		$e->error( "Config file was not readable: $filename" ) ;
		return &SERVER_ERROR ;
	}

	$e->info( "Parsing conf file: $filename" ) ;

	# parse the xml
	my $ref = XMLin( $filename, forcearray => 1, keyattr => [], keeproot => 1 ) ;
	
	# return if the xml is bad
	if ( ! defined $ref->{'header_access'}[0]{'headers'}[0]{'header'} )
	{
		$e->warn( "Invalid xml format in file: $filename" ) ;
		return &SERVER_ERROR ;	
	}
	
	# loop through the <header> blocks
	foreach my $h ( @{ $ref->{'header_access'}[0]{'headers'}[0]{'header'} } )
	{
		# skip if no 'id' or 'path'
		next if ( ! $h->{'id'} ) ;
		next if ( ! $h->{'path'}) ;
		
		#
		# 'REFERER' is a special 'id' case
		#
		if ( $h->{'id'}[0] eq 'REFERER' )
		{
			# store all allowed referers
			foreach my $r ( @{ $h->{'referer'} } )
			{
				push @ALLOWED_REFERERS, $r ;
			}
		}

		# store the allowed headers for each path $p
		foreach my $p ( @{ $h->{'path'} } )
		{
			push @{ $PATH_TO_HEADERS{ $p } }, $h->{'id'}[0] ;
		}
	}

	# create a global array of paths/regexes for efficiency
	# ( so this doesn't have to be done each time through the handler )
	@PATH_REGEXES = sort keys %PATH_TO_HEADERS ;
	
	# set header prefix if needed
	if ( $ref->{'header_authz'}[0]{'headers'}[0]{'prefix'} )
	{
		$HEADER_PREFIX = $ref->{'header_authz'}[0]{'headers'}[0]{'prefix'}[0] ;
	}

	return &OK ;
}

1;

__END__
=pod 

=head1 NAME

Apache::Access::Headers - mod_perl HTTP header authorization module

=head1 SYNOPSIS

 # in httpd.conf
 PerlSetVar HeadersAccessConf conf/headers_access.conf
	
 DocumentRoot /usr/local/apache/htdocs
 <Directory "/usr/local/apache/htdocs">
    PerlModule Apache::Access::Headers
    PerlAccessHandler Apache::Access::Headers
 </Directory>

=head1 DESCRIPTION

This module is intended to be used as a mod_perl PerlAccessHandler.
It's function is to authorize requests for server resources based on 
the existence of and content of HTTP headers. 

Authorizing HTTP headers may be be set by a web browser, a software 
agent, or an authenitcating proxy server. This module was originally 
written to work with the latter.

B<Note:> The default reponse from the handler is currently FORBIDDEN.
This behavior is not yet configurable.

=head1 CONFIGURING APACHE

Module configuration is simple ( read: limited ). Currently, the module
only works with a single configuration file, and works best when configured
for a server's document root. See the LIMITATIONS section for an explanation
of the modules current short-comings.

Add the following line to httpd.conf outside all Directory, 
Location and VirtualHost blocks:

 PerlSetVar HeadersAccessConf /path/to/conf/headers_access.conf
 
And add the following lines to the DocumentRoot Directory block:

  PerlModule Apache::Access::Headers