view release on metacpan or  search on metacpan

eg/dot_lwrc  view on Meta::CPAN

The default is C<'Thu, 01-Jan-1970 00:00:01 GMT'>.  This is used to
nullify authentication cookie when a user logs out.  Any cookie set
with this date will be canceled from the client's browser immediately.
Do not edit this unless there is a compelling reason to do so.

=item *

RAND_RANGE

The range from which to generate a pseudo-random number.  For example,
if the range is C<999999999>, several places in LibWeb that makes use
of pseudo-random number will use an integer that is randomly generated
between 0 and 999999999.  The purpose is to have different web site
with LibWeb installed to have different and less predictable behavior
in several aspects.  Currently only used for generating the dummy
authentication cookie (as of LibWeb-0.02).  It is also used in the
sample login script (lm.cgi) to make things look complicated.

=item *

MAC_KEY

HMAC is used for message integrity checks between two parties (in the
case for LibWeb, the two parties referred here are your web site and a
client web browser), and works in combination with some other Digest
algorithm, usually MD5 or SHA-1.  The HMAC mechanism is described in
RFC 2104.  MAC_KEY is the private key.  Further explanation is better
left to the expert,

  http://www.w3.org/Security/Faq/wwwsf7.html#Q66

See also Digest::HMAC which is used by LibWeb::Digest and
LibWeb::Session for preparing and checking authentication cookies.
The proper size for this key is not well documented.

=item *

CIPHER_KEY

You must provide an encryption/decryption key, which can be any series
of characters of any length.  Internally, the actual key used is
derived from the MD5 hash of the key you provide.  Read the man page
for Crypt::CBC for details.  Blowfish is capable of strong encryption
and can use key sizes up to 56 bytes (a 448 bit key).  You're
encouraged to take advantage of the full key size to ensure the
strongest encryption possible from that module (Crypt::Blowfish).

=item *

DIGEST_KEY

This key is appended to the data from which a digest is to be
generated.  The purpose is to have different web site with LibWeb
installed to have different and less predictable behavior in several
aspects of the authentication cookie.

=item *

CIPHER_ALGORITHM

The cipher algorithm must be C<'Crypt::Blowfish'>, C<'Crypt::DES'> or
C<'Crypt::IDEA'> as of LibWeb-0.01.

=item *

DIGEST_ALGORITHM

The digest algorithm must be either C<'Digest::SHA1'> or
C<'Digest::MD5'> as of LibWeb-0.01.

=item *

CIPHER_FORMAT

It can be either C<'BINARY'> or C<'HEX'>.  You should use C<'HEX'> for
the authentication cookie.

=item *

DIGEST_FORMAT

It can be C<'HEX'>, C<'BINARY'> or C<'B64'>.  You should use C<'B64'>
for the authentication cookie.

=back

=head2 Debug/fatal message mailing & logging variables

=over 4

=item *

DEBUG

If you want stack traces to be printed to the viewing browser whenever
a LibWeb's fatal method is called, assign 1 to it and 0 otherwise.
You turn this on/off depending on whether you are debugging your
application.

=item *

FATAL_LOG (new in LibWeb-0.02)

Absolute path to a log file which records all LibWeb's fatal calls.
Assign C<undef> to this variable to disable logging.  You may want to
turn this on if you have turned B<IS_MAIL_DEBUG_TO_ADMIN> off.

=item *

IS_MAIL_DEBUG_TO_ADMIN

If you want stack traces to be sent to B<ADMIN_EMAIL> whenever a
LibWeb's fatal method is called, assign 1 to it and 0 otherwise.  You
may want to turn that off while you are debugging your application.

=item *

SMTP (new in LibWeb-0.02)

If you have installed Mail::Sendmail (this is a mandatory
pre-requisite for NT servers in order for LibWeb to work properly),