Apache-AuthenNTLM
3 results

 view release on metacpan or  search on metacpan

AuthenNTLM.pm  view on Meta::CPAN 

	PerlSetVar defaultdomain wingr1
        PerlSetVar splitdomainprefix 1
	PerlSetVar ntlmdebug 1
	</Location>

=head1 DESCRIPTION

The purpose of this module is to perform a user authentication via Microsoft's
NTLM protocol. This protocol is supported by all versions of the Internet
Explorer and is mainly useful for intranets. Depending on your preferences
setting IE will supply your windows logon credentials to the web server
when the server asks for NTLM authentication. This saves the user to type in
his/her password again.

The NTLM protocol performs a challenge/response to exchange a random number
(nonce) and get back a md4 hash, which is built from the user's password
and the nonce. This makes sure that no password goes over the wire in plain text.

The main advantage of the Perl implementation is, that it can be easily extended
to verify the user/password against other sources than a windows domain controller.
The defaultf implementation is to go to the domain controller for the given domain

AuthenNTLM.pm  view on Meta::CPAN 


=head2 $self -> get_nonce ($r)

Will be called to setup the connection to the windows domain controller 
for $self -> {domain} and retrieve the nonce.
In case you do not authenticate against a windows machine, you simply need 
to set $self -> {nonce} to a 8 byte random string. Returns undef on error.

=head2 $self -> verify_user ($r)

Should verify that the given user supplied the right credentials. Input:

=over

=item $self -> {basic}

Set when we are doing basic authentication

=item $self -> {ntlm}

Set when we are doing ntlm authentication

Changes  view on Meta::CPAN 


   - fix bug with ntlmauthoritative off
   - fix compile problem on FreeBSD reported by Ryan Parr.

0.16  14. Apr 2002

   - Return DECLINE to pass request to next authentication handler
     in case ntlmauthoritative is not set and a communication error
     with the Domain Controller has occured.
   - Return DECLINE to pass request to next authentication handler
     in case ntlmauthoritative is not set and we have credentials
     for another authorization method given from the browser.
   - Log the connection header in debug mode to see if it's a keep
     alive request.

 0.15  9. Apr 2002

   - Added patch from Brian Paulsen which causes correct handling of
     non unicode charset (needed for some versions of win9x) and
     more verbose debugging output (decoded flags)

README  view on Meta::CPAN 


$Id: README,v 1.5 2002/04/19 04:06:02 richter Exp $


OVERVIEW
========

The purpose of this module is to perform a user authentication via Microsoft's
NTLM protocol. This protocol is supported by all versions of the Internet
Explorer and is mainly useful for intranets. Depending on your preferences
setting, IE will supply your windows logon credentials to the web server
when the server asks for NTLM authentication. This saves the user to type in
his/her password again.

The NTLM protocol performs a challenge/response to exchange a random number
(nonce) and get back a md4 hash, which is built form the users password
and the nonce. This makes sure that no password goes over the wire in plain text,
so it's more secure than basic authentication, which doesn't mean it's
a real secure authentication scheme. ;)

Some information about NTLM can be found at:



( run in 0.251 second using v1.01-cache-2.11-cpan-4d50c553e7e )