verify results from the CPAN

verify

Apache-SessionManager

view release on metacpan or search on metacpan

SessionManager/cookpod.pod view on Meta::CPAN

=head1 Apache::SessionManager WITH AUTHENTICATION MECHANISM

=head2 INTRODUCTION

This section describes using L<Apache::SessionManager|Apache::SessionManager>
with simple authentication mechanism.  There are many ways to do it; this
document will not describe all possible configurations. 

=head2 CONFIGURATION

The idea is to write a custom authentication handler in order to verify each
request  that session is valid (the user has been already authenticaded).

=head3 CONFIGURATION VIA F<httpd.conf>

In F<httpd.conf> (or any files included by the C<Include> directive):

   PerlModule Apache::SessionManager
   PerlTransHandler Apache::SessionManager
   <Location /protected>

SessionManager/cookpod.pod view on Meta::CPAN

      # Login ok: user is already logged or login form is requested
      if ( $session->{'logged'} == 1 || $r->uri eq $r->dir_config('MyAuthLogin') ) { 
         return OK;
      }

      # user not logged in or session expired

      # store in session the destination url if not set
      $session->{'redirect'} ||= $r->uri . ( ( $r->args ) ? ('?' . $r->args) : '' );

      # verify credenitals
      unless ( verifiy_cred( ($r->args) ) ) {

         # Log error
         $r->log_error('MyAuth: access to ' . $r->uri . ' failed for ' . $r->get_remote_host);

         # Redirect to login page
         $r->custom_response(FORBIDDEN, $r->dir_config('MyAuthLogin'));
         return FORBIDDEN;
      }
      $session->{'logged'} = 1;

t/lib/MyAuth.pm view on Meta::CPAN


	# Login ok: user is already logged or login form is requested
	if ( $session->{'logged'} == 1 || $r->uri eq $r->dir_config('MyAuthLogin') ) { 
	   return MP2 ? Apache::OK : Apache::Constants::OK;
	}
	# user not logged in or session expired

	# store in session the destination url if not set
	$session->{'redirect'} ||= $r->uri . ( ( $r->args ) ? ('?' . $r->args) : '' );

	# verify credenitals
#	unless ( verifiy_cred( ($r->args) ) ) {
	unless ( verifiy_cred( ( (MP2) ? Vars : $r->args() ) ) ) {
		# Log error
		$r->log_error('MyAuth: access to ' . $r->uri . ' failed for ' . (MP2 ? $r->connection->get_remote_host : $r->get_remote_host) );
		# Redirect to login page
		$r->custom_response((MP2 ? Apache::FORBIDDEN : Apache::Constants::FORBIDDEN), $r->dir_config('MyAuthLogin'));
		return MP2 ? Apache::FORBIDDEN : Apache::Constants::FORBIDDEN;
	}
	$session->{'logged'} = 1;
	# Redirect to original protected resource

( run in 0.578 second using v1.01-cache-2.11-cpan-73692580452 )