Apache-AuthTypeKey
view release on metacpan or search on metacpan
name: Apache-AuthTypeKey
version: 0.03
abstract: Apache authorization handler using TypeKey
author: Six Apart <cpan@sixapart.com>
license: perl
distribution_type: module
requires:
Authen::TypeKey: 0.02
Apache::AuthCookie: 3.08
no_index:
directory:
- t
- inc
generated_by: Module::Install version 0.36
Makefile.PL view on Meta::CPAN
abstract('Apache authorization handler using TypeKey');
author('Six Apart <cpan@sixapart.com>');
version_from('lib/Apache/AuthTypeKey.pm');
license('perl');
no_index(directory => 't');
sign(1);
include('ExtUtils::AutoInstall');
requires('Authen::TypeKey' => 0.02);
requires('Apache::AuthCookie' => 3.08);
auto_include();
auto_install();
&WriteAll;
$Id: README 12 2004-08-21 08:36:19Z btrott $
This is Apache::AuthTypeKey, an implementation of TypeKey authentication and
authorization for Apache.
PREREQUISITES
* Authen::TypeKey
* Apache::AuthCookie
INSTALLATION
Apache::AuthTypeKey installation is straightforward. If your CPAN shell
is set up, you should just be able to do
% perl -MCPAN -e 'install Apache::AuthTypeKey'
Download it, unpack it, then build it as per the usual:
lib/Apache/AuthTypeKey.pm view on Meta::CPAN
our $VERSION = '0.03';
use Authen::TypeKey;
use mod_perl;
use constant MP2 => $mod_perl::VERSION >= 1.99;
BEGIN {
require base;
if (MP2) {
require Apache2::Const;
Apache2::Const->import(-compile => qw( SERVER_ERROR ));
base->import(qw( Apache2::AuthCookie ));
} else {
require Apache::Constants;
Apache::Constants->import(qw( SERVER_ERROR ));
base->import(qw( Apache::AuthCookie ));
}
}
sub authen_cred {
my($self, $r, @cred) = @_;
my $token = $r->dir_config('TypeKeyToken');
unless ($token) {
$r->log_error('TypeKeyToken is required');
return;
}
lib/Apache/AuthTypeKey.pm view on Meta::CPAN
TypeKey is Six Apart's free, open service providing a central login for
people to comment on weblogs, get access to protected information, etc.
To use I<Apache::AuthTypeKey>, you'll need a TypeKey token that identifies
your site. So you'll need to sign up for a TypeKey account at
I<https://www.typekey.com/t/typekey/register>, then fill out the Preferences
form to include the URI of your application. Specifically, this URI should be
the URI for the I</login-protected> area above, because that's the URI that
TypeKey will return to after a user logs in.
I<Apache::AuthTypeKey> is a subclass of I<Apache::AuthCookie>, so it inherits
all of that module's cookie-handling and authorization code. It also inherits
all of that module's configuration settings and options.
=head2 Authentication
Authentication is handled for you through TypeKey, and cookie handling is
handled by I<Apache::AuthCookie>. The value of the cookie will be the string
returned from TypeKey, including the username, email address, name, and a
DSA signature on those values, preventing users from forging the cookie.
=head2 Login Screen
The actual login form is on I<http://www.typekey.com/>; the login screen
that you'll be providing should be just a simple page linking people to that
login screen, along with your TypeKey token and return URI. An example login
screen is in F<eg/login.pl>, but you'll probably wish to customize the HTML,
as it's fairly plain.
The login script functionality is inherited from I<Apache::AuthCookie>, so
it's implemented as a script that you must configure in your I<httpd.conf>
or I<.htaccess>. For example:
PerlSetVar TypeKeyLoginScript /login.pl
If you'd rather use a different mechanism for your login screen, you can
subclass I<Apache::AuthTypeKey> and override the I<login_form> method. See
the L<Apache::AuthCookie> documentation for more details.
=head2 Authorization
I<Apache::AuthTypeKey>--coupled with TypeKey--will handle all of the
authentication for you, telling you whether someone is a valid TypeKey user.
For authorization, you have a couple of options:
=over 4
=item * Allow any TypeKey user
lib/Apache/AuthTypeKey.pm view on Meta::CPAN
require user bar
This will allow only the TypeKey users C<foo> and C<bar>.
=item * Override the authorization phase and handle it yourself
If you'd like to do something more complex, like look up valid TypeKey
usernames in a database listing authorized users, you can subclass
I<Apache::AuthTypeKey> and override the I<authorize> method. Note that
I<Apache::AuthTypeKey> doesn't actually provide its own I<authorize>
method anyway--it merely inherits I<Apache::AuthCookie-E<gt>authorize>.
=back
=head1 LICENSE
I<Apache::AuthTypeKey> is free software; you may redistribute it and/or modify
it under the same terms as Perl itself.
=head1 AUTHOR & COPYRIGHT
Except where otherwise noted, I<Apache::AuthTypeKey> is Copyright 2004 Six
Apart Ltd, cpan@sixapart.com. All rights reserved.
=head1 SEE ALSO
L<Apache::AuthCookie>, L<Authen::TypeKey>
=cut
( run in 0.912 second using v1.01-cache-2.11-cpan-bbb979687b5 )