Apache-AuthzCache
1 match

 view release on metacpan or  search on metacpan

AuthzCache.pm  view on Meta::CPAN 


    my $success_groups = '';
  OUTTER: foreach my $req_group (@$require_groups) {
      my $succeeded = 0;
    INNER: foreach my $user_group (@$user_groups) {
	$r->log->debug("handler: comparing $req_group to $user_group");
	if ($casesensitive eq 'off' &&
	    lc($req_group) eq lc($user_group)) {
	  # Password matches so end stage
	  # The required patch was not introduced in 1.26. It is no longer
	  # promised to be included in any timeframe. Commenting out.
	  # if ($mod_perl::VERSION < 1.26) {
	    # Since set_handlers() doesn't work properly until
	    # 1.26 (according to Doug MacEachern) I have to work
	    # around it by cobbling together cheat sheets for the
	    # subsequent handlers in this phase. I get the
	    # willies about the security implications in a
	    # general environment where you might be using
	    # someone else's handlers upstream or downstream...
	  $r->log->debug("handler: user in cache and case-insensitive ",
			 "groups $req_group and $user_group match; ",

AuthzCache.pm  view on Meta::CPAN 

	  }
	  # } else {
	  #  $r->log->debug("handler: user in cache and case-insensitive ",
	  # 		   "groups $req_group and $user_group match; ",
	  #		   "returning OK and clearing PerlAuthzHandler");
	  #  $r->set_handlers(PerlAuthzHandler => undef);
	  #}
	} elsif ($req_group eq $user_group) {
	  # Password matches so end stage
	  # The required patch was not introduced in 1.26. It is no longer
	  # promised to be included in any timeframe. Commenting out.
	  # if ($mod_perl::VERSION < 1.26) {
	    # Since set_handlers() doesn't work properly until
	    # 1.26 (according to Doug MacEachern) I have to work
	    # around it by cobbling together cheat sheets for the
	    # subsequent handlers in this phase. I get the
	    # willies about the security implications in a
	    # general environment where you might be using
	    # someone else's handlers upstream or downstream...
	  $r->log->debug("handler: user in cache and case-sensitive ",
			 "groups $req_group and $user_group match; ",

AuthzCache.pm  view on Meta::CPAN 

  # Get required groups and proceed with caching only if groups were required
  for my $req (@$requires) {
    my ($require, $rest) = split /\s+/, $req->{requirement}, 2;
    if ($require eq "user") { return OK
                                if grep $user_sent eq $_, split /\s+/, $rest }
    elsif ($require eq "valid-user") { return OK }
  }

  my ($group_sent, $cache_result) = undef;
  # The required patch was not introduced in 1.26. It is no longer
  # promised to be included in any timeframe. Commenting out.
  # if ($mod_perl::VERSION < 1.26) {
    # I shouldn't need to use the below lines as this module
    # should never be called if there was a cache hit.  Since
    # set_handlers() doesn't work properly until 1.26 (according
    # to Doug MacEachern) I have to work around it by cobbling
    # together cheat sheets for the previous handlers in this
    # phase. I get the willies about the security implications in
    # a general environment where you might be using someone
    # else's handlers upstream or downstream...
  $group_sent = $r->subprocess_env("REMOTE_GROUP") ||



( run in 0.862 second using v1.01-cache-2.11-cpan-df04353d9ac )