not_ results from the CPAN

not_

Apache-AuthCookiePAM

view release on metacpan or search on metacpan


use Apache::File;
use Digest::MD5 qw( md5_hex );
use Date::Calc qw( Today_and_Now Add_Delta_DHMS );
# Also uses Crypt::CBC if you're using encrypted cookies.

#===============================================================================
# F U N C T I O N   D E C L A R A T I O N S
#===============================================================================

sub _log_not_set($$);
sub _dir_config_var($$);
sub _config_vars($);
sub _now_year_month_day_hour_minute_second();
sub _percent_encode($);
sub _percent_decode($);

sub authen_cred($$\@);
sub authen_ses_key($$$);
sub group($$\@);

AuthCookiePAM.pm view on Meta::CPAN

If a ticket has expired or is otherwise invalid it is cleared in the browser
and the login form is shown again.

=cut

#===============================================================================
# P R I V A T E   F U N C T I O N S
#===============================================================================

#-------------------------------------------------------------------------------
# _log_not_set -- Log that a particular authentication variable was not set.

sub _log_not_set($$)
{
	my( $r, $variable ) = @_;
	my $auth_name; $auth_name = $r->auth_name;
	$r->log_error( "Apache::AuthCookiePAM: $variable not set for auth realm
$auth_name", $r->uri );
}

#-------------------------------------------------------------------------------
# _dir_config_var -- Get a particular authentication variable.

AuthCookiePAM.pm view on Meta::CPAN

This directive MUST be set before the PerlModule line that loads this module,
because the secret key file is read immediately (at server start time).  This
is so you can have it owned and only readable by root even though Apache
then changes to another user.

=cut

	unless (
	   $c{ PAM_secretkeyfile } = _dir_config_var $r, 'PAM_SecretKeyFile'
	) {
		_log_not_set $r, 'PAM_SecretKeyFile';
		return undef;
	}

=item C<WhatEverPAM_SessionLifetime>

How long tickets are good for after being issued.  Note that presently
Apache::AuthCookie does not set a client-side expire time, which means that
most clients will only keep the cookie until the user quits the browser.
However, if you wish to force people to log in again sooner than that, set
this value.  This can be 'forever' or a life time specified as:

( run in 0.752 second using v1.01-cache-2.11-cpan-4d4bc49f3ae )