Apache-AuthenSecurID
6 results

 view release on metacpan or  search on metacpan

ace_initd  view on Meta::CPAN 




while ( $server->recv($mesg, 1024) ) {
   $mesg = $crypt->decrypt_hex ( $mesg );
   my ( $rand, $request, $type, $username, $passcode ) = split /\:/, $mesg;
      eval {
   	if ( ! $ACE{$request} ) {
	   $ACE{$request} = new Authen::ACE;
   	}
   	if ( $type eq "check" ) {
	   ($result,$info) = $ACE{$request}->Check($passcode,$username);
   	}
   	if ( $type eq "next" ) {
	   ($result,$info) = $ACE{$request}->Next($passcode);
    	}
   	if ( $type eq "pin" ) {
	   ($result,$info) = $ACE{$request}->PIN($passcode);
   	}
   	if ( $result != 5 && $result != 2 ) {
	   delete $ACE{$request};
	} 
      };
   if ( $@ ) {
	$result = 1;	   
   	syslog ( 'err', '$type $username $result via exception');
   }

   syslog ( 'info', '$type $username $result:$$info{system_pin}:$$info{min_pin_len}:$$info{max_pin_len}:$$info{alphanumeric}:$$info{user_selectable}');
	if ( $result ) {
   		$mesg = "$rand:$result:$$info{system_pin}:$$info{min_pin_len}:$$info{max_pin_len}:$$info{alphanumeric}:$$info{user_selectable}";
	} else {
		$mesg = "$rand:$result:::::";
	}
   $mesg = $crypt->encrypt_hex ( $mesg );
   $server->send ($mesg);
}




__END__

=head1 NAME

ace_initd -  ACE Authentication daemon for Apache::AuthenSecurID::Auth 

=head1 SYNOPSIS

 # Configuration in /etc/ace_initd.conf   

 VAR_ACE /the/ace/data/directory
 port 1969 
 AuthCryptKey Encryption_Key
 syslog local2


=head1 DESCRIPTION

This daemon handles the ACE authentication requests for the 
Apache::SecurID::Auth module.  It is a single threaded, single
fork server that listens on a specified UDP port.  Incoming requests
are decrypted and requests forwarded to the ACE server.  If a specific
request is in either in NEXT TOKEN MODE or SET PIN MODE the Authen::ACE
object is not deleted.  It is instead kept in memory to handle those
specific requests later.


=head1 LIST OF TOKENS


=item *
VAR_ACE

Specifies the location of the F<sdconf.rec> file.  It defaults to 
F</opt/ace/data> if this variable is not set.

=item *
AuthCryptKey

The Blowfish key used to encrypt and decrypt the authentication cookie. 
It defaults to F<my secret> if this variable is not set.

=item *
ace_initd_port

The port the that the Ace request daemon listens on.  It defaults to F<1969> 
if this variable is not set.

=item *
syslog

The syslog facility ace_initd logs to.  It defaults to F<local2> 
if this variable is not set.


=head1 CONFIGURATION

Either run from the command line;

prompt$ nohup ./ace_initd &

or write the appropriate scripts in the /etc/rc directories.

=head1 PREREQUISITES


ace_initd requires Crypt::Blowfish, Crypt::CBC and Authen::ACE.


=head1 SEE ALSO

L<Authen::ACE> L<Apache::AuthenSecurID> L<Apache::AuthenSecurID::Auth>

=head1 AUTHORS

=item *
mod_perl by Doug MacEachern <dougm@osf.org>

=item *
Authen::ACE by Dave Carrigan <Dave.Carrigan@iplenergy.com>



( run in 1.106 second using v1.01-cache-2.11-cpan-f56aa216473 )