view release on metacpan or  search on metacpan

AuthCookieDBI.pm  view on Meta::CPAN

206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
If a ticket has expired or is otherwise invalid it is cleared in the browser
and the login form is shown again.
 
=cut
 
#===============================================================================
# P R I V A T E   F U N C T I O N S
#===============================================================================
 
#-------------------------------------------------------------------------------
# _log_not_set -- Log that a particular authentication variable was not set.
 
sub _log_not_set {
    my ( $r, $variable ) = @_;
    my $auth_name = $r->auth_name;
    return $r->log_error(
        "Apache::AuthCookieDBI: $variable not set for auth realm
$auth_name", $r->uri
    );
}
 
#-------------------------------------------------------------------------------
# _dir_config_var -- Get a particular authentication variable.

AuthCookieDBI.pm  view on Meta::CPAN

261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
=over 4
 
=item C<WhatEverDBI_DSN>
 
Specifies the DSN for DBI for the database you wish to connect to retrieve
user information.  This is required and has no default value.
 
=cut
 
    unless ( $c{DBI_DSN} = _dir_config_var $r, 'DBI_DSN' ) {
        _log_not_set $r, 'DBI_DSN';
        return;
    }
 
=item C<WhateverDBI_SecretKey>
 
Specifies the secret key for this auth scheme.  This should be a long
random string.  This should be secret; either make the httpd.conf file
only readable by root, or put the PerlSetVar in a file only readable by
root and include it.
 
This is required and has no default value
=cut
 
    unless ( $c{DBI_SecretKey} = _dir_config_var $r, 'DBI_SecretKey'
        or _dir_config_var $r, 'DBI_SecretKeyFile' )
    {
        _log_not_set $r, 'DBI_SecretKey or DBI_SecretKeyFile';
        return;
    }
 
=item C<WhatEverDBI_User>
 
The user to log into the database as.  This is not required and
defaults to undef.
 
=cut

AuthCookieDBI.pm  view on Meta::CPAN

392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
is so you can have it owned and only readable by root even though Apache
then changes to another user.
 
I suggest using DBI_SecretKey instead.
 
=cut
 
    unless ( $c{DBI_secretkeyfile} = _dir_config_var $r, 'DBI_SecretKeyFile'
        or _dir_config_var $r, 'DBI_SecretKey' )
    {
        _log_not_set $r, 'DBI_SecretKeyFile or DBI_SecretKey';
        return;
    }
 
=item C<WhatEverDBI_EncryptionType>
 
What kind of encryption to use to prevent the user from looking at the fields
in the ticket we give them.  This is almost completely useless, so don't
switch it on unless you really know you need it.  It does not provide any
protection of the password in transport; use SSL for that.  It can be 'none',
'des', 'idea', 'blowfish', or 'blowfish_pp'.