Result:
found more than 542 distributions - search limited to the first 2001 files matching your query
( run in 0.437 )
Apache-Voodoo
view release on metacpan or search on metacpan
lib/Apache/Voodoo/Loader/Dynamic.pm view on Meta::CPAN
$self->{'object'} = $self->load_module;
$self->{'mtime'} = $self->get_mtime;
# zap our created closures.
foreach my $method (keys %{$self->{'provides'}}) {
# a little help from the Cookbook 10.14
no strict 'refs';
no warnings 'redefine';
*$method = undef;
}
$self->{'provides'} = {};
lib/Apache/Voodoo/Loader/Dynamic.pm view on Meta::CPAN
$self->{'provides'}->{$method} = 1;
# If we used the autoloader to get here, then we want to keep using
# it. Bypass the creation of the closure.
unless ($nosub) {
# create a closeure for this method (a little help from the Cookbook 10.14)
no strict 'refs';
no warnings 'redefine';
*$method = sub { my $self = shift; return $self->_handle($method,@_); };
}
return 1;
Apache-WinBitHack
view release on metacpan or search on metacpan
WinBitHack.pm view on Meta::CPAN
This module is free software. It may be used, redistributed
and/or modified under the same terms as Perl itself.
=head1 HISTORY
This code is derived from the I<Cookbook::WinBitHack> module,
available as part of "The mod_perl Developer's Cookbook".
For more information, visit http://www.modperlcookbook.org/
=cut
Apache-Wombat
view release on metacpan or search on metacpan
lib/Apache/Wombat/Connector.pm view on Meta::CPAN
my $uri = $apr->uri();
my $sessionID = Wombat::Util::RequestUtil->decodeURI(\$uri);
$request->setRequestURI($uri);
if ($sessionID) {
$request->setRequestedSessionId($sessionID);
$request->setRequestedSessionCookie(undef);
$request->setRequestedSessionURL(1);
}
# locales
my $acceptLangHdr = $apr->header_in('Accept-Language');
for my $locale (Wombat::Util::RequestUtil->parseLocales($acceptLangHdr)) {
$request->addLocale($locale);
}
# cookies and maybe session ID stuff
my $cookieHdr = $apr->header_in('Cookie');
for my $cookie (Wombat::Util::RequestUtil->parseCookies($cookieHdr)) {
if ($cookie->getName() eq Wombat::Globals::SESSION_COOKIE_NAME) {
# override session id specified in URI
$request->setRequestedSessionId($cookie->getValue());
$request->setRequestedSessionCookie(1);
$request->setRequestedSessionURL(undef);
# don't add session cookie
next;
}
$request->addCookie($cookie);
}
# headers
my $headers = $apr->headers_in();
while (my ($key, $val) = each %$headers) {
Apache-Wyrd
view release on metacpan or search on metacpan
Wyrd/Cookie.pm view on Meta::CPAN
package Apache::Wyrd::Cookie;
use 5.006;
use strict;
use warnings;
no warnings qw(uninitialized redefine);
our $VERSION = '0.98';
Wyrd/Cookie.pm view on Meta::CPAN
my $have_apr = 1;
if ($ENV{AUTOMATED_TESTING}) {
#If this is a smoker, the APR method is required.
use base qw(Apache::Cookie);
} else {
#set environment variables WYRD_USE_CGI or WYRD_USE_APR
#to force the use of libapreq or CGI
Wyrd/Cookie.pm view on Meta::CPAN
$force_apr = 1;
}
my $init_error = '';
if (!$force_cgi) {
eval('use Apache::Cookie');
if ($@) {
$init_error = $@;
die "$@" if ($force_apr);
}
}
if ($init_error or $force_cgi) {
eval('use CGI::Cookie');
die "$@" if ($@);
$have_apr = 0;
push @ISA, 'CGI::Cookie';
} else {
push @ISA, 'Apache::Cookie';
}
}
=pod
=head1 NAME
Apache::Wyrd::Cookie - Consistency wrapper for Apache::Cookie and CGI::Cookie
=head1 SYNOPSIS
use Apache::Wyrd::Cookie;
#$req is Apache request object
my $cookie = Apache::Wyrd::Cookie->new(
$req,
-name=>'check_cookie',
-value=>'checking',
-domain=>$req->hostname,
-path=>($auth_path || '/')
);
$cookie->bake;
my %cookie = Apache::Wyrd::Cookie->fetch;
my $g_value = $cookie{'gingerbread'};
=head1 DESCRIPTION
Wrapper for C<Apache::Cookie> or C<CGI:Cookie> cookies. This class is provided
for no other reason than to make the C<new> and C<bake> methods consistent in
their requirements between these modules, which they are not normally.
Otherwise, C<Apache::Wyrd::Cookie> behaves entirely like C<Apache::Cookie> or
C<CGI::Cookie> depending on which is installed and takes the same arguments to
its methods. Please refer to the documentation for those modules.
The normal behavior is to favor C<Apache::Cookie>. If it is not installed, it
will attempt to use CGI. Failing both, it will call C<die()>, causing a server
error. You can force the use of C<Apache::Cookie> or C<CGI::Cookie> by setting
the WYRD_USE_CGI or WYRD_USE_APR environment variables. If the forced module
fails to load, the module will C<die()>, causing a server error. Note that
using these environement variables also affects the behavior of
C<Apache::Wyrd::Cookie>.
=cut
sub new {
my $class = shift;
my @caller = caller;
return CGI::Cookie->new(@_) if ($caller[0] eq 'CGI::Cookie');
my $req = shift;
my $data = {};
if ($have_apr) {
$data = Apache::Cookie->new($req, @_);
} else {
$data = CGI::Cookie->new(@_);
$data->{'_wyrd_req'} = $req;
}
bless $data, $class;
return $data;
}
Wyrd/Cookie.pm view on Meta::CPAN
my $self = shift;
return $self->SUPER::bake if ($have_apr);
my $req = $self->{'_wyrd_req'};
die('Cannot determine the Apache object. Perhaps you are attempting to bake a fetched cookie?')
unless (UNIVERSAL::isa($req, 'Apache'));
$req->err_headers_out->add("Set-Cookie" => ($self->as_string));
$req->headers_out->add("Set-Cookie" => ($self->as_string));
}
=pod
=head1 BUGS/CAVEATS/RESERVED METHODS
Wyrd/Cookie.pm view on Meta::CPAN
=item Apache::Wyrd
General-purpose HTML-embeddable perl object
=item Apache::Cookie
Cookies under Apache
=back
=head1 LICENSE
Apache-iNcom
view release on metacpan or search on metacpan
demo/conf/startup.pl view on Meta::CPAN
# mod_perl startup file
#
# Add module to preload here
use Apache;
use Apache::Cookie;
use Apache::Request;
use Apache::DBI;
use HTML::Embperl;
Apache2-API
view release on metacpan or search on metacpan
lib/Apache2/API/Request.pm view on Meta::CPAN
use Apache2::Log;
use APR::Pool ();
use APR::Request ();
use APR::Socket ();
use APR::SockAddr ();
use APR::Request::Cookie;
use APR::Request::Apache2;
# For subnet_of() method
use APR::IpSubnet ();
use Apache2::API::Request::Params;
use Apache2::API::Request::Upload;
use Apache2::API::DateTime;
use Apache2::API::Query;
use Apache2::API::Status;
use Cookie::Jar;
use DateTime;
use Encode ();
use File::Which ();
use HTTP::AcceptLanguage;
use JSON ();
lib/Apache2/API/Request.pm view on Meta::CPAN
return( $ct ) if( !scalar( @_ ) );
$self->error( "Warning only: caller is trying to use ", ref( $self ), " to set the content-type. Use Apache2::API::Response for that instead." ) if( @_ );
return( $self->request->content_type( @_ ) );
}
# To get individual cookie sent. See APR::Request::Cookie
# APR::Request::Cookie
# sub cookie { return( shift->cookies->get( @_ ) ); }
sub cookie
{
my $self = shift( @_ );
my $name = shift( @_ );
# An erro has occurred if this is undef
my $jar = $self->cookies || return( $self->pass_error );
# Cookie::Jar might return undef if there was no match
my $v = $jar->get( $name );
return( $v ) unless( $v );
return( $v->value );
}
lib/Apache2/API/Request.pm view on Meta::CPAN
sub cookies
{
my $self = shift( @_ );
return( $self->{_jar} ) if( $self->{_jar} );
my $jar = Cookie::Jar->new( request => $self->request, debug => $self->debug ) ||
return( $self->error( "An error occurred while trying to instantiate a new Cookie::Jar object: ", Cookie::Jar->error ) );
$jar->fetch;
$self->{_jar} = $jar;
return( $jar );
}
lib/Apache2/API/Request.pm view on Meta::CPAN
my $len = $req->content_length;
# text/plain
my $ct = $req->content_type;
# Get a Cookie object
my $cookie = $req->cookie( $name );
# Cookie::Jar object
my $jar = $req->cookies;
# get data string sent by client
my $data = $req->data;
lib/Apache2/API/Request.pm view on Meta::CPAN
=head2 cookie
Returns the current value for the given cookie name, which may be C<undef> if nothing is found.
This works by calling the L</cookies> method, which returns a L<cookie jar object|Cookie::Jar>.
=head2 cookies
Returns a L<Cookie::Jar> object acting as a jar with various methods to access, manipulate and create cookies.
=head2 data
This method reads the data sent by the client. It takes an optional hash or hash reference of the following options:
lib/Apache2/API/Request.pm view on Meta::CPAN
The difference between L</headers_out> (L<Apache2::RequestRec/headers_out>) and L</err_headers_out> (L<Apache2::RequestRec/err_headers_out>), is that the latter are printed even on error, and persist across internal redirects (so the headers printed ...
For example, if a handler wants to return a C<404> response, but nevertheless to set a cookie, it has to be:
$req->err_headers_out->add( 'Set-Cookie' => $cookie );
return( Apache2::Const::NOT_FOUND );
If the handler does:
$req->headers_out->add( 'Set-Cookie' => $cookie );
return( Apache2::Const::NOT_FOUND );
the C<Set-Cookie> header will not be sent.
See L<Apache2::RequestRec> for more information.
=head2 filename
lib/Apache2/API/Request.pm view on Meta::CPAN
Returns the list of the headers as special hash, which is actually an L<APR::Table> object.
If a header name is provided, you can retrieve its value like so:
my $cookie = $req->headers_in->{Cookie} || '';
=head2 headers_out
This is identical to L</headers_in>, as it returns a L<APR::Table> object.
Apache2-ASP
view release on metacpan or search on metacpan
lib/Apache2/ASP/Request.pm view on Meta::CPAN
return $s->context->r->args;
}# end QueryString()
#==============================================================================
sub Cookies
{
my $s = shift;
return { } unless $s->context->headers_in->{cookie};
lib/Apache2/ASP/Request.pm view on Meta::CPAN
my ( $name, $val ) = map { $s->context->cgi->unescape( $_ ) } split /\=/, $item;
$out{$name} = $val;
}# end foreach()
@_ ? $out{$_[0]} : \%out;
}# end Cookies()
#==============================================================================
sub FileUpload
{
lib/Apache2/ASP/Request.pm view on Meta::CPAN
my $form_args = $Request->Form;
my $querystring = $Request->QueryString;
my $cookies = $Request->Cookies;
my $cookie = $Request->Cookies('name');
my $vars = $Request->ServerVariables;
my $var = $Request->ServerVariables('HTTP_HOST');
lib/Apache2/ASP/Request.pm view on Meta::CPAN
=head2 ServerVariables( [$name] )
If called with no arguments, returns C<%ENV>. If called with an argument, returns
C<$ENV{$name}> where C<$name> is the value of the argument.
=head2 Cookies( [$name] )
If called with no arguments, returns a hash of all cookies. Otherwise, returns
the value of the cookie named C<$name>.
=head1 PUBLIC PROPERTIES
Apache2-AUS
view release on metacpan or search on metacpan
lib/Apache2/AUS.pm view on Meta::CPAN
my $session = $r->aus_session || create_session($r);
my $use_count = $session->param('_use_count');
$use_count ++;
$session->param('_use_count', $use_count);
$r->headers_out->add('Set-Cookie', bake_session_cookie($r, $session));
$r->aus_session($session);
$r->push_handlers(PerlFixupHandler => \&_Fixup);
if(my $u = $session->user) {
$r->user($u->{id});
Apache2-ApacheMobileFilter
view release on metacpan or search on metacpan
lib/Apache2/AMF51DegreesFilter.pm view on Meta::CPAN
if ($ENV{AMFProductionMode}) {
$cookiecachesystem=$ENV{AMFProductionMode};
$CommonLib->printLog("AMFProductionMode is: $cookiecachesystem");
} else {
$CommonLib->printLog("AMFProductionMode (the CookieCacheSystem is deprecated) is not setted the default value is $cookiecachesystem");
}
if ($ENV{Personal51DegreesFileName}) {
$personal51Degreesurl=$ENV{AMFMobileHome}."/".$ENV{Personal51DegreesFileName};
$CommonLib->printLog("Personal51DegreesFileName is: $ENV{Personal51DegreesFileName}");
}
lib/Apache2/AMF51DegreesFilter.pm view on Meta::CPAN
my $type_redirect="internal";
my $return_value;
my $dummy="";
my $variabile2="";
my %ArrayCapFound;
my $controlCookie;
my $query_img="";
$ArrayCapFound{is_transcoder}='false';
$ArrayCapFound{'IsMobile'}='true';
my %ArrayQuery;
lib/Apache2/AMF51DegreesFilter.pm view on Meta::CPAN
$user_agent=lc($x_user_agent);
}
if ($x_operamini_phone_ua) {
$user_agent=lc($x_operamini_phone_ua);
}
my $cookie = $f->headers_in->{Cookie} || '';
$id=$CommonLib->readCookie($cookie);
my $amfFull=$CommonLib->readCookie_fullB($cookie);
if ($query_string) {
my @vars = split(/&/, $query_string);
foreach $var (sort @vars){
if ($var) {
my ($v,$i) = split(/=/, $var);
lib/Apache2/AMF51DegreesFilter.pm view on Meta::CPAN
}
if (($ArrayQuery{amf}) && $restmode eq 'true') {
$user_agent=lc($ArrayQuery{amf});
}
if ($ArrayQuery{$mobilenable}) {
$f->err_headers_out->set('Set-Cookie' => "amfFull=false; path=/;");
$amfFull='ok';
}
}
lib/Apache2/AMF51DegreesFilter.pm view on Meta::CPAN
$f->pnotes('id' => $id);
$cacheSystem->store( '51Degrees-id', $id, $variabile2 );
$cacheSystem->store( '51Degrees-ua', $user_agent, $id);
}
if ($cookiecachesystem eq "true") {
$f->err_headers_out->set('Set-Cookie' => "amf=$id; path=/;");
}
}
}
if ($ArrayCapFound{'ScreenPixelsWidth'} ne 'Unknown') {
$f->pnotes("max_image_width" => $ArrayCapFound{'ScreenPixelsWidth'});
Apache2-AuthAny
view release on metacpan or search on metacpan
bin/clean-cookie-table.pl view on Meta::CPAN
use Apache2::AuthAny::DB ();
use Data::Dumper qw(Dumper);
my $db = Apache2::AuthAny::DB->new();
$db->cleanupCookies();
Apache2-AuthCAS
view release on metacpan or search on metacpan
lib/Apache2/AuthCAS.pm view on Meta::CPAN
"PretendBasicAuth" => 0,
"Service" => undef,
"ProxyService" => undef,
"ErrorUrl" => "http://localhost/cas/error/",
"SessionCleanupThreshold" => 10,
"SessionCookieName" => "APACHECAS",
"SessionCookieDomain" => undef,
"SessionCookieSecure" => 0,
"SessionTimeout" => 1800,
"RemoveTicket" => 0,
"NumProxyTickets" => 0,
"DbDriver" => "Pg",
lib/Apache2/AuthCAS.pm view on Meta::CPAN
{
return $self->proxy_receptor($params{'pgtIou'}, $params{'pgt'});
}
# Check for a session cookie
if (my $cookie = $r->headers_in->{'Cookie'})
{
# we have a session cookie, so we need to get the session id
$self->logMsg("cookie found: '$cookie'", $LOG_DEBUG);
# get session id from the cookie
my $cookieName = $self->casConfig("SessionCookieName");
$cookie =~ /.*$cookieName=([^;]+)(\s*;.*|\s*$)/;
my $sid = $1;
$self->logMsg(($sid ? "" : "no") . " session id found", $LOG_DEBUG);
# Check for a valid session id
lib/Apache2/AuthCAS.pm view on Meta::CPAN
{
# if something bad happened, like database unavailability
return $self->redirect($self->casConfig("ErrorUrl"), $ERROR_CODES{"DB"});
}
my $cookie = $self->casConfig("SessionCookieName") . "=$sid;path=/";
if ($self->casConfig("SessionCookieDomain"))
{
$cookie .= ";domain=." . $self->casConfig("SessionCookieDomain");
}
if ($self->casConfig("SessionCookieSecure"))
{
$cookie .= ";secure";
}
# send the cookie to the browser
$self->setHeader(0, 'Set-Cookie', $cookie);
# in case we redirect (considered an "error")
$r->err_headers_out->{"Set-Cookie"} = $cookie;
if ($self->casConfig("ProxyService"))
{
return $self->do_proxy($sid, undef, $user, 1);
}
lib/Apache2/AuthCAS.pm view on Meta::CPAN
# session cleanup is performed with a threshold of 10)
CASSessionCleanupThreshold 10
# Session cookie configuration for this service
CASSessionCookieDomain ""
CASSessionCookieName "APACHECAS"
CASSessionTimeout 1800
# Should the ticket parameter be removed from the URL?
CASRemoveTicket 0
lib/Apache2/AuthCAS.pm view on Meta::CPAN
);
Add indexes and adjust as appropriate for your database and usage.
SSL
Be careful not to use the CASSessionCookieSecure flag with an HTTP resource.
If this flag is set and the protocol is HTTP, then no cookie will get sent
to Apache and Apache2::AuthCAS may act very strange.
Be sure to set CASSessionCookieSecure only on HTTPS resources!
=head1 COMPATIBILITY
This module will only work with mod_perl2. mod_perl1 is not supported.
Apache2-AuthCASSimple
view release on metacpan or search on metacpan
lib/Apache2/AuthCASSimple.pm view on Meta::CPAN
=item *
Old expired sessions files must be deleted with an example provided script : C<delete_session_data.pl>
=item *
L<Apache::Session::Wrapper> certainly need L<Apache2::Cookie>
=item *
C<$r> must be global for sessions with L<Apache::Session::Wrapper>, add
PerlOptions +GlobalRequest
Apache2-AuthCASpbh
view release on metacpan or search on metacpan
lib/Apache2/AuthCASpbh.pm view on Meta::CPAN
req_override => Apache2::Const::OR_ALL,
args_how => Apache2::Const::TAKE1,
errmsg => '<seconds>',
default => '3600'
},
{ name => 'SessionCookieName',
func => __PACKAGE__ . '::StoreConfig',
cmd_data => '^[a-zA-z0-9_-]+$',
req_override => Apache2::Const::OR_ALL,
args_how => Apache2::Const::TAKE1,
errmsg => '<[a-zA-z0-9_-]+>',
default => 'AuthCAS_Session'
},
{ name => 'SessionCookiePath',
func => __PACKAGE__ . '::StoreConfig',
cmd_data => '^/([^?#]+)$',
req_override => Apache2::Const::OR_ALL,
args_how => Apache2::Const::TAKE1,
errmsg => '<URL path>',
},
{ name => 'SessionCookieSecure',
func => __PACKAGE__ . '::StoreConfigFlag',
req_override => Apache2::Const::OR_ALL,
args_how => Apache2::Const::FLAG,
default => '1'
},
lib/Apache2/AuthCASpbh.pm view on Meta::CPAN
How frequently (in seconds) to remove expired authentication sessions and
examine the global session to remove orphaned expired proxy ticket mappings; by
default 3600 seconds.
=item C<AuthCAS_SessionCookieName>
The name of the cookie sent to the client to store the AuthCASpbh session
identifier; by default "AuthCAS_Session".
=item C<AuthCAS_SessionCookiePath>
An optional path to include in the session cookie.
=item C<AuthCAS_SessionCookieSecure>
Whether or not to set the secure flag on the session cookie; by default
enabled.
=item C<AuthCAS_SessionDBName>
Apache2-AuthCookieDBI
view release on metacpan or search on metacpan
eg/bin/login.pl view on Meta::CPAN
my $authcookiereason;
if ( $r->prev() ) { # we are called as a subrequest.
$destination = $r->prev()->args()
? $r->prev()->uri() . '?' . $r->prev->args()
: $r->prev()->uri();
$authcookiereason = $r->prev()->subprocess_env( 'AuthCookieReason' );
} else {
my %args = $r->args;
$destination = $args{ 'destination' };
$authcookiereason = $args{ 'AuthCookieReason' };
$t->add_tag( CREDENTIAL_0 => $r->prev->args('credential_0') );
}
$t->add_tag( DESTINATION => $destination );
unless ( $authcookiereason eq 'bad_cookie' ) {
Apache2-AuthCookieDBImg
view release on metacpan or search on metacpan
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
#===============================================================================
=head1 NAME
Apache2::AuthCookieDBImg
=head1 PURPOSE
An AuthCookie module backed by a DBI database with second level
authentication via image matching. This is very simple image
authentication scheme that is only meant to prevent robotic
logins to a web page by adding a 2nd level of authentication.
=head1 SYNOPSIS
# In httpd.conf or .htaccess
PerlModule Apache2::AuthCookieDBImg
PerlSetVar WhatEverPath /
PerlSetVar WhatEverLoginScript /login.pl
# Optional, to share tickets between servers.
PerlSetVar WhatEverDomain .domain.com
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
PerlSetVar WhatEverDBI_ImgKeyField "imagekey"
PerlSetVar WhatEverDBI_EncryptionType "none"
PerlSetVar WhatEverDBI_SessionLifetime 00-24-00-00
# Protected by AuthCookieDBImg.
<Directory /www/domain.com/authcookiedbimg>
AuthType Apache2::AuthCookieDBImg
AuthName WhatEver
PerlAuthenHandler Apache2::AuthCookieDBImg->authenticate
PerlAuthzHandler Apache2::AuthCookieDBImg->authorize
require valid-user
# or you can require users:
require user jacob
# You can optionally require groups.
require group system
</Directory>
# Login location.
<Files LOGIN>
AuthType Apache2::AuthCookieDBImg
AuthName WhatEver
SetHandler perl-script
PerlHandler Apache2::AuthCookieDBImg->login
</Files>
=head1 DESCRIPTION
This module is an authentication handler that uses the basic mechanism provided
by Apache2::AuthCookie with a DBI database for ticket-based protection. It
is based on two tokens being provided, a username and password, which can
be any strings (there are no illegal characters for either). The username is
used to set the remote user as if Basic Authentication was used.
On an attempt to access a protected location without a valid cookie being
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
The first ImgTable var is the DBI table that we will use to store our
image key + word pairs. The key field is set by the second var, the word
is the third var.
Your login form should set the 2 required fields for ALL AuthCookieDBI
login forms:
Your login ID: <input type="text" name="credential_0" value="">
Your password: <input type="password" name="credential_1" value="">
PLUS two additional fields for image processing:
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
Then create an image named junk.png and put it in my web server /images/dbimg folder.
The text on the image has a background picture plus the word "saywhat?" across the front.
The randomizer just looks up the imageurl and imagekey in the database and spits out
the appropriate HTML code. ApacheCookieDBImg then does a reverse operation, looking
up the imageword based on the key.
=head1 CAVEATS
This is not a truly random image, so it is not overly secure. The initial idea is just
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
=cut
#===============================================================================
#===============================================================================
package Apache2::AuthCookieDBImg;
use strict;
use 5.004;
use vars qw( $VERSION );
$VERSION = '2.2';
use Apache2::AuthCookie;
use vars qw( @ISA );
@ISA = qw( Apache2::AuthCookie );
use Apache2::RequestRec;
use Apache::DBI;
use Apache2::Const -compile => qw( OK HTTP_FORBIDDEN );
use Apache2::ServerUtil;
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
# _log_not_set -- Log that a particular authentication variable was not set.
sub _log_not_set($$) {
my( $r, $variable ) = @_;
my $auth_name = $r->auth_name;
$r->log_error( "Apache2::AuthCookieDBImg: $variable not set for auth realm $auth_name", $r->uri );
}
#-------------------------------------------------------------------------------
# _dir_config_var -- Get a particular authentication variable.
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
AuthName is PrivateBankingSystem they will look like:
PerlSetVar PrivateBankingSystemDBI_DSN "DBI:mysql:database=banking"
See also L<Apache2::Authcookie> for the directives required for any kind
of Apache2::AuthCookie-based authentication system.
In the following descriptions, replace "WhatEver" with your particular
AuthName. The available configuration directives are as follows:
=over 4
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
random string. This should be secret; either make the httpd.conf file
only readable by root, or put the PerlSetVar in a file only readable by
root and include it.
This is required and has no default value.
(NOTE: In AuthCookieDBImg versions 1.22 and earlier the secret key either could be
or was required to be in a seperate file with the path configured with
PerlSetVar WhateverDBI_SecretKeyFile, as of version 2.0 this is not possible, you
must put the secret key in the Apache configuration directly, either in the main
httpd.conf file or in an included file. You might wish to make the file not
world-readable. Also, make sure that the Perl environment variables are
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
This is not required and defaults to 'none'.
=item C<WhatEverDBI_SessionLifetime>
How long tickets are good for after being issued. Note that presently
Apache2::AuthCookie does not set a client-side expire time, which means that
most clients will only keep the cookie until the user quits the browser.
However, if you wish to force people to log in again sooner than that, set
this value. This can be 'forever' or a life time specified as:
DD-hh-mm-ss -- Days, hours, minute and seconds to live.
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
my $auth_name = $r->auth_name;
# Username goes in credential_0
my $user = shift @credentials;
unless ( $user =~ /^.+$/ ) {
$r->log_error( "Apache2::AuthCookieDBI: no username supplied for auth realm $auth_name", $r->uri );
return undef;
}
# Password goes in credential_1
my $password = shift @credentials;
unless ( $password =~ /^.+$/ ) {
$r->log_error( "Apache2::AuthCookieDBI: no password supplied for auth realm $auth_name", $r->uri );
return undef;
}
# CSA Patch - Use global var
# needed later for authen_sess_key
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
# get the crypted password from the users database for this user.
my $dbh = DBI->connect( $c{ DBI_DSN },
$c{ DBI_user }, $c{ DBI_password } );
unless ( defined $dbh ) {
$r->log_error( "Apache2::AuthCookieDBI: couldn't connect to $c{ DBI_DSN } for auth realm $auth_name", $r->uri );
return undef;
}
my $sth = $dbh->prepare( <<"EOS" );
SELECT $c{ DBI_passwordfield }
FROM $c{ DBI_userstable }
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
# CSA Patch - No need to add array overhead when fetching a single field
# my( $crypted_password ) = $sth->fetchrow_array;
my $crypted_password = $sth->fetchrow;
unless ( defined $crypted_password ) {
$r->log_error( "Apache2::AuthCookieDBI: couldn't select password from $c{ DBI_DSN }, $c{ DBI_userstable }, $c{ DBI_userfield } for user $user for auth realm $auth_name", $r->uri );
return undef;
}
# now return unless the passwords match.
if ( lc $c{ DBI_crypttype } eq 'none' ) {
unless ( $password eq $crypted_password ) {
$r->log_error( "Apache2::AuthCookieDBI: plaintext passwords didn't match for user $user for auth realm $auth_name", $r->uri );
return undef;
}
} elsif ( lc $c{ DBI_crypttype } eq 'crypt' ) {
my $salt = substr $crypted_password, 0, 2;
unless ( crypt( $password, $salt ) eq $crypted_password ) {
$r->log_error( "Apache2::AuthCookieDBI: crypted passwords didn't match for user $user for auth realm $auth_name", $r->uri );
return undef;
}
} elsif ( lc $c{ DBI_crypttype } eq 'md5' ) {
unless ( md5_hex( $password ) eq $crypted_password ) {
$r->log_error( "Apache2::AuthCookieDBI: MD5 passwords didn't match for user $user for auth realm $auth_name", $r->uri );
return undef;
}
}
# CSA Patch - New gen_key function for activity reset
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
my( $self, $r, $encrypted_session_key ) = @_;
my $auth_name = $r->auth_name;
# Enable Debugging In Here
my $debug = $r->dir_config("AuthCookieDebug") || 0;
# Get the configuration information.
my %c = _dbi_config_vars $r;
# Get the secret key.
my $secretkey = $c{ DBI_secretkey };
unless ( defined $secretkey ) {
$r->log_error( "Apache2::AuthCookieDBImg: didn't have the secret key from for auth realm $auth_name", $r->uri );
return undef;
}
# Decrypt the session key.
my $session_key;
if ( $c{ DBI_encryptiontype } eq 'none' ) {
$session_key = $encrypted_session_key;
} else {
# Check that this looks like an encrypted hex-encoded string.
unless ( $encrypted_session_key =~ /^[0-9a-fA-F]+$/ ) {
$r->log_error( "Apache2::AuthCookieDBImg: encrypted session key $encrypted_session_key doesn't look like it's properly hex-encoded for auth realm $auth_name", $r->uri );
return undef;
}
# Get the cipher from the cache, or create a new one if the
# cached cipher hasn't been created, & decrypt the session key.
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
||= Crypt::CBC->new( $secretkey, 'Blowfish' );
} elsif ( lc $c{ DBI_encryptiontype } eq 'blowfish_pp' ) {
$cipher = $CIPHERS{ "blowfish_pp:$auth_name" }
||= Crypt::CBC->new( $secretkey, 'Blowfish_PP' );
} else {
$r->log_error( "Apache2::AuthCookieDBImg: unknown encryption type $c{ DBI_encryptiontype } for auth realm $auth_name", $r->uri );
return undef;
}
$session_key = $cipher->decrypt_hex( $encrypted_session_key );
}
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
my( $enc_user, $issue_time, $expire_time, $session_id,
$supplied_hash, @rest ) = split /:/, $session_key;
# Let's check that we got passed sensible values in the cookie.
unless ( $enc_user =~ /^[a-zA-Z0-9_\%]+$/ ) {
$r->log_error( "Apache2::AuthCookieDBImg: bad percent-encoded user $enc_user recovered from session ticket for auth_realm $auth_name", $r->uri );
return undef;
}
# decode the user
my $user = _percent_decode $enc_user;
unless ( $issue_time =~ /^\d{4}-\d{2}-\d{2}-\d{2}-\d{2}-\d{2}$/ ) {
$r->log_error( "Apache2::AuthCookieDBImg: bad issue time $issue_time recovered from ticket for user $user for auth_realm $auth_name", $r->uri );
return undef;
}
unless ( $expire_time =~ /^\d{4}-\d{2}-\d{2}-\d{2}-\d{2}-\d{2}$/ ) {
$r->log_error( "Apache2::AuthCookieDBImg: bad expire time $expire_time recovered from ticket for user $user for auth_realm $auth_name", $r->uri );
return undef;
}
unless ( $supplied_hash =~ /^[0-9a-fA-F]{32}$/ ) {
$r->log_error( "Apache2::AuthCookieDBImg: bad hash $supplied_hash recovered from ticket for user $user for auth_realm $auth_name", $r->uri );
return undef;
}
# If we're using a session module, check that their session exist.
if ( defined $c{ DBI_sessionmodule } ) {
my %session;
my $dbh = DBI->connect( $c{ DBI_DSN },
$c{ DBI_user }, $c{ DBI_password } );
unless ( defined $dbh ) {
$r->log_error( "Apache2::AuthCookieDBImg: couldn't connect to $c{ DBI_DSN } for auth realm $auth_name", $r->uri );
return undef;
}
eval {
tie %session, $c{ DBI_sessionmodule }, $session_id, +{
Handle => $dbh,
LockHandle => $dbh,
};
};
if ( $@ ) {
$r->log_error( "Apache2::AuthCookieDBImg: failed to tie session hash using session id $session_id for user $user for auth_realm $auth_name, error was $@", $r->uri );
return undef;
}
# Update a timestamp at the top level to make sure we sync.
$session{ timestamp } = _now_year_month_day_hour_minute_second;
$r->pnotes( $auth_name, \%session );
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
$enc_user, $issue_time, $expire_time, $session_id, @rest, $secretkey
) );
# Compare it to the hash they gave us.
unless ( $hash eq $supplied_hash ) {
$r->log_error( "Apache2::AuthCookieDBImg: hash in cookie did not match calculated hash of contents for user $user for auth realm $auth_name", $r->uri );
return undef;
}
# Check that their session hasn't timed out.
if ( _now_year_month_day_hour_minute_second gt $expire_time ) {
$r->log_error( "Apache:AuthCookieDBImg: expire time $expire_time has passed for user $user for auth realm $auth_name", $r->uri );
return undef;
}
# If we're being paranoid about timing-out long-lived sessions,
# check that the issue time + the current (server-set) session lifetime
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
# If SessionActiveReset Flag Is On
#
if ($c{ DBI_SessionActiveReset}) {
my $ses_key = $self->gen_key($r, $user, \@Extra_Data);
$self->send_cookie($r, $ses_key);
$r->server->warn('Apache2:AuthCookieDBI: extended() '.$ses_key) if $debug >= 3;
}
# They must be okay, so return the user.
return $user;
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
my $session_id = '';
if ( defined $c{ DBI_sessionmodule } ) {
my $dbh = DBI->connect( $c{ DBI_DSN },
$c{ DBI_user }, $c{ DBI_password } );
unless ( defined $dbh ) {
$r->log_error( "Apache2::AuthCookieDBI: couldn't connect to $c{ DBI_DSN } for auth realm $auth_name", $r->uri );
return undef;
}
my %session;
tie %session, $c{ DBI_sessionmodule }, undef, +{
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
# Now we calculate the hash of this and the secret key and then
# calculate the hash of *that* and the secret key again.
my $secretkey = $c{DBI_secretkey};
unless ( defined $secretkey ) {
$r->log_error( "Apache2::AuthCookieDBI: didn't have the secret key for auth realm $auth_name", $r->uri );
return undef;
}
my $hash = md5_hex( join ':', $secretkey, md5_hex(
join ':', $public_part, $secretkey
) );
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
# See if we have a row in the groups table for this user/group.
my $dbh = DBI->connect( $c{ DBI_DSN },
$c{ DBI_user }, $c{ DBI_password } );
unless ( defined $dbh ) {
$r->log_error( "Apache2::AuthCookieDBImg: couldn't connect to $c{ DBI_DSN } for auth realm $auth_name", $r->uri );
return undef;
}
# Now loop through all the groups to see if we're a member of any:
my $sth = $dbh->prepare( <<"EOS" );
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
EOS
foreach my $group ( @groups ) {
$sth->execute( $group, $user );
return Apache2::Const::OK if ( $sth->fetchrow_array );
}
$r->log_error( "Apache2::AuthCookieDBImg: user $user was not a member of any of the required groups @groups for auth realm $auth_name", $r->uri );
return Apache2::Const::HTTP_FORBIDDEN;
}
1;
__END__
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
Lance Cleveland, Charleston Software Associates <info@charlestonsw.com>
=head1 HISTORY
v2.1 - February 2006
Significant portions based on AuthCookieDBI v2.03
v2.2 - April 2006
Added SessionActiveReset configuration variable (reset logout timer)
=head1 REQUIRES
Apache::DBI
Apache2::AuthCookie
Apache2::Const
Apache2::ServerUtil
Date::Calc
Digest::MD5
lib/Apache2/AuthCookieDBImg.pm view on Meta::CPAN
Cipher::CBC (if using CBC Ciphers)
=head1 SEE ALSO
Latest version: http://search.cpan.org/search?query=Apache%3A%3AAuthCookieDBImg&mode=all
Apache2::AuthCookieDBI(1)
Apache2::AuthCookie(1)
Apache2::Session(1)
=cut
Apache2-AuthCookieLDAP
view release on metacpan or search on metacpan
lib/Apache2/AuthCookieLDAP.pm view on Meta::CPAN
package Apache2::AuthCookieLDAP;
# Apache2::AuthCookieLDAP
#
# An Apache2::AuthCookie backend for LDAP based authentication
#
# Author: Kirill Solomko <ksolomko@cpan.org>
use strict;
use warnings;
use 5.010_000;
our $VERSION = '1.15';
use Apache2::AuthCookie;
use base qw(Apache2::AuthCookie);
use Apache2::Connection;
use Apache2::RequestRec;
use Apache2::Log;
use Apache2::Const -compile => qw(:log);
lib/Apache2/AuthCookieLDAP.pm view on Meta::CPAN
=pod
=head1 NAME
Apache2::AuthCookieLDAP - An Apache2::AuthCookie backend for LDAP based authentication
=head1 VERSION
Version 1.15
lib/Apache2/AuthCookieLDAP.pm view on Meta::CPAN
1. Make sure that your LDAP server is configured and you have access to it
2. In httpd.conf or .htaccess
Apache2::AuthCookie config (check L<Apache2::AuthCookie> documentation for the additional info)
PerlSetVar MyAuthPath /
PerlSetVar MyAuthLoginScript /
PerlSetVar MyAuthLogoutURL http://127.0.0.1
PerlSetVar MyAuthSecure 1
To make "LogoutURL" working you can subsclass Apache2::ApacheCookieLDAP and provide it with:
sub logout {
my ( $self, $r ) = @_;
$self->SUPER::logout($r);
my $logout_url = $r->dir_config( $r->auth_name . 'LogoutURL' );
lib/Apache2/AuthCookieLDAP.pm view on Meta::CPAN
}
return Apache2::Const::REDIRECT;
}
Apache2::AuthCookieLDAP config
PerlSetVar MyAuth_SecretKey OGheSWkT1ixd4V0DydSarLVevF77sSibMIoUaIYuQUqp2zvZIwbS4lyWhRTFUcHE
PerlSetVar MyAuth_SessionLifetime 00-24-00-00
PerlSetVar MyAuth_LDAPURI ldap://127.0.0.1
PerlSetVar MyAuth_Base uid=%USER%,ou=staff,dc=company,dc=com
PerlSetVar MyAuth_BindDN cn=ldap,dc=company,dc=com
PerlSetVar MyAuth_BindPW somepassword
PerlSetVar MyAuth_Filter (uid=%USER%)
<Directory /var/www/mysite/protected>
AuthType Apache2::AuthCookieLDAP
AuthName MyAuth
PerlAuthenHandler Apache2::AuthCookieLDAP->authenticate
PerlAuthzHandler Apache2::AuthCookieLDAP->authorize
require valid-user
</Directory>
<Location /login>
SetHandler perl-script
AuthType Apache2::AuthCookieLDAP
AuthName MyAuth
PerlResponseHandler MyAuthCookieLDAP->login
</Location>
<Location /logout>
SetHandler perl-script
AuthType Apache2::AuthCookieLDAP
AuthName MyAuth
PerlResponseHandler Apache2::AuthCookieLDAP->logout
</Location>
=head1 DESCRIPTION
This module acts as an authentication handler under Apache2 environment.
It uses Apache2::AuthCookie as the base class and serves as a backend to
provide user authentication against an LDAP server.
Make sure that you have got a reachable LDAP server and credentials to access it
(ldapuri, base, binddn/bindpw or anonymous bind).
When there is an attempt to access a "protected" directory or location
that has 'require valid-user' option included Apache2::AuthCookieLDAP is used
as the authentication and the authorization handler. It takes a pair of
provided username/password and tries to search the username in the LDAP directory
(it also uses the filter MyAuth_Filter, for puropses where you want to restrict access
to the resource to only a specific group). If the user is found then it tries
to bind with the provided username/password. Once authorized a session key
is generated by taking into account the provided username, authorization time
and a hash generated by including a specific logic plus the user's IP address.
Upon completion the session data is encrypted with the secret key (MyAuth_SecretKey)
and the according cookie is generated by Apache2::AuthCookie.
All the following requests to the protected resource take the cookie (if exists)
and the encrypted session key is validated (decrypted, the user is checked,
the session time is checked for expiration and the hash is regenerated
and compared with the provided one).
Upon success the user is authorized to access the protected resource.
Should you require any additional information how the cookies logic works
please check L<Apache2::AuthCookie> documentation.
=head1 APACHE CONFIGURATION DIRECTIVES
All the configuration directives as used in the following format:
PerlSetVar "AuthName""DirectiveName"
So if your have:
<Directory /var/www/mysite/protected>
AuthType Apache2::AuthCookieLDAP
AuthName WhateverAuthName
...
Then the directive name for you will be (for instance):
lib/Apache2/AuthCookieLDAP.pm view on Meta::CPAN
Checks the provided session time (unixtime) with the current time
and returns '0' if the session time is still valid or '1' if passed.
=head2 authen_cred($r, $user, $password, @extra_data)
This is the overridden method of Apache::AuthCookie and is used to
authenticate $user with the provided $password
Returns the encrypted session key in case of successfull authentication.
Please follow to Apache2::AuthCookie if you need more information about the method.
=head2 authen_ses_key($r, $session_key)
This is the overridden method of Apache::AuthCookie and is used to
validate the provided $session_key.
Returns the authenticated username in case of success or redirects to the login page otherwise.
Please follow to Apache2::AuthCookie if you need more information about the method.
=head1 SUBCLASSING
You can subclass the module and override any of the available methods.
=head1 CREDITS
"SecretKey", "Lifetime" Apache config directive names and their definition style
are similar to Apache2::AuthCookieDBI to keep it common for those
who use both of the modules.
Authors of Apache2::AuthCookieDBI
Authors of Apache2::AuthCookie
=head1 COPYRIGHT
Copyright (C) 2013 Kirill Solomko
lib/Apache2/AuthCookieLDAP.pm view on Meta::CPAN
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
=head1 BUGS
Please report any bugs or feature requests through the web interface at:
http://rt.cpan.org/Public/Dist/Display.html?Name=Apache2-AuthCookieLDAP
=head1 TODO
=over 4
lib/Apache2/AuthCookieLDAP.pm view on Meta::CPAN
=back
=head1 SEE ALSO
L<perl(1)>, L<Apache2::AuthCookie>, L<Apache2::AuthCookieDBI>
=cut
__END__
Apache2-AuthTicketLDAP
view release on metacpan or search on metacpan
AuthTicketLDAP.pm view on Meta::CPAN
package Apache2::AuthTicketLDAP;
BEGIN {
$Apache2::AuthTicketLDAP::VERSION = '0.02';
}
# ABSTRACT: Cookie Based Access with LDAP Authentication
use strict;
use base qw(Apache2::AuthTicket);
use Apache2::Const qw(OK HTTP_FORBIDDEN);
use Apache2::ServerUtil;
AuthTicketLDAP.pm view on Meta::CPAN
=pod
=head1 NAME
Apache2::AuthTicketLDAP - Cookie Ticketing with LDAP Authentication
=head1 VERSION
version 0.02
AuthTicketLDAP.pm view on Meta::CPAN
The documentation is largely the same as I<Apache2::AuthTicket>, however, with
a few addenda. A typical installation will look like:
# in httpd.conf
PerlModule Apache2::AuthTicketLDAP
PerlSetVar AuthCookieDebug 3 #Useful for debugging
PerlSetVar AuthTicketLDAPCacheDir "/var/cache/apache"
PerlSetVar AuthTicketLDAPCacheSize "4m"
PerlSetVar AuthTicketLDAPCachePageSize "4096"
PerlSetVar AuthTicketLDAPCacheTTL "10m"
PerlSetVar AuthTicketLDAPStmtCacheSize "4m"
PerlSetVar AuthTicketLDAPStmtCachePageSize "4096"
PerlSetVar AuthTicketLDAPStmtCacheTTL "1m"
PerlSetVar FooCookieName "MyCookie"
PerlSetVar FooSatisfy any
PerlSetVar FooTicketDB dbi:mysql:database=mschout;host=testbed
PerlSetVar FooTicketDBAutoCommit 0
PerlSetVar FooTicketDBUser test
PerlSetVar FooTicketDBPassword secret
AuthTicketLDAP.pm view on Meta::CPAN
Apache2::AuthTicketLDAP->configure(String auth_name, *Hash config)
When configuring this way, you don't prefix the configuration items with the
AuthName value like you do when using PerlSetVar directives.
You must still include I<Apache2::AuthCookie> configuration directives and
I<Apache2::AuthTicketLDAP> global variables in httpd.conf when configuring the
server this way. These items include:
* PerlSetVar FooPath /
* PerlSetVar FooDomain .foo.com
AuthTicketLDAP.pm view on Meta::CPAN
LDAPFilter => 'uid=MYUSER',
TicketDBAutoCommit => 0,
});
Configuration is the same as with I<Apache2::AuthTicket> and
I<Apache2::AuthCookie>, though B<TicketUserTable> and B<TicketPasswordStyle>
are ignored.
The following directives are added by this module:
=over 3
AuthTicketLDAP.pm view on Meta::CPAN
thanks to St. Edward's University for providing the resources to write this
module.
=head1 SEE ALSO
L<Apache2::AuthTicket>, L<Apache2::AuthCookie>, L<Net::LDAP>, L<CHI>, L<CHI::Driver::FastMmap>
=head1 AUTHOR
Stephen Olander-Waters <stephenw@stedwards.edu>
Apache2-Authen-OdinAuth
view release on metacpan or search on metacpan
lib/Apache2/Authen/OdinAuth.pm view on Meta::CPAN
my $cookie_is_invalid = 'by default';
my $cookie_user = '?';
my $cookie_roles = '_';
my $cookies = &parse_cookie_jar($r->headers_in->{'Cookie'});
my $cookie = $cookies->{config->{cookie}};
if ($cookie) {
my ( $user, $roles );
eval {
Apache2-AuthenNTLM-Cookie
view release on metacpan or search on metacpan
lib/Apache2/AuthenNTLM/Cookie.pm view on Meta::CPAN
# see doc at end of file
package Apache2::AuthenNTLM::Cookie;
use strict;
use warnings;
use Apache2::RequestRec ();
use Apache2::Request;
use Apache2::Cookie;
use Apache2::Directive ();
use Apache2::Const -compile => qw(OK HTTP_UNAUTHORIZED) ;
use Digest::SHA1 qw(sha1_hex);
use MIME::Base64 ();
lib/Apache2/AuthenNTLM/Cookie.pm view on Meta::CPAN
}, $class;
my $result;
# get the cookie
my $jar = Apache2::Cookie::Jar->new($r);
my $cookie = $jar->cookies($self->{cookie_name});
my $has_valid_cookie = $cookie && $self->validate_cookie($cookie->value);
# if cookie is present and valid
if ($has_valid_cookie) {
lib/Apache2/AuthenNTLM/Cookie.pm view on Meta::CPAN
# if MSIE "optimization" is activated, i.e. if this is a POST with an
# NTLM type1 message and without body ...
if ($r->method eq 'POST' && $self->has_empty_body && $self->is_NTLM_msg1) {
# ... then we must fake a type2 msg so that MSIE will post again
$r->log->debug("AuthenNTLM::Cookie: creating fake type2 msg");
$self->add_auth_header($self->fake_NTLM_msg2);
$result = Apache2::Const::HTTP_UNAUTHORIZED;
}
}
lib/Apache2/AuthenNTLM/Cookie.pm view on Meta::CPAN
}
# else invoke Apache2::AuthenNTLM to go through the NTLM handshake
else {
my $msg = $cookie ? "cookie invalidated" : "no cookie";
$r->log->debug("AuthenNTLM::Cookie: $msg, calling Apache2::AuthenNTLM");
$result = Apache2::AuthenNTLM->handler($r); # will set $r->user
# create the cookie if NTLM succeeded
$self->set_cookie if $result == Apache2::Const::OK;
}
lib/Apache2/AuthenNTLM/Cookie.pm view on Meta::CPAN
my $val = $r->dir_config($arg) or next ARG;
push @cookie_args, -$arg => $val;
}
# send cookie
my $cookie = Apache2::Cookie->new($r, @cookie_args);
$cookie->bake($r);
$r->log->debug("AuthenNTLM::Cookie: baked cookie $cookie_val");
}
sub default_secret {
my ($class) = @_;
lib/Apache2/AuthenNTLM/Cookie.pm view on Meta::CPAN
my $config = $r->dir_config('ntlmauthoritative') || 'on';
return $config =~ /^(on|1)$/i;
}
1; # End of Apache2::AuthenNTLM::Cookie
__END__
=head1 NAME
Apache2::AuthenNTLM::Cookie - Store NTLM identity in a cookie
=head1 SYNOPSIS
<Location /my/secured/URL>
PerlAuthenHandler Apache2::AuthenNTLM::Cookie
AuthType ntlm
PerlAddVar ntdomain "domain primary_domain_controller other_controller"
... # see other configuration params in Apache2::AuthenNTLM
</Location>
lib/Apache2/AuthenNTLM/Cookie.pm view on Meta::CPAN
in order to improve performance, the present module saves the result
of that handshake in a cookie, so that the next request gets an
immediate answer.
A similar module was already published on CPAN for Apache1 / modperl1
(L<Apache::AuthCookieNTLM>). The present module is an implementation
for Apache2 / modperl2, and has a a different algorithm for cookie
generation, in order to prevent any attempt to forge a fake cookie.
Details about the NTLM authentication protocol can be found at
L<http://davenport.sourceforge.net/ntlm.html#ntlmHttpAuthentication>.
lib/Apache2/AuthenNTLM/Cookie.pm view on Meta::CPAN
the minimal information for setting the handler,
specifying the C<AuthType> and specifying the names
of domain controllers :
<Location /my/secured/URL>
PerlAuthenHandler Apache2::AuthenNTLM::Cookie
AuthType ntlm
PerlAddVar ntdomain "domain primary_domain_controller other_controller"
</Location>
In addition to the inherited directives, some
lib/Apache2/AuthenNTLM/Cookie.pm view on Meta::CPAN
PerlSetVar expires my_cookie_expires # default is none
PerlSetVar path my_cookie_path # default is none
PerlSetVar refresh some_seconds # default is 14400 (4 hours)
PerlSetVar secret my_secret_string # default from stat(config file)
See L<Apache2::Cookie> for explanation of variables
C<cookie_name>, C<domain>, C<expires>, and C<path>.
The only variables specific to the present module are
=over
lib/Apache2/AuthenNTLM/Cookie.pm view on Meta::CPAN
=head1 BUGS
Please report any bugs or feature requests to
C<bug-apache2-authenntlm-cookie at rt.cpan.org>, or through the web
interface at
L<http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Apache2-AuthenNTLM-Cookie>.
I will be notified, and then you'll automatically be notified of
progress on your bug as I make changes.
=head1 SUPPORT
You can find documentation for this module with the perldoc command.
perldoc Apache2::AuthenNTLM::Cookie
You can also look for information at:
=over 4
=item * AnnoCPAN: Annotated CPAN documentation
L<http://annocpan.org/dist/Apache2-AuthenNTLM-Cookie>
=item * CPAN Ratings
L<http://cpanratings.perl.org/d/Apache2-AuthenNTLM-Cookie>
=item * RT: CPAN's request tracker
L<http://rt.cpan.org/NoAuth/Bugs.html?Dist=Apache2-AuthenNTLM-Cookie>
=item * Search CPAN
L<http://search.cpan.org/dist/Apache2-AuthenNTLM-Cookie>
=back
=head1 TESTING NOTE
Apache2-AuthenNTLM
view release on metacpan or search on metacpan
AuthenNTLM.pm view on Meta::CPAN
=head1 SEE ALSO
An implementation of this module which uses cookies to cache the session.
Apache-AuthCookieNTLM - Leo Lapworth
http://search.cpan.org/~llap/Apache-AuthCookieNTLM/
=head1 AUTHOR
G. Richter (richter@dev.ecos.de)
Ported by Shannon Eric Peevey (speeves@unt.edu)
Apache2-AuthenSecurID
view release on metacpan or search on metacpan
Auth/Auth.pm view on Meta::CPAN
my $ace_initd_server = $r->dir_config("ace_initd_server") || "localhost";
my $ace_initd_port = $r->dir_config("ace_initd_port") || 1969;
# grab apache session cookie
my ($session_id) =
( ( $r->headers_in->{"Cookie"} || "" ) =~ /Apache=([^;]+)/ );
my $client = IO::Socket::INET->new(
PeerAddr => $ace_initd_server,
PeerPort => $ace_initd_port,
Proto => 'udp'
Auth/Auth.pm view on Meta::CPAN
};
my $time = time();
if ( $result == 0 ) {
my $auth_cookie = $r->dir_config("AuthCookie") || "SecurID";
my $auth_user_cookie = $r->dir_config("AuthUserCookie")
|| "SecurID_User";
my $crypt_cookie = $crypt->encrypt_hex("$time:$username");
$r->headers_out->add( "Set-Cookie" => $auth_user_cookie . "="
. $username
. "; path="
. "/" );
$r->headers_out->add( "Set-Cookie" => $auth_cookie . "="
. $crypt_cookie
. "; path="
. "/" );
$uri = $crypt->decrypt_hex($uri);
Auth/Auth.pm view on Meta::CPAN
<Location /path/of/authentication/handler>
SetHandler perl-script
PerlHandler Apache2::AuthenSecurID::Auth
PerlSetVar AuthCryptKey Encryption_Key
PerlSetVar AuthCookie Name_of_Authentication_Cookie
PerlSetVar AuthUserCookie Name_of_Username_Authentication_Cookie
PerlSetVar AuthCookiePath /path/of/authentication/cookie
PerlSetVar AuthApacheCookie Apache_Cookie
PerlSetVar ace_initd_server name.of.ace.handler.server.com
PerlSetVar ace_initd_port 1969
</Location>
=head1 DESCRIPTION
Auth/Auth.pm view on Meta::CPAN
is redirected to this handler if the authentication cookie does not
exist or is no longer valid. The handler will prompt for username and
passcode. It will then construct and encrypt a UDP packet and send it to
the Ace request daemon. This is necessary since libsdiclient.a needs to
persist for NEXT TOKEN MODE and SET PIN MODE. If the authentication is
valid an encrypted Authentication Cookie is set and the request is redirected
to the originating URI. If the user needs to enter NEXT TOKEN or set their
PIN they will be prompted to do so and if valid the request is then redirected
to the originating URI.
Auth/Auth.pm view on Meta::CPAN
The Blowfish key used to encrypt and decrypt the authentication cookie.
It defaults to F<my secret> if this variable is not set.
=item *
AuthCookie
The name of the of cookie to be set for the authentication token.
It defaults to F<SecurID> if this variable is not set.
=item *
AuthUserCookie
The name of the of cookie that contains the value of the persons username
in plain text. This is checked against the contents of the encrypted cookie
to verify user. The cookie is set of other applications can identify
authorized users. It defaults to F<SecurID_User> if this variable is not set.
=item *
AuthCookiePath
The path of the of cookie to be set for the authentication token.
It defaults to F</> if this variable is not set.
=item *
AuthApacheCookie
The name of the mod_usertrack cookie. The mod_usertrack module must be
compile and enabled in order to track user sessions. This is set by the
CookieName directive in httpd.conf. It defaults to F<Apache> if this variable
is not set.
=item *
ace_initd_server
Apache2-AuthzCaps
view release on metacpan or search on metacpan
lib/Apache2_4/AuthzCaps.pm view on Meta::CPAN
use Apache2::RequestRec;
use Apache2::RequestUtil;
##################################################
# General handler template stolen from Apache2_4::AuthCookie
sub handler {
my ($r, $caps) = @_;
my $user = $r->user;
local $Apache2::AuthzCaps::rootdir = $r->dir_config('AuthzCapsRootdir');
return AUTHZ_DENIED_NO_USER unless $user;
Apache2-BalanceLogic
view release on metacpan or search on metacpan
lib/Apache2/BalanceLogic.pm view on Meta::CPAN
use Apache2::RequestIO ();
use Apache2::Connection ();
use APR::Table ();
use Apache2::Const -compile => qw( OK DECLINED );
use YAML qw 'LoadFile';
use CGI::Cookie;
use Net::CIDR::Lite;
use UNIVERSAL::require;
our $VERSION = '0.0.1';
lib/Apache2/BalanceLogic.pm view on Meta::CPAN
}
$route_id = $force if $cidr->find($ip);
}
# a inner cookie trick for "stickysession" in mod_proxy_balancer.
my $cookie_str = $r->headers_in->get('Cookie');
$cookie_str =~ s/route_id=\d+\;?//;
$cookie_str = 'route_id=x.' . $route_id . '; ' . $cookie_str . ';';
$r->headers_in->set( 'Cookie' => $cookie_str );
# return OK
return Apache2::Const::OK;
}
lib/Apache2/BalanceLogic.pm view on Meta::CPAN
Config: '/foo/bar/perl/Apache2/BalanceLogic/Config/PluginConfig/DistByURL.yaml'
#---
#Name: 'DistByTime'
#Config: '/foo/bar/perl/Apache2/BalanceLogic/Config/PluginConfig/DistByTime.yaml'
#---
#Name: 'DistByCookie'
#Config: '/foo/bar/perl/Apache2/BalanceLogic/Config/PluginConfig/DistByCookie.yaml'
#--- your server admin ipaddress. it can use __force__ option.
ADMIN_IP:
- 192.168.1.0/24
lib/Apache2/BalanceLogic.pm view on Meta::CPAN
=head1 Plugin
There are 3 sample Plugin modules. ( in Plugin directory )
L<Apache2::BalanceLogic::Plugin::DistByCookie>
distribute the requests by unique user cookie that maybe generated by usertrac module.
this is implemented by a simple slurp division code.
L<Apache2::BalanceLogic::Plugin::DistByTime>
distribute the requests by time number ( hour ). see config file.
L<Apache2::BalanceLogic::Plugin::DistByURL>
Apache2-Controller
view release on metacpan or search on metacpan
lib/Apache2/Controller.pm view on Meta::CPAN
C<< $r->pnotes->{a2c}{session} >> automatically loaded from and
stored to an L<Apache::Session> tied hash. Pushes a PerlLogHandler
to save the session after the main controller returns OK.
See L<Apache2::Controller::Session>
and L<Apache2::Controller::Session::Cookie>.
=head2 PerlAuthenHandler Apache2::Controller::Authen::OpenID
Implements OpenID logins and redirects to your specified login
controller by changing the dispatch selection on the fly.
Apache2-FileManager
view release on metacpan or search on metacpan
FileManager.pm view on Meta::CPAN
The following (non-core) perl modules must be installed before installing
Apache2::FileManager.
Apache/mod_perl => 2.0
Archive::Any => 0.03
CGI::Cookie => 1.20
File::NCopy => 0.32
File::Remove => 0.20
=head1 SPECIAL NOTES
FileManager.pm view on Meta::CPAN
use File::Copy qw(move);
use File::Remove qw(remove);
use File::stat;
use Archive::Any;
use POSIX qw(strftime);
use CGI::Cookie;
#use Data::Dumper;
require 5.005_62;
our $VERSION = '0.20';
FileManager.pm view on Meta::CPAN
#get copy and cut file arrays
my $buffer_type = "";
my $buffer_filenames = [];
if (defined(r->headers_in->{'Cookie'})) {
my $cookie_name = uc(r->hostname());
$cookie_name =~ s/[^A-Z]//g;
$cookie_name .= "_FM";
my %cookies = CGI::Cookie->parse(r->headers_in->{'Cookie'});
if (exists $cookies{$cookie_name}) {
my $data = $cookies{$cookie_name}->value;
my @ar = split /\|/, $data;
#is there something in buffer
Apache2-ModXml2
view release on metacpan or search on metacpan
Av_CharPtrPtr.c view on Meta::CPAN
/* Modified from API Cookbook A Example 8 */
#ifdef __cplusplus
extern "C" {
#endif
#include "EXTERN.h"
Apache2-Mogile-Dispatch
view release on metacpan or search on metacpan
doc/examples/Cookie.pm view on Meta::CPAN
package My::Cookie;
use strict;
use warnings;
use base 'Apache2::Mogile::Dispatch';
use Apache2::Cookie;
use Apache2::Cookie::Jar;
sub mogile_key {
my ($r) = @_;
return $r->uri;
}
sub get_direction {
my ($r, $cf) = @_;
my $j = Apache2::Cookie::Jar->new($r);
my $cookie = $j->cookies('mogile');
if (! $cookie) { return { 'mogile' => 0 }; }
if ($cookie->value eq 'true') { return { 'mogile' => 1 }; }
return { 'mogile' => 0 };
}
doc/examples/Cookie.pm view on Meta::CPAN
=pod
=head1 NAME
Cookie - A cookie based dispatcher
=head1 DESCRIPTION
This example module shows how to use cookies to determine if mogile is to be
used or not. It takes advantage of the apache request object being passed to
Apache2-PageKit
view release on metacpan or search on metacpan
lib/Apache2/PageKit.pm view on Meta::CPAN
use strict;
# CPAN Modules required for pagekit
use mod_perl2 1.9921;
use Apache2::URI ();
use Apache2::Cookie ();
use Apache2::Request ();
use Apache::SessionX ();
use Apache2::Util ();
use Compress::Zlib ();
use File::Find ();
lib/Apache2/PageKit.pm view on Meta::CPAN
$pk->{browser_cache} = 'no';
} else {
# display login page with error message
$pk->{page_id} = $config->get_global_attr('login_page');
$model->pkit_gettext_message('Cookies must be enabled in your browser.', is_error => 1);
}
}
my $require_login = $config->get_page_attr($pk->{page_id},'require_login');
if(defined($require_login) && $require_login =~ /^(yes|recent)$/){
lib/Apache2/PageKit.pm view on Meta::CPAN
my $pkit_id = 'pkit_id' . ( $config->get_server_attr('cookie_postfix') || '' );
my $cookie_domain_str = $config->get_server_attr('cookie_domain');
my @cookie_domains = defined($cookie_domain_str) ? split(' ',$cookie_domain_str) : (undef);
for my $cookie_domain (@cookie_domains){
my $cookie = Apache2::Cookie->new($apr->env,
-name => $pkit_id,
-value => $ses_key,
-path => "/");
$cookie->domain($cookie_domain) if $cookie_domain;
if ($remember){
$cookie->expires("+10y");
}
$apr->err_headers_out->add( 'Set-Cookie' => $cookie->as_string );
}
# remove appending ? or & and any combination of them
$done =~ s/[\?&]+$//;
lib/Apache2/PageKit.pm view on Meta::CPAN
sub authenticate {
my ($pk) = @_;
my $apr = $pk->{apr};
my $model = $pk->{model};
my %cookies = Apache2::Cookie->fetch($apr->env);
my $cookie_pkit_id = 'pkit_id' . ( $pk->{config}->get_server_attr('cookie_postfix') || '' );
return unless $cookies{$cookie_pkit_id};
my %ticket = $cookies{$cookie_pkit_id}->value;
lib/Apache2/PageKit.pm view on Meta::CPAN
sub logout {
my ($pk) = @_;
my $apr = $pk->{apr};
my $config = $pk->{config};
my %cookies = Apache2::Cookie->fetch($apr->env);
my $cookie_postfix = $config->get_server_attr('cookie_postfix') || '';
my $pkit_id = 'pkit_id' . $cookie_postfix;
my $pkit_session_id = 'pkit_session_id' . $cookie_postfix;
lib/Apache2/PageKit.pm view on Meta::CPAN
for my $cookie_domain (@cookie_domains){
$tcookie->value("");
$tcookie->path("/");
$tcookie->domain($cookie_domain) if $cookie_domain;
$tcookie->expires('-5y');
$apr->err_headers_out->add( 'Set-Cookie' => $tcookie->as_string );
}
}
}
# get session_id from cookie
lib/Apache2/PageKit.pm view on Meta::CPAN
}
my $apr = $pk->{apr};
my $config = $pk->{config};
my %cookies = Apache2::Cookie->fetch($apr->env);
my $pkit_session_id = 'pkit_session_id' . ( $config->get_server_attr('cookie_postfix') || '' );
my $session_id;
lib/Apache2/PageKit.pm view on Meta::CPAN
# unset cookie for old session
my $cookie_domain_str = $pk->{config}->get_server_attr('cookie_domain');
my @cookie_domains = defined($cookie_domain_str) ? split(' ',$cookie_domain_str) : (undef);
for my $cookie_domain (@cookie_domains){
my $cookie = Apache2::Cookie->new($apr->env,
-name => $pkit_session_id,
-value => "",
-path => "/");
$cookie->domain($cookie_domain) if $cookie_domain;
$cookie->expires('-5y');
$apr->err_headers_out->add( 'Set-Cookie' => $cookie->as_string );
}
$pk->{session} = \%auth_session;
} else {
$pk->{session} = \%session;
}
lib/Apache2/PageKit.pm view on Meta::CPAN
my $pkit_session_id = 'pkit_session_id' . ( $pk->{config}->get_server_attr('cookie_postfix') || '' );
my $expires = $pk->{config}->get_global_attr('session_expires');
my $cookie_domain_str = $pk->{config}->get_server_attr('cookie_domain');
my @cookie_domains = defined($cookie_domain_str) ? split(' ',$cookie_domain_str) : (undef);
for my $cookie_domain (@cookie_domains){
my $cookie = Apache2::Cookie->new($apr->env,
-name => $pkit_session_id,
-value => $session_id,
-path => "/");
$cookie->domain($cookie_domain) if $cookie_domain;
$cookie->expires($expires) if $expires;
$apr->err_headers_out->add('Set-Cookie' => $cookie->as_string );
}
# save for logging purposes (warning, undocumented and might go away)
$apr->notes->set(pkit_session_id => $session_id);
}
}
lib/Apache2/PageKit.pm view on Meta::CPAN
Russell D. Weiss
Paul Flinders
Bill Karwin
Daniel Gardner
Andy Massey
Michael Cook
Michael Pheasant
John Moose
Sheldon Hearn
Vladimir Sekissov
Tomasz Konefal
Apache2-REST
view release on metacpan or search on metacpan
lib/Apache2/REST.pm view on Meta::CPAN
You can find reference documentation for this module with the perldoc command.
perldoc Apache2::REST
You can find the wiki with Cooking recipes and in depth articles at:
L<http://code.google.com/p/apache2rest/w/list>
=over 4
Apache2-SSI
view release on metacpan or search on metacpan
t/functions.pl view on Meta::CPAN
$ENV{DOCUMENT_ROOT} = $DOC_ROOT;
if( exists( $def->{headers} ) && ref( $def->{headers} ) eq 'HASH' && scalar( keys( %{$def->{headers}} ) ) )
{
while( my( $header, $value ) = each( %{$def->{headers}} ) )
{
if( $header eq 'Cookie' )
{
$ENV{HTTP_COOKIE} = $value;
}
elsif( $header eq 'Agent' )
{
( run in 0.437 second using v1.01-cache-2.11-cpan-e9199f4ba4c )