Result:
found more than 505 distributions - search limited to the first 2001 files matching your query
( run in 1.268 )
Apache-DnsZone
view release on metacpan or search on metacpan
bin/mysql/adduser.pl view on Meta::CPAN
$dbh->disconnect();
exit 1;
}
print "Password for $user: ";
ReadMode('noecho');
my $password = ReadLine(0);
chomp($password);
print "\nPassword again: ";
my $password_confirm = ReadLine(0);
chomp($password_confirm);
ReadMode(0);
unless ($password eq $password_confirm) {
print "\nTwo wrongs doesn't make a right!\n";
$dbh->disconnect();
exit 1;
}
print "\n";
bin/mysql/adduser.pl view on Meta::CPAN
chomp($lang);
} while ($lang ne $dbh->selectrow_array("select lang from languages where lang = ?", undef, $lang));
my $lang_id = $dbh->selectrow_array("select id from languages where lang = ?", undef, $lang);
$dbh->do("insert into users (id, username, password, email, lang) values ('',?,?,?,?)", undef, $user, $password, $email, $lang_id);
print "$user($email:$lang) added...\n";
$dbh->disconnect();
Apache-DoCoMoProxy
view release on metacpan or search on metacpan
DoCoMoProxy.pm view on Meta::CPAN
Apache::DoCoMoProxy emulates it. GET or POST uid=NULLGWDOCOMO
parameter changes terminal id.
At first time of proxy request, basic auth required.
Input terminal id and user agent(comma separate).
password anyone.
ex.)
account: AZ0826YK,DoCoMo/1.0/N503i/c30
password: (none)
=head1 AUTHOR
Hiroyuki Kobayashi <kobayasi@piano.gs>
Apache-ExtDirect
view release on metacpan or search on metacpan
t/lib/RPC/ExtDirect/Test/PollProvider.pm view on Meta::CPAN
our $WHAT_YOURE_HAVING = 'Usual, please';
sub foo : ExtDirect( pollHandler ) {
my ($class) = @_;
my $password_file = '/tmp/apache-extdirect-password';
if ( -r $password_file ) {
open my $fh, '<', $password_file;
$WHAT_YOURE_HAVING = <$fh>;
};
# There ought to be something more substantive, but...
if ( $WHAT_YOURE_HAVING eq 'Usual, please' ) {
Apache-FilteringProxy
view release on metacpan or search on metacpan
lib/Apache/FilteringProxy.pm view on Meta::CPAN
# get admin database configuration
$Apache::FilteringProxy::db_hostname = $config->getElement("admin-database")->hostname->getString() || "localhost";
$Apache::FilteringProxy::db_hostport = $config->getElement("admin-database")->hostport->getString() || "5432";
$Apache::FilteringProxy::db_username = $config->getElement("admin-database")->username->getString() || "user";
$Apache::FilteringProxy::db_password = $config->getElement("admin-database")->password->getString() || "pass";
$Apache::FilteringProxy::db_database = $config->getElement("admin-database")->database->getString() || "default";
$Apache::FilteringProxy::db_driver = $config->getElement("admin-database")->getElement("dbi-dbd")->getString() || "Pg";
$r->warn("config: admin db hostname: " . $Apache::FilteringProxy::db_hostname) unless ($Apache::FilteringProxy::logging < 1);
$r->warn("config: admin db hostport: " . $Apache::FilteringProxy::db_hostport) unless ($Apache::FilteringProxy::logging < 1);
$r->warn("config: admin db username: " . $Apache::FilteringProxy::db_username) unless ($Apache::FilteringProxy::logging < 1);
$r->warn("config: admin db password: " . (($Apache::FilteringProxy::db_password) ? "*not empty*" : "*empty*")) unless ($Apache::FilteringProxy::logging < 1);
$r->warn("config: admin db database: " . $Apache::FilteringProxy::db_database) unless ($Apache::FilteringProxy::logging < 1);
$r->warn("config: admin db driver: " . $Apache::FilteringProxy::db_driver) unless ($Apache::FilteringProxy::logging < 1);
# the proxy that will be used in all requests made by LWP to
# retrieve content from a remote server
lib/Apache/FilteringProxy.pm view on Meta::CPAN
# let's add the remote server to our list of hosts/domains we want to
# configure for proxying
$r->warn("ADMIN: adding hostname for resource") unless ($Apache::FilteringProxy::logging < 2);
use DBI;
my $dbh = DBI->connect("dbi:$Apache::FilteringProxy::db_driver:dbname=$Apache::FilteringProxy::db_database;host=$Apache::FilteringProxy::db_hostname;port=$Apache::FilteringProxy::db_hostport",$Apache::FilteringProxy::db_username,$Apache::FilteringP...
# get all current hosts in admin to make sure we dont add the
# hostname a second time. The admin tool clears old entries
# out before starting, so we know all entries in the db are valid
my $sth = $dbh->prepare("SELECT hostname from admin;");
Apache-Gateway
view release on metacpan or search on metacpan
my $site = $self->{SITE};
my $path = $self->{GW_PATH};
my $url = Apache::URI->parse($r, $site . $path);
# If this is an anon-FTP request, fill in the password with the
# UA's from field.
if($url->scheme eq 'ftp' && $url->user eq 'anonymous') {
$url->password($ua->from) # anon-FTP passwd
}
my $request = HTTP::Request->new($r->method, $url->unparse);
# If upstream server has a broken clock, calculate how much we
Apache-HTMLView
view release on metacpan or search on metacpan
----
# HTMLView test
PerlSetVar test_fmtpath /var/www/lib/fmttest
PerlSetVar test_DBIstr "DBI:mysql:fmttest"
PerlSetVar test_DBI_User "username"
PerlSetVar test_DBI_Password "password"
<Location /fmt/test>
PerlSetVar Name test
SetHandler perl-script
PerlHandler Apache::HTMLView
# HTMLView test2
PerlSetVar test2_fmtpath /var/www/lib/fmttest2
PerlSetVar test2_DBIstr "DBI:mysql:fmttest"
PerlSetVar test2_DBI_User "username"
PerlSetVar test2_DBI_Password "password"
<Location /fmt/test2>
PerlSetVar Name test2
SetHandler perl-script
PerlHandler Apache::HTMLView
Apache-HTTunnel
view release on metacpan or search on metacpan
Client/httunnel view on Meta::CPAN
url => undef,
http_protocol => 'HTTP/1.1',
http_keep_alive => 1,
http_username => '',
http_password => '',
http_proxy => '',
http_proxy_username => '',
http_proxy_password => '',
read_length => 131072,
read_timeout => 15,
verbose => $DEBUG,
) ;
Client/httunnel view on Meta::CPAN
my $uri = shift ;
my $proxy = shift ;
my $cfg = $this->{__PACKAGE__}->{cfg} ;
if ($proxy){
return ($cfg->{http_proxy_username}, $cfg->{http_proxy_password}) ;
}
return ($cfg->{http_username}, $cfg->{http_password}) ;
}
sub request_callback {
my $this = shift ;
Apache-HeavyCGI
view release on metacpan or search on metacpan
lib/Apache/HeavyCGI.pm view on Meta::CPAN
sub hidden_field {
my($self) = shift;
$self->text_pw_field(FIELDTYPE=>"hidden", @_);
}
sub password_field {
my($self) = shift;
$self->text_pw_field(FIELDTYPE=>"password", @_);
}
# pause_1999::main
sub radio_group {
my($self,%arg) = @_;
Apache-Htpasswd-Perishable
view release on metacpan or search on metacpan
Perishable.pm view on Meta::CPAN
=head1 DESCRIPTION
This module allows you to define and extend an expiration date that is put into the
extra-info field of an .htpasswd entry like:
username:encrypted-password:extra-info
=head2 METHODS
This module inherits all methods from Apache::Htpasswd, and also adds:
Apache-Htpasswd
view release on metacpan or search on metacpan
Htpasswd.pm view on Meta::CPAN
my $cryptPass = $self->fetchPass($Id);
if ( !$cryptPass ) { return undef; }
if (index($cryptPass, $MD5Magic) == 0) {
# This is an MD5 password
require Crypt::PasswdMD5;
my $salt = $cryptPass;
$salt =~ s/^\Q$MD5Magic//; # Take care of the magic string if present
$salt =~ s/^(.*)\$/$1/; # Salt can have up to 8 chars...
$salt = substr( $salt, 0, 8 ); # That means no more than 8 chars too.
return 1 if Crypt::PasswdMD5::apache_md5_crypt( $pass, $salt ) eq $cryptPass;
}
elsif (index($cryptPass, $SHA1Magic) == 0) {
# This is an SHA1 password
require Digest::SHA;
require MIME::Base64;
return 1 if '{SHA}'.MIME::Base64::encode_base64( Digest::SHA::sha1( $pass ), '' ) eq $cryptPass;
}
# See if it is encrypted using crypt
return 1 if crypt($pass, $cryptPass) eq $cryptPass;
# See if it is a plain, unencrypted password
return 1 if $self->{USEPLAIN} && $pass eq $cryptPass;
$self->{'ERROR'} =
__PACKAGE__ . "::htCheckPassword - Passwords do not match.";
carp $self->error() if caller eq $self;
Htpasswd.pm view on Meta::CPAN
my $oldPass = shift;
my $noOld = 0;
if ( $self->{READONLY} ) {
$self->{'ERROR'} =
__PACKAGE__ . "::htpasswd - Can't change passwords in ReadOnly mode";
carp $self->error();
return undef;
}
if ( !defined($oldPass) ) {
Htpasswd.pm view on Meta::CPAN
# New Entry
if ($noOld) {
my $passwdFile = $self->{'PASSWD'};
# Encrypt new password string
my $passwordCrypted = $self->CryptPasswd($newPass);
$self->_open();
if ( $self->fetchPass($Id) ) {
# User already has a password in the file.
$self->{'ERROR'} =
__PACKAGE__ . "::htpasswd - $Id already exists in $passwdFile";
carp $self->error();
$self->_close();
return undef;
}
else {
# If we can add the user.
seek( FH, 0, SEEK_END );
print FH "$Id\:$passwordCrypted\n";
$self->_close();
return 1;
}
Htpasswd.pm view on Meta::CPAN
__END__
=head1 NAME
Apache::Htpasswd - Manage Unix crypt-style password file.
=head1 SYNOPSIS
use Apache::Htpasswd;
Htpasswd.pm view on Meta::CPAN
$foo = new Apache::Htpasswd({passwdFile => "path-to-file",
ReadOnly => 1}
);
# Add an entry
$foo->htpasswd("zog", "password");
# Change a password
$foo->htpasswd("zog", "new-password", "old-password");
# Change a password without checking against old password
$foo->htpasswd("zog", "new-password", {'overwrite' => 1});
# Check that a password is correct
$foo->htCheckPassword("zog", "password");
# Fetch an encrypted password
$foo->fetchPass("foo");
# Delete entry
$foo->htDelete("foo");
Htpasswd.pm view on Meta::CPAN
# Get extra info field for a user
$foo->fetchInfo("login");
=head1 DESCRIPTION
This module comes with a set of methods to use with htaccess password
files. These files (and htaccess) are used to do Basic Authentication
on a web server.
The passwords file is a flat-file with login name and their associated
crypted password. You can use this for non-Apache files if you wish, but
it was written specifically for .htaccess style files.
=head2 FUNCTIONS
=over 4
Htpasswd.pm view on Meta::CPAN
you use them from here on out.
Apache::Htpasswd->new("path-to-file");
"path-to-file" should be the path and name of the file containing
the login/password information.
Apache::Htpasswd->new({passwdFile => "path-to-file",
ReadOnly => 1,
UseMD5 => 1,
});
This is the prefered way to instantiate an object. The 'ReadOnly' param
is optional, and will open the file in read-only mode if used. The 'UseMD5'
is also optional: it will force MD5 password under Unix.
If you want to support plain un-encrypted passwords, then you need to set
the UsePlain option (this is NOT recommended, but might be necesary in some
situations)
=item error;
If a method returns an error, or a method fails, the error can
be retrieved by calling error()
=item htCheckPassword("login", "password");
Finds if the password is valid for the given login.
Returns 1 if passes.
Returns 0 if fails.
=item htpasswd("login", "password");
This will add a new user to the password file.
Returns 1 if succeeds.
Returns undef on failure.
=item htDelete("login")
Delete users entry in password file.
Returns 1 on success
Returns undef on failure.
=item htpasswd("login", "new-password", "old-password");
If the I<old-password> matches the I<login's> password, then
it will replace it with I<new-password>. If the I<old-password>
is not correct, will return 0.
=item htpasswd("login", "new-password", {'overwrite' => 1});
Will replace the password for the login. This will force the password
to be changed. It does no verification of old-passwords.
Returns 1 if succeeds
Returns undef if fails
=item fetchPass("login");
Returns I<encrypted> password if succeeds.
Returns 0 if login is invalid.
Returns undef otherwise.
=item fetchInfo("login");
Htpasswd.pm view on Meta::CPAN
Will replace the additional information for the login.
Returns 0 if login is invalid.
Returns undef otherwise.
=item CryptPasswd("password", "salt");
Will return an encrypted password using 'crypt'. If I<salt> is
ommitted, a salt will be created.
=back
=head1 INSTALLATION
Htpasswd.pm view on Meta::CPAN
make
make test
make install
make clean
If you are going to use MD5 encrypted passwords, you need to install L<Crypt::PasswdMD5>.
If you need to support SHA1 encrypted passwords, you need to install L<Digest::SHA> and L<MIME::Base64>.
=head1 DOCUMENTATION
POD style documentation is included in the module.
These are normally converted to manual pages and installed as part
Htpasswd.pm view on Meta::CPAN
Revision 1.9.0 SHA dependency changes
Revision 1.8.0 Added proper PREREQ_PM
Revision 1.7.0 Handle SHA1 and plaintext. Also change the interface
for allowing change of password without first checking old password. IF
YOU DON'T READ THE DOCS AND SEE I DID THIS DON'T EMAIL ME!
Revision 1.6.0 Handle Blowfish hashes when that's the mechanism crypt() uses.
Revision 1.5.9 MD5 for *nix with new UseMD5 arg for new()
Apache-Language
view release on metacpan or search on metacpan
Language/DBI.pm view on Meta::CPAN
my $r = $data->{Request};
my $dbhfunc = $r->dir_config("Language::DBI::GetDBFunc");
my $Datasource = $r->dir_config("Language::DBI::Datasource") || "DBI:Pg:dbname=apache;host=herge";
my $username = $r->dir_config("Language::DBI::Username") || 'apache';
my $password = $r->dir_config("Language::DBI::Password") || 'www';
$cfg->{tablename} = $r->dir_config("Language::DBI::TableName") || 'language';
$cfg->{key} = $r->dir_config("Language::DBI::TableKey") || 'key';
$cfg->{lang} = $r->dir_config("Language::DBI::TableLang") || 'lang';
$cfg->{value} = $r->dir_config("Language::DBI::TableValue") || 'value';
Language/DBI.pm view on Meta::CPAN
$cfg->{dbh} = &$dbhfunc();
use strict 'refs';
}
else
{
$cfg->{dbh} = DBI->connect($Datasource, $username, $password);
}
if ($cfg->{dbh}){
return L_OK;
}
Apache-LoggedAuthDBI
view release on metacpan or search on metacpan
# configuration attributes, defaults will be overwritten with values from .htaccess.
my %Config = (
'Auth_DBI_data_source' => '',
'Auth_DBI_username' => '',
'Auth_DBI_password' => '',
'Auth_DBI_pwd_table' => '',
'Auth_DBI_uid_field' => '',
'Auth_DBI_pwd_field' => '',
'Auth_DBI_pwd_whereclause' => '',
'Auth_DBI_grp_table' => '',
'Auth_DBI_log_field' => '',
'Auth_DBI_log_string' => '',
'Auth_DBI_authoritative' => 'on',
'Auth_DBI_nopasswd' => 'off',
'Auth_DBI_encrypted' => 'on',
'Auth_DBI_encryption_salt' => 'password',
'Auth_DBI_encryption_method'=> 'sha1hex/md5/crypt', #Using Two (or more) Methods Will Allow for Fallback to older Methods
'Auth_DBI_uidcasesensitive' => 'on',
'Auth_DBI_pwdcasesensitive' => 'on',
'Auth_DBI_placeholder' => 'off',
);
my $Attr = { };
# global cache: all records are put into one string.
# record separator is a newline. Field separator is $;.
# every record is a list of id, time of last access, password, groups (authorization only).
# the id is a comma separated list of user_id, data_source, pwd_table, uid_field.
# the first record is a timestamp, which indicates the last run of the CleanupHandler followed by the child counter.
my $Cache = time . "$;0\n";
return MP2 ? Apache2::Const::OK() : Apache::Constants::OK() unless $r->is_initial_req; # only the first internal request
print STDERR "REQUEST:\n", $r->as_string if $Apache::AuthDBI::DEBUG > 1;
# here the dialog pops up and asks you for username and password
my($res, $passwd_sent) = $r->get_basic_auth_pw;
print STDERR "$prefix get_basic_auth_pw: res = >$res<, password sent = >$passwd_sent<\n" if $Apache::AuthDBI::DEBUG > 1;
return $res if $res; # e.g. HTTP_UNAUTHORIZED
# get username
my ($user_sent) = $r->user;
print STDERR "$prefix user sent = >$user_sent<\n" if $Apache::AuthDBI::DEBUG > 1;
}
# parse connect attributes, which may be tilde separated lists
my @data_sources = split(/~/, $Attr->{data_source});
my @usernames = split(/~/, $Attr->{username});
my @passwords = split(/~/, $Attr->{password});
$data_sources[0] = '' unless $data_sources[0]; # use ENV{DBI_DSN} if not defined
# obtain the id for the cache
my $data_src = $Attr->{data_source};
$data_src =~ s/\(.+\)//go; # remove any embedded attributes, because of trouble with regexps
# do we want Windows-like case-insensitivity?
$user_sent = lc($user_sent) if $Attr->{uidcasesensitive} eq "off";
$passwd_sent = lc($passwd_sent) if $Attr->{pwdcasesensitive} eq "off";
# check whether the user is cached but consider that the password possibly has changed
my $passwd = '';
if ($CacheTime) { # do we use the cache ?
if ($SHMID) { # do we keep the cache in shared memory ?
semop($SEMID, $obtain_lock) or print STDERR "$prefix semop failed \n";
shmread($SHMID, $Cache, 0, $SHMSIZE) or print STDERR "$prefix shmread failed \n";
$passwd_cached = $2;
$groups_cached = $3;
print STDERR "$prefix cache: found >$ID< >$last_access< >$passwd_cached< \n" if $Apache::AuthDBI::DEBUG > 1;
my (@passwds_to_check, $passwd_to_check);
@passwds_to_check = &get_passwds_to_check($Attr, user_sent=>$user_sent, passwd_sent=>$passwd_sent, password=>$passwd_cached);
print STDERR "$prefix ". scalar(@passwds_to_check) . " passwords to check\n" if $Apache::AuthDBI::DEBUG > 1;;
foreach $passwd_to_check(@passwds_to_check) {
# match cached password with password sent
$passwd = $passwd_cached if $passwd_to_check eq $passwd_cached;
if ($passwd) {
last;
}
}
}
}
if ($passwd) { # found in cache
print STDERR "$prefix passwd found in cache \n" if $Apache::AuthDBI::DEBUG > 1;
} else { # password not cached or changed
print STDERR "$prefix passwd not found in cache \n" if $Apache::AuthDBI::DEBUG;
# connect to database, use all data_sources until the connect succeeds
my $j;
for ($j = 0; $j <= $#data_sources; $j++) {
last if ($dbh = DBI->connect($data_sources[$j], $usernames[$j], $passwords[$j]));
}
unless ($dbh) {
$r->log_reason("$prefix db connect error with data_source >$Attr->{data_source}<: $DBI::errstr", $r->uri);
return MP2 ? Apache2::Const::SERVER_ERROR() : Apache::Constants::SERVER_ERROR();
}
# consider the case with many users sharing the same userid
$passwd .= "$_$;";
}
chop $passwd if $passwd;
undef $passwd if 0 == $sth->rows; # so we can distinguish later on between no password and empty password
if ($sth->err) {
$dbh->disconnect;
return MP2 ? Apache2::Const::SERVER_ERROR() : Apache::Constants::SERVER_ERROR();
}
}
$r->subprocess_env(REMOTE_PASSWORDS => $passwd);
print STDERR "$prefix passwd = >$passwd<\n" if $Apache::AuthDBI::DEBUG > 1;
# check if password is needed
if (!defined($passwd)) { # not found in database
# if authoritative insist that user is in database
if ($Attr->{authoritative} eq 'on') {
$r->log_reason("$prefix password for user $user_sent not found", $r->uri);
$r->note_basic_auth_failure;
return MP2 ? Apache2::Const::AUTH_REQUIRED() : Apache::Constants::AUTH_REQUIRED();
} else {
# else pass control to the next authentication module
return MP2 ? Apache2::Const::DECLINED() : Apache::Constants::DECLINED();
}
}
# allow any password if nopasswd = on and the retrieved password is empty
if ($Attr->{nopasswd} eq 'on' && !$passwd) {
return MP2 ? Apache2::Const::OK() : Apache::Constants::OK();
}
# if nopasswd is off, reject user
unless ($passwd_sent && $passwd) {
$r->log_reason("$prefix user $user_sent: empty password(s) rejected", $r->uri);
$r->note_basic_auth_failure;
return MP2 ? Apache2::Const::AUTH_REQUIRED() : Apache::Constants::AUTH_REQUIRED();
}
# compare passwords
my $found = 0;
my $password;
foreach $password (split(/$;/, $passwd)) {
# compare all the passwords using as many encryption methods in fallback as needed
my (@passwds_to_check, $passwd_to_check);
@passwds_to_check = &get_passwds_to_check($Attr, user_sent=>$user_sent, passwd_sent=>$passwd_sent, password=>$password);
print STDERR "$prefix ". scalar(@passwds_to_check) . " passwords to check\n" if $Apache::AuthDBI::DEBUG > 1;
foreach $passwd_to_check(@passwds_to_check) {
print STDERR "$prefix user $user_sent: Password after Preparation >$passwd_to_check< - trying for a match with >$password< \n" if $Apache::AuthDBI::DEBUG > 1;
if ($passwd_to_check eq $password) {
$found = 1;
$r->subprocess_env(REMOTE_PASSWORD => $password);
print STDERR "$prefix user $user_sent: Password from Web Server >$passwd_sent< - Password after Preparation >$passwd_to_check< - password match for >$password< \n" if $Apache::AuthDBI::DEBUG > 1;
# update timestamp and cache userid/password if CacheTime is configured
if ($CacheTime) { # do we use the cache ?
if ($SHMID) { # do we keep the cache in shared memory ?
semop($SEMID, $obtain_lock) or print STDERR "$prefix semop failed \n";
shmread($SHMID, $Cache, 0, $SHMSIZE) or print STDERR "$prefix shmread failed \n";
substr($Cache, index($Cache, "\0")) = '';
}
# update timestamp and password or append new record
my $now = time;
if (!($Cache =~ s/$ID$;\d+$;.*$;(.*)\n/$ID$;$now$;$password$;$1\n/)) {
$Cache .= "$ID$;$now$;$password$;\n";
} else {
}
if ($SHMID) { # write cache to shared memory
shmwrite($SHMID, $Cache, 0, $SHMSIZE) or print STDERR "$prefix shmwrite failed \n";
semop($SEMID, $release_lock) or print STDERR "$prefix semop failed \n";
}
last;
}
}
#if the passwd matched (encrypted or otherwise), don't check the myriad other passwords that may or may not exist
if ($found > 0) {
last;
}
}
unless ($found) {
$r->log_reason("$prefix user $user_sent: password mismatch", $r->uri);
$r->note_basic_auth_failure;
return MP2 ? Apache2::Const::AUTH_REQUIRED() : Apache::Constants::AUTH_REQUIRED();
}
# logging option
if ($Attr->{log_field} && $Attr->{log_string}) {
if (!$dbh) { # connect to database if not already done
my ($j, $connect);
for ($j = 0; $j <= $#data_sources; $j++) {
if ($dbh = DBI->connect($data_sources[$j], $usernames[$j], $passwords[$j])) {
$connect = 1;
last;
}
}
unless ($connect) {
print STDERR "$prefix return OK\n" if $Apache::AuthDBI::DEBUG > 1;
return MP2 ? Apache2::Const::OK() : Apache::Constants::OK();
}
#Encrypts a password in all supported/requested methods and passes back array for comparison
sub get_passwds_to_check {
my ($Attr, %params) = @_;
my ($prefix) = "$$ Apache::AuthDBI::get_passwds_to_check ";
if ($Attr->{encryption_method} =~ /(^|\/)md5hex($|\/)/i) {
push (@passwds_to_check, &MD5_digest(text=>$params{'passwd_sent'}, format=>'hex'));
}
#CRYPT
if ($Attr->{encryption_method} =~ /(^|\/)crypt($|\/)/i) {
$salt = $Attr->{encryption_salt} eq 'userid' ? $params{'user_sent'} : $params{'password'};
#Bug Fix in v0.94 (marked as 0.93 in file. salt was NOT being sent to crypt) - KAM - 06-16-2005
push (@passwds_to_check, crypt($params{'passwd_sent'}, $salt));
}
#WE DIDN'T GET ANY PASSWORDS TO CHECK. MUST BE A PROBLEM
# here we could read the configuration, but we re-use the configuration from the authentication
# parse connect attributes, which may be tilde separated lists
my @data_sources = split(/~/, $Attr->{data_source});
my @usernames = split(/~/, $Attr->{username});
my @passwords = split(/~/, $Attr->{password});
$data_sources[0] = '' unless $data_sources[0]; # use ENV{DBI_DSN} if not defined
# if not configured decline
unless ($Attr->{pwd_table} && $Attr->{uid_field} && $Attr->{grp_field}) {
print STDERR "$prefix not configured, return DECLINED\n" if $Apache::AuthDBI::DEBUG > 1;
print STDERR "$prefix groups not found in cache \n" if $Apache::AuthDBI::DEBUG;
# connect to database, use all data_sources until the connect succeeds
my ($j, $connect);
for ($j = 0; $j <= $#data_sources; $j++) {
if ($dbh = DBI->connect($data_sources[$j], $usernames[$j], $passwords[$j])) {
$connect = 1;
last;
}
}
unless ($connect) {
PerlAuthenHandler Apache::AuthDBI::authen
PerlAuthzHandler Apache::AuthDBI::authz
PerlSetVar Auth_DBI_data_source dbi:driver:dsn
PerlSetVar Auth_DBI_username db_username
PerlSetVar Auth_DBI_password db_password
#DBI->connect($data_source, $username, $password)
PerlSetVar Auth_DBI_pwd_table users
PerlSetVar Auth_DBI_uid_field username
PerlSetVar Auth_DBI_pwd_field password
# authentication: SELECT pwd_field FROM pwd_table WHERE uid_field=$user
PerlSetVar Auth_DBI_grp_field groupname
# authorization: SELECT grp_field FROM pwd_table WHERE uid_field=$user
require valid-user
http://dbi.perl.org/
Authentication:
For the given username the password is looked up in the cache. If the cache
is not configured or if the user is not found in the cache, or if the given
password does not match the cached password, it is requested from the database.
If the username does not exist and the authoritative directive is set to 'on',
the request is rejected. If the authoritative directive is set to 'off', the
control is passed on to next module in line.
If the password from the database for the given username is empty and the nopasswd
directive is set to 'off', the request is rejected. If the nopasswd directive is set
to 'on', any password is accepted.
Finally the passwords (multiple passwords per userid are allowed) are
retrieved from the database. The result is put into the environment variable
REMOTE_PASSWORDS. Then it is compared to the password given. If the encrypted
directive is set to 'on', the given password is encrypted using perl's crypt()
function before comparison. If the encrypted directive is set to 'off' the
plain-text passwords are compared.
If this comparison fails the request is rejected, otherwise the request is
accepted and the password is put into the environment variable REMOTE_PASSWORD.
The SQL-select used for retrieving the passwords is as follows:
SELECT pwd_field FROM pwd_table WHERE uid_field = user
If a pwd_whereclause exists, it is appended to the SQL-select.
UPDATE pwd_table SET log_field = log_string WHERE uid_field = user
Authorization:
When the authorization handler is called, the authentication has already been
done. This means, that the given username/password has been validated.
The handler analyzes and processes the requirements line by line. The request
is accepted if the first requirement is fulfilled.
In case of 'valid-user' the request is accepted.
If a grp_whereclause exists, it is appended to the SQL-select.
Cache:
The module maintains an optional cash for all passwords/groups. See the
method setCacheTime(n) on how to enable the cache. Every server has it's
own cache. Optionally the cache can be put into a shared memory segment,
so that it can be shared among all servers. See the CONFIGURATION section
on how to enable the usage of shared memory.
=item *
Auth_DBI_data_source (Authentication and Authorization)
The data_source value has the syntax 'dbi:driver:dsn'. This parameter is
passed to the database driver for processing during connect. The data_source
parameter (as well as the username and the password parameters) may be a
tilde ('~') separated list of several data_sources. All of these triples will
be used until a successful connect is made. This way several backup-servers can
be configured. if you want to use the environment variable DBI_DSN instead of
a data_source, do not specify this parameter at all.
The username argument is passed to the database driver for processing during
connect. This parameter may be a tilde ('~') separated list. See the data_source
parameter above for the usage of a list.
=item *
Auth_DBI_password (Authentication and Authorization)
The password argument is passed to the database driver for processing during
connect. This parameter may be a tilde ('~') separated list. See the data_source
parameter above for the usage of a list.
=item *
Auth_DBI_pwd_table (Authentication and Authorization)
Contains at least the fields with the username and the (possibly encrypted)
password. The username should be unique.
=item *
Auth_DBI_uid_field (Authentication and Authorization)
Field name containing the username in the Auth_DBI_pwd_table.
=item *
Auth_DBI_pwd_field (Authentication only)
Field name containing the password in the Auth_DBI_pwd_table.
=item *
Auth_DBI_pwd_whereclause (Authentication only)
Use this option for specifying more constraints to the SQL-select.
sure you know what you are doing when you decide to switch it off.
=item *
Auth_DBI_nopasswd < on / off > (Authentication only)
Default is 'off'. When set 'on' the password comparison is skipped if the
password retrieved from the database is empty, i.e. allow any password. This is
'off' by default to ensure that an empty Auth_DBI_pwd_field does not allow people
to log in with a random password. Be sure you know what you are doing when you
decide to switch it on.
=item *
Auth_DBI_encrypted < on / off > (Authentication only)
Default is 'on'. When set to 'on', the password retrieved from the database
is assumed to be crypted. Hence the incoming password will be crypted before
comparison. When this directive is set to 'off', the comparison is done directly
with the plain-text entered password.
=item *
Auth_DBI_encryption_method < sha1hex/md5hex/crypt > (Authentication only)
Default is blank. When set to one or more encryption method, the password retrieved
from the database is assumed to be crypted. Hence the incoming password will be crypted
before comparison. The method supports falling back so specifying 'sha1hex/md5hex' would
allow for a site that is upgrading to sha1 to support both methods. sha1 is the
recommended method.
=item *
Auth_DBI_encryption_salt < password / userid > (Authentication only)
When crypting the given password AuthDBI uses per default the password selected
from the database as salt. Setting this parameter to 'userid', the module uses
the userid as salt.
=item *
Auth_DBI_uidcasesensitive < on / off > (Authentication and Authorization)
Default is 'on'. When set 'off', the entered userid is converted to lower case.
Also the userid in the password select-statement is converted to lower case.
=item *
Auth_DBI_pwdcasesensitive < on / off > (Authentication only)
Default is 'on'. When set 'off', the entered password is converted to lower
case.
=item *
Auth_DBI_placeholder < on / off > (Authentication and Authorization)
Apache::AuthDBI->setCacheTime(0);
This configures the lifetime in seconds for the entries in the cache.
Default is 0, which turns off the cache. When set to any value n > 0, the
passwords/groups of all users will be cached for at least n seconds. After
finishing the request, a special handler skips through the cache and deletes
all outdated entries (entries, which are older than the CacheTime).
Apache::AuthDBI->setCleanupTime(-1);
PERL_AUTHEN=1 PERL_AUTHZ=1 PERL_CLEANUP=1 PERL_STACKED_HANDLERS=1
=head1 SECURITY
In some cases it is more secure not to put the username and the password in
the .htaccess file. The following example shows a solution to this problem:
httpd.conf:
<Perl>
my($uid,$pwd) = My::dbi_pwd_fetch();
$Location{'/foo/bar'}->{PerlSetVar} = [
[ Auth_DBI_username => $uid ],
[ Auth_DBI_password => $pwd ],
];
</Perl>
=head1 SEE ALSO
Apache-Logmonster
view release on metacpan or search on metacpan
lib/Apache/Logmonster/Utility.pm view on Meta::CPAN
my $question = shift;
my %p = validate(
@_,
{ default => { type => SCALAR|UNDEF, optional => 1 },
timeout => { type => SCALAR, optional => 1 },
password => { type => BOOLEAN, optional => 1, default => 0 },
test_ok => { type => BOOLEAN, optional => 1 },
}
);
my $pass = $p{password};
my $default = $p{default};
if ( ! $self->is_interactive() ) {
$log->audit( "not running interactively, can not prompt!");
return $default;
lib/Apache/Logmonster/Utility.pm view on Meta::CPAN
# Parameters : S - dir - a directory to build programs in
=item check_homedir_ownership
Checks the ownership on all home directories to see if they are owned by their respective users in /etc/password. Offers to repair the permissions on incorrectly owned directories. This is useful when someone that knows better does something like "ch...
######### check_homedir_ownership ############
# Usage : $util->check_homedir_ownership();
# Purpose : repair user homedir ownership
# Returns : 0 - failure, 1 - success
Apache-MP3
view release on metacpan or search on metacpan
directories containing parentheses and other RE
metacharacters
2.05 Fri Aug 25 08:10:04 EDT 2000
Changed directory layout to get faster loading
Now supports HTTP authentication (passwords)
Supports directories with spaces and funny characters
2.04 Tue Aug 22 04:38:07 PDT 2000
Completely revamped to make more object oriented
Apahce::MP3::Sorted subclass
Apache-Mailtrack
view release on metacpan or search on metacpan
lib/Apache/Mailtrack.pm view on Meta::CPAN
database user
=item I<db_pass>
password to be used
=item I<db_table>
name of table we should log to
Apache-MiniWiki
view release on metacpan or search on metacpan
MiniWiki.pm view on Meta::CPAN
$obj->file($file);
return $obj;
}
# This function allows the user to change his or her password, if
# the perl variable "authen" is configured in the Apache configuration
# and points to a valid htpasswd file which is writeable by the user
# executing MiniWiki.
sub newpassword_function {
my ($r, $uri) = @_;
if ($authen eq -1) {
return &pretty_error($r, "Authentication has been disabled in Apache::MiniWiki.");
}
my $q = new CGI;
my $text;
if ($q->param() && ($q->param('password1') eq $q->param('password2'))) {
my $pass1 = $q->param('password1');
$pass1 =~ s/\r//g;
eval {
my $htp = new Apache::Htpasswd($authen);
$htp->htpasswd($r->connection->user, $pass1, 1);
};
if ($@) {
return fatal_error($r, "$@");
}
$text = "Password changed.\n";
} elsif ($q->param() && ($q->param('password1') ne $q->param('password2'))) {
$text = "The passwords doen't match each other.\n";
} else {
$text = <<END;
<form method="post" action="${vroot}/(newpassword)">
<fieldset>
New password: <input type="password" name="password1"><br/>
Again: <input type="password" name="password2"><p>
<input type="submit" name="Change">
</fieldset>
</form>
END
}
MiniWiki.pm view on Meta::CPAN
are needed. What is does support though is:
- storage of Wiki pages in RCS
- templates through HTML::Template
- text to HTML conversion with HTML::FromText
- basic authentication password changes
- uploading of binary (pdf, doc, gz, zip, ps)
- uploading of images (jpg, jpeg, gif, png)
- automatic thumbnailing of large using ImageMagick
- sub directories
- view any revision of a page
MiniWiki.pm view on Meta::CPAN
PerlHandler Apache::MiniWiki
</Location>
=head1 AUTHENTICATION EXAMPLES
Require a password to read/write any page:
<Location /wiki>
PerlAddVar datadir "/home/foo/db/wiki/"
PerlAddVar vroot "/wiki"
PerlAddVar authen "/home/foo/db/htpasswd"
MiniWiki.pm view on Meta::CPAN
AuthName "Sample Wiki"
AuthUserFile /home/foo/db/htpasswd
Require valid-user
</Location>
Public can read, but need password to edit/save/revert a page:
<Location /wiki>
PerlAddVar datadir "/home/foo/db/wiki/"
PerlAddVar vroot "/wiki"
PerlAddVar authen "/home/foo/db/htpasswd"
MiniWiki.pm view on Meta::CPAN
looks for a template to use.
The C<vroot> should match the virtual directory that MiniWiki runs under.
If this variable is set, it should point to a standard htpasswd file
which MiniWiki has write access to. The function to change a users password
is then enabled.
(Optional) The default timezone is GMT-8 (PST). To change to a different timezone,
use the C<timediff> variable. Eg, to change to Amsterdam / Rome:
Apache-MultiAuth
view release on metacpan or search on metacpan
MultiAuth.pm view on Meta::CPAN
Apache::MultiAuth - Choose from a number of authentication modules at runtime
=head1 SYNOPSIS
Put lines like this in your httpd.conf. In this example authorization is requested
for accessing the directory /test. First the credentials (username, password) are
checked against the module Apache::AuthSybase and then against the module
Apache::AuthenSmb. If any of them succeeds, access to /test is granted.
# in httpd.conf
# Important : if not set apachectl configtest will complain about syntax errors
Apache-NNTPGateway
view release on metacpan or search on metacpan
NNTPGateway.pm view on Meta::CPAN
# 2/ Check username validity, by checking if a local (Unix) account
# exists for the user. This check is mainly for posting actions,
# the access protection is not handled in this module.
my $username = (getpwnam($The_User))[6];
# No password entry for this user consider it as anonymous
$The_User = undef if ( !$username && !&is_true( $r->dir_config( 'NNTPGatewayNonLocalPostOk' )));
# 3/ Check if user allowed to use this service ... And build a choice of possible
# From addresses.
if ( $Anonymous_Post_Allowed ) {
Apache-OWA
view release on metacpan or search on metacpan
$r->warn('Apache::OWA::auth_handler start.') if ($DEBUG > 1);
my ($sent_pw, $user, $db);
# get username & password
(my $res, $sent_pw) = $r->get_basic_auth_pw;
return $res if $res != OK;
$user = $r->connection->user;
# need both username & password
unless ( $user && $sent_pw) {
$r->note_basic_auth_failure;
$r->warn('Apache::OWA::auth_handler exit(AUTH_REQUIRED)') if ($DEBUG > 1);
return AUTH_REQUIRED;
}
things. Then it passes control on to the content-handler, so if you
use this you don't need to specify "PerlHandler Apache::OWA". It
might also be useful in combination with "PerlSetVar SCHEMA".
PerlSetVar DB_AUTH true
Uses database uername and password to authenticate. If no DAD-string
is set, it can also use the supplied username and password to execute
your PL/SQL application.
PerlSetVar DB_PROC_AUTH schema.function
Uses an arbitrary PL/SQL procedure or function to authenticate.
The procedure should take the username and password as arguments
and return 0 for success and more than 0 for failure.
PerlSetVar NEVER_USE_WEIRD_TYPES 1
Only set this if you know that you never use multi-value CGI variables
that need to be mapped to PL/SQL Table datatypes. Finding these datatypes
Apache-PSP
view release on metacpan or search on metacpan
lib/Template/PSP.pm view on Meta::CPAN
# if (lc($list[0]) eq "basic")
# {
# my $encoded = pop(@list);
# my $decoded = decode_base64($encoded);
#
# ($AUTH->{username}, $AUTH->{password}) = split(/:/, $decoded);
# }
# }
return 1;
}
Apache-PageKit
view release on metacpan or search on metacpan
eg/Model/MyPageKit/Common.pm view on Meta::CPAN
my $sql_str = "SELECT user_id, passwd FROM pkit_user WHERE login=?";
my ($user_id, $dbpasswd) = $dbh->selectrow_array($sql_str, {}, $login);
unless ($user_id && $dbpasswd && $epasswd eq crypt($dbpasswd,$epasswd)){
$model->pkit_gettext_message("Your login/password is invalid. Please try again.",
is_error => 1);
return;
}
no strict 'refs';
Apache-Roaming
view release on metacpan or search on metacpan
lib/Apache/Roaming.pm view on Meta::CPAN
chmod 700 /home/httpd/html/roaming
with I<nobody> being the web server user.
Access to the roaming directory must be restricted and enabled via
password only. Finally tell the web server, that Apache::Roaming is
handling requests to this directory by adding something like this
to your srm.conf or access.conf:
PerlModule Apache::Roaming
<Location /roaming>
Apache-SWIT-Security
view release on metacpan or search on metacpan
lib/Apache/SWIT/Security/DB/Schema.pm view on Meta::CPAN
my $dbh = shift;
local $ENV{AS_SECURITY_SALT} = 'ajweqwe';
$dbh->do(q{ create table users (
id serial primary key,
name text unique not null,
password text not null) without oids });
$dbh->do(q{ insert into users (name, password)
values ('admin', '} . Hash('password') . q{') });
$dbh->do(q{ create table user_roles (
user_id integer not null references users(id)
on delete cascade,
role_id smallint not null,
Apache-SWIT
view release on metacpan or search on metacpan
t/T/HTError.pm view on Meta::CPAN
use HTML::Tested::Value::PasswordBox;
sub swit_startup {
my $rc = shift()->ht_make_root_class;
$rc->ht_add_widget(HTV."::EditBox", 'name');
$rc->ht_add_widget(HTV."::PasswordBox", 'password');
$rc->ht_add_widget(HTV, 'error');
$rc->ht_add_widget(::HTV."::Form", form => default_value => 'u');
}
sub ht_swit_render {
t/T/HTError.pm view on Meta::CPAN
sub ht_swit_validate_die {
my ($class, $errs, $r, $root) = @_;
my $res = $root->name eq 'foo' ? "r?error=validate"
: "r?error=validie&error_uri=" . $r->uri;
return ($res, 'password');
}
sub ht_swit_update_die {
my ($class, $msg, $r, $root) = @_;
return $class->SUPER::swit_die(@_) unless $msg =~ /Hoho/;
return ("r?error=updateho", "password");
}
sub ht_swit_update {
my ($class, $r, $root) = @_;
return [ Apache2::Const::FORBIDDEN() ] if $root->name eq 'FORBID';
return $class->swit_failure('r?error=failure', 'password')
if $root->name eq 'fail';
die "Hoho";
return "r";
}
Apache-SdnFw
view release on metacpan or search on metacpan
lib/Apache/SdnFw/lib/Core.pm view on Meta::CPAN
if ($vendor->{ftp_type} eq 'ftps') {
eval "use Net::FTPSSL";
if ($@) { croak "$@"; }
my ($server,$port) = split ':', $vendor->{ftp_server};
print "Logging into $server : $port : $vendor->{ftp_username} : $vendor->{ftp_password}\n" if ($s->{v});
$port = '21' unless($port);
$ftp = Net::FTPSSL->new($server,
Port => $port,
useSSL => 1,
Debug => 2,
)
|| die "Can not connect to $vendor->{ftp_server}: $@";
$ftp->login($vendor->{ftp_username},$vendor->{ftp_password})
|| die "Login failed to $vendor->{ftp_server}: $@";
print "Connected\n" if ($s->{v});
my @dirs = $ftp->nlst();
lib/Apache/SdnFw/lib/Core.pm view on Meta::CPAN
}
} elsif ($vendor->{ftp_type} eq 'ftp') {
print "Logging into $vendor->{ftp_server}\n" if ($s->{v});
$ftp = Net::FTP->new($vendor->{ftp_server})
|| die "Can not connect to $vendor->{ftp_server}: $@";
$ftp->login($vendor->{ftp_username},$vendor->{ftp_password})
|| die "Login failed to $vendor->{ftp_server}: $@";
print "Connected\n" if ($s->{v});
my @dirs = $ftp->ls();
lib/Apache/SdnFw/lib/Core.pm view on Meta::CPAN
v => [ $edi_vendor_id ]);
croak "Invalid edi_vendor $edi_vendor_id" unless($hash{edi_vendor_id});
if ($s->{env}{DEV}) {
foreach my $k (qw(ftp_username ftp_server ftp_password ftp_path)) {
$hash{$k} = $hash{"test_$k"} if ($hash{"test_$k"});
}
}
my $ext = $hash{fileext} || '.edi';
lib/Apache/SdnFw/lib/Core.pm view on Meta::CPAN
$port = '21' unless($port);
my $ftp = Net::FTPSSL->new($server,
Port => $port,
)
|| die "Can not connect to $hash->{ftp_server}: $@";
$ftp->login($hash->{ftp_username},$hash->{ftp_password})
|| die "Login failed to $hash->{ftp_server}: $@";
if ($hash->{ftp_path}) {
print "CWD $hash->{ftp_path}\n";
$ftp->cwd($hash->{ftp_path}) || die "Error cwd to $hash->{ftp_path}: ",$ftp->message;
lib/Apache/SdnFw/lib/Core.pm view on Meta::CPAN
sub _ftp_file {
my $hash = shift;
my $filename = shift;
my $ftp = Net::FTP->new($hash->{ftp_server}) || die "Can not connect to $hash->{ftp_server}: $@";
$ftp->login($hash->{ftp_username},$hash->{ftp_password}) || die "Login failed to $hash->{ftp_server}: $@";
if ($hash->{ftp_path}) {
#print "CWD $hash->{ftp_path}\n";
$ftp->cwd($hash->{ftp_path}) || die "Error cwd to $hash->{ftp_path}: ",$ftp->message;
}
lib/Apache/SdnFw/lib/Core.pm view on Meta::CPAN
$str .= " $desc" if ($desc);
return $str;
}
sub html_password {
=head2 html_password
my $html = $s->html_password($key,$value,[$size]);
=cut
my $s = shift;
my $key = $s->escape(shift);
my $value = $s->escape(shift);
my $size = shift;
$key = "$s->{acfb}::$key" if ($s->{acfb});
my $str = qq(<input type="password" name="$key" value="$value" autocomplete="off");
$str .= qq( size="$size") if ($size);
$str .= '>';
return $str;
}
lib/Apache/SdnFw/lib/Core.pm view on Meta::CPAN
}
sub _interface_check_login {
my $s = shift;
if ($s->{in}{interface_email} && $s->{in}{interface_password}) {
$s->{in}{interface_email} = lc $s->{in}{interface_email};
my %hash = $s->db_q("
SELECT *
FROM $s->{o}{view}
WHERE interface_email=?
lib/Apache/SdnFw/lib/Core.pm view on Meta::CPAN
v => [ $s->{in}{interface_email} ],
);
my $md5pass;
if ($s->{env}{DEV}) {
# skip password checking on dev
$md5pass = $hash{interface_password};
} else {
$md5pass = md5_hex($hash{interface_email}.$s->{in}{interface_password});
}
if ($md5pass eq $hash{interface_password}) {
my $cookie = $s->_interface_cookie_key(
id => $hash{$s->{o}{id}},
password => $hash{interface_password},
);
$s->{$s->{o}{id}} = $hash{$s->{o}{id}};
$s->{$s->{o}{interface}} = { %hash };
push @{$s->{r}{set_cookie}}, "IL=$cookie; path=/;";
$s->db_update_key($s->{o}{table},$s->{o}{id},$hash{$s->{o}{id}},{
interface_cookie => $cookie,
});
return 1;
} else {
$s->{error}{login} = "Invalid password";
}
}
return 0;
}
lib/Apache/SdnFw/lib/Core.pm view on Meta::CPAN
);
if ($hash{$s->{o}{id}}) {
my $validate = $s->_interface_cookie_key(
id => $hash{$s->{o}{id}},
password => $hash{interface_password},
);
if ($validate eq $s->{cookies}{IL}) {
$s->{$s->{o}{id}} = $hash{$s->{o}{id}};
$s->{$s->{o}{interface}} = { %hash };
lib/Apache/SdnFw/lib/Core.pm view on Meta::CPAN
v => [ $new, $employee{employee_id} ]);
$s->sendmail(to => $employee{email},
from => 'root@'.$s->{server_name},
subject => 'Password Reset',
body => "Your password at $s->{server_name} has has been reset\n\n".
"username: $employee{login}\n".
"password: $new\n\n".
"Please login, and then go change your password.");
$s->{error}{login} = "Your password has been reset and sent to $employee{email}";
} else {
$s->{error}{login} = "Unknown email";
$s->{in}{forgot} = 1;
}
} else {
lib/Apache/SdnFw/lib/Core.pm view on Meta::CPAN
}
}
return 1;
} else {
$s->{error}{login} = "Invalid password or login";
}
} elsif ($s->{env}{IP_LOGIN}) {
my %hash = $s->db_q("
SELECT *
FROM employees_v_login
Apache-SearchEngineLog
view release on metacpan or search on metacpan
SearchEngineLog.pm view on Meta::CPAN
{
my $l = shift;
my $db_source = $ENV{'DBI_data_source'} or $l->error ("Apache::SearchEngineLog: DBI_data_source not defined");
my $db_user = $ENV{'DBI_username'} or $l->error ("Apache::SearchEngineLog: DBI_username not defined");
my $db_passwd = $ENV{'DBI_password'} or $l->error ("Apache::SearchEngineLog: DBI_password not defined");
my $db_table = (defined $ENV{'DBI_table'} ? $ENV{'DBI_table'} : 'hits');
if ($DBH = DBI->connect ($db_source, $db_user, $db_passwd))
{
$l->info ("Apache::SearchEngineLog: Database connection established");
SearchEngineLog.pm view on Meta::CPAN
#in httpd.conf
PerlSetEnv DBI_data_source dbi:driver:dsn
PerlSetEnv DBI_username username
PerlSetEnv DBI_password password
PerlSetEnv DBI_table db_table #optional, defaults to "hits"
PerlSetEnv DBI_timeout seconds #optional, defaults to 120
PerlModule Apache::SearchEngineLog
Apache-SecSess
view release on metacpan or search on metacpan
At one level beneath SecSess (SecSess::Cookie.pm and SecSess::URL.pm),
are the methods for interpreting and manipulating credentials.
At the lowest level, are subclasses which "know" how to interpret the
*initial* identifying information during the issuance of credentials.
So, *::Cookie::LoginForm presents the client with a user/password
login form for identification. And thus the difference between
*::Cookie::URL and *::URL::Cookie is that the former will issue cookies
after validating an URL credential, and the latter will "issue" an URL
credential (typically it will redirect to a resource with realm=cred in
the URL) after validating a cookie.
are sorted lexicographically to determine which cookies to use. The
cleartext values are not trusted.)
The QOP parameters are separated to allow flexibility in the threat model.
In the simplest paradigm (and first demo examples), qop=0 and authqop=40,
which merely indicates that the user ID's and passwords are protected with
SSL but the web docs acquired with them are not. This is somewhat common
over intranets. Under the stronger threat model of an active adversary
who controls the untrusted network, true end-to-end security is
required, but we may still wish to separate session and authentication
qualities of protection. For example, if all SSL sessions never drop
below 128-bits, we may still choose to allow weaker strength during user
authentication, say with a 20-bit PIN or one-time password. Scientific
cryptography cannot always afford to distinguish between an attack which
costs 2^20 computations and one which succeeds with probability 1/2^20,
because with 1 million users, the two situations are identical. But, for
practical risk assessment, it may be perfectly acceptable to trade strong
session credentials for weak login credentials.
form 'realm:0,0=value', and a secure one of form 'realm:40,40=value'.
cookieDomain => {'0,40' => 'lysander.acme.com'}
will set a single non-secure cookie for the given host. This is a
common paradigm for protecting passwords over an intranet.
cookieDomain => {
0 => '.acme.com',
40 => '.acme.com', # weak wildcard domain
'64,128' => '.sec.acme.com', # stronger wildcard domain
dbo => Apache::SecSess::DBI->new(
dbifile => '/usr/local/apache/conf/private/dbilogin.txt'
),
UNFINISHED. Apache::SecSess was designed to abstractly handle user
information. All user ID, password, X.509 DN queries are handled through
an opaque object of class Apache::SecSess::DBI.
Since there is no documentation for this version, you must follow the
instructions in INSTALL to get it to work. Read db/* for more
info.
Apache-Session-Browseable
view release on metacpan or search on metacpan
lib/Apache/Session/Browseable/Cassandra.pm view on Meta::CPAN
a_session text
);
=head1 CONFIGURATION
The module must know what datasource, username, and password to use when
connecting to the database. These values can be set using the options hash
(see Apache::Session documentation). The options are DataSource, UserName,
and Password.
Example:
Apache-Session-Counted
view release on metacpan or search on metacpan
lib/Apache/Session/Counted.pm view on Meta::CPAN
my $rhexid = sprintf "%08x", $c->inc;
my $hexid = scalar reverse $rhexid; # optimized for treestore. Not
# everything in one directory
# we have entropy as bad as rand(). Typically not very good.
my $password = sprintf "%08x%08x", rand(0xffffffff), rand(0xffffffff);
if (exists $self->{args}{HostID}) {
return sprintf "%s:%s_%s", $self->{args}{HostID}, $hexid, $password;
} else {
return $hexid . "_" . $password;
}
}
1;
lib/Apache/Session/Counted.pm view on Meta::CPAN
session ID in Apache::Session::Counted consists of two or three parts:
an optional host alias given by the HostID paramter, followed by a
colon. Then an ordinary number which is a simple counter which is
followed by an underscore. And finally a session-ID like the one in
Apache::Session. The number part is used as an identifier of the
session and the ID part is used as a password. The number part is
easily predictable, but the second part is reasonable unpredictable.
We use the first part for implementation details like storage on the
disk and the second part to verify the ownership of that token.
=head1 PREREQUISITES
Apache-Session
view release on metacpan or search on metacpan
lib/Apache/Session.pm view on Meta::CPAN
if ($@) {
die "Global data is not accessible: $@";
}
my $dbh = DBI->connect($global_data{datasource},
$global_data{username}, $global_data{password}) || die $DBI::errstr;
undef %global_data;
#program continues...
lib/Apache/Session.pm view on Meta::CPAN
my %session;
tie %session, 'Apache::Session::MySQL', $cookie, {
DataSource => 'dbi:mysql:sessions', #these arguments are
UserName => 'mySQL_user', #required when using
Password => 'password', #MySQL.pm
LockDataSource => 'dbi:mysql:sessions',
LockUserName => 'mySQL_user',
LockPassword => 'password'
};
#Might be a new session, so lets give them their cookie back
my $session_cookie = "SESSION_ID=$session{_session_id};";
( run in 1.268 second using v1.01-cache-2.11-cpan-49f99fa48dc )