view release on metacpan or  search on metacpan

Session/blib/man3/CGI::Session.3  view on Meta::CPAN

.Ve
.Ip "-passkey_name" 12
.Sp
.Vb 1
\& The name of the CGI parameter which contains the passkey.
.Ve
.Ip "-debug" 12
.Sp
.Vb 1
\& Set to non-zero to generate debugging information.
.Ve
.Ip "\s-1CGI::\s0Session::open" 4
Internal function.  Opens up the cookie jar.  This function is called by
methods just before they first access a cookie jar.
.Sp
$session->open;
.Ip "\s-1CGI::\s0Session::cgi" 4
Accessor method.  The cgi to which the session is attached.
.Ip "\s-1CGI::\s0Session::cookie" 4
Accessor method.  The value of the current cookie.
.Ip "\s-1CGI::\s0Session::passkey" 4
Accessor method.  The value of the current passkey.  Set by \fIconfirmed()\fR and \fIauthenticated()\fR.
.Ip "\s-1CGI::\s0Session::is_authenticated" 4
Accessor method.  Authentication state. True if the session has been successfully authenticated.  False if it has not.
.Ip "\s-1CGI::\s0Session::cookie_name" 4
Accessor method.  The name of the login cookie.
.Ip "\s-1CGI::\s0Session::cookie_logged_out" 4
Accessor method.  Vestigial logout cookie.  Unused.  Like the wings of an
archeopertyx.  But with no hairy feathers.  Left here for strictly
archeological reasons.
.Ip "\s-1CGI::\s0Session::cookie_expiration" 4
Accessor method.  The lifetime of the cookie specified in seconds.
.Ip "\s-1CGI::\s0Session::cookie_path" 4
Accessor method.  The path of the cookie.
.Ip "\s-1CGI::\s0Session::cookie_domain" 4
Accessor method.  The domain of the cookie.
.Ip "\s-1CGI::\s0Session::cookie_secure" 4
Accessor method.  True if the cookie requires \s-1SSL\s0.  False otherwise.
.Ip "Authentication Behavior Variables" 4
These are variables which affect the behavior of the authentication mechanism.
.Ip "\s-1CGI::\s0Session::auth_servers" 4
Accessor method.  The list of authentication servers which will be contacted.  This value can either
be a single server or a reference to an array of servers.
.Sp
Currently these servers are definied by \s-1CGI::\s0Session::LDAPServer objects.
.Ip "\s-1CGI::\s0Session::restricted_access" 4
Accessor method.  If set to a non-zero value then the allowed_user_file is turned on.
.Ip "\s-1CGI::\s0Session::allowed_user_file" 4
Accessor method.  The full path to the allowed_user_file.
.Ip "\s-1CGI::\s0Session::unikey" 4
Accessor method.  Boy this one sucks.  This is a backdoor value.  If this is
set then any user matching this \s-1ID\s0 will be successfully authenticated.  Why?  Strictly
for testing.  \s-1NEVER\s0, \s-1EVER\s0 \s-1SET\s0 \s-1THIS\s0 \s-1VALUE\s0 \s-1UNLESS\s0 \s-1YOU\s0 \s-1KNOW\s0 \s-1WHAT\s0 \s-1THE\s0 \s-1FUCK\s0 \s-1YOU\s0 \s-1ARE\s0 \s-1DOING\s0.
.Ip "\s-1CGI::\s0Session::register" 4
Accessor method.  Login requires an entry to exist in the cookie table for each user.
If this variable is set then an entry will automatically be created for users which are
successfully authenticated.
.Ip "\s-1CGI::\s0Session::auto_refresh_cookie" 4
Accessor method.  Normally the cookie will expire X seconds after it is created, where X is
specified by \s-1CGI::\s0Session::cookie_expiration.  Whenever the cookie is refreshed this
timer resets.  Setting this variable to a non-zero value causes the cookie to be refreshed
every time that it is successfully verified.
.Ip "\s-1CGI::\s0Session::used_with_custom_cgi" 4
Forget about this one.  This is an internal function used by \s-1CGI::\s0Session and \s-1CGI::\s0Session::\s-1CGI\s0.
Normally set to zero.  Setting \s-1CGI::\s0Session::\s-1CGI::\s0session causes this value to be set.
.Ip "\s-1CGI::\s0Session::cookie_jar" 4
# Cookiejar.  This handles all cookie storage.
#
Accessor method.  The object encapsulating cookie storage.
.Ip "\s-1CGI::\s0Session::passkey_name" 4
Accessor method.  The name of the passkey field in the form is stored here.
Not currently important, but it will be if/when the table becomes a shared
resource.
.Ip "\s-1CGI::\s0Session::debug" 4
Accessor method.  Turns on debugging.  Currently this doesn't do much.  I need
to add more instrumentation.
.Ip "\s-1CGI::\s0Session::has_passkey" 4
.Sp
.Vb 2
\&  True if the CGI session has a value for the parameter specified with
\&  -passkey_name.
.Ve
.Vb 1
\&  print "Session has passkey: ".( $session->has_passkey ? "YES" : "NO" )."\en";
.Ve
.Ip "\s-1CGI::\s0Session::passkey_field" 4
.Sp
.Vb 1
\& The value of the CGI parameter specified by -passkey_name.
.Ve
.Vb 1
\& $passkey_field = $session->passkey_field;
.Ve
.Ip "\s-1CGI::\s0Session::confirmed" 4
.Sp
.Vb 3
\&  Confirms that the cookie and a passkey constitute a valid login.  If
\&  the session confirmation succeeds then it will return a true value.
\&  If the session confirmation fails then it will return a false value.
.Ve
.Vb 3
\&  Once this routine is called the variable of
\&  CGI::Session::is_authenticated will contain the status of the
\&  session.
.Ve
.Vb 4
\&  The function may be called in one of two ways.  You can either let
\&  it extract the passkey value on its own, or you can hand it the
\&  passkey value to be checked.  It is much less work to let it extract
\&  the passkey value.
.Ve
.Vb 4
\&  if ( $session->confirmed )
\&  {
\&    Session was confirmed...
\&  }
.Ve
.Vb 1
\&  If you want to handle the extraction of the passkey on your own...
.Ve
.Vb 5