Apache-AuthenSecurID

 view release on metacpan or  search on metacpan

Auth/Auth.pm  view on Meta::CPAN

   PerlSetVar AuthCookiePath /path/of/authentication/cookie
   PerlSetVar AuthApacheCookie Apache_Cookie
   PerlSetVar ace_initd_server name.of.ace.handler.server.com
   PerlSetVar ace_initd_port 1969
</Location>

=head1 DESCRIPTION

This module allows authentication against a SecurID server.  A request
is redirected to this handler if the authentication cookie does not
exist or is no longer valid.  The handler will prompt for username and 
passcode.  It will then construct and encrypt a UDP packet and send it to 
the Ace request daemon.  This is necessary since libsdiclient.a needs to 
persist for NEXT TOKEN MODE and SET PIN MODE.  If the authentication is 
valid an encrypted Authentication Cookie is set and the request is redirected 
to the originating URI.  If the user needs to enter NEXT TOKEN or set their 
PIN they will be prompted to do so and if valid the request is then redirected 
to the originating URI.


=head1 LIST OF TOKENS


=item *
AuthCryptKey

The Blowfish key used to encrypt and decrypt the authentication cookie. 

Auth/RCS/Auth.pm,v  view on Meta::CPAN

   PerlSetVar AuthCookiePath /path/of/authentication/cookie
   PerlSetVar AuthApacheCookie Apache_Cookie
   PerlSetVar ace_initd_server name.of.ace.handler.server.com
   PerlSetVar ace_initd_port 1969
</Location>

=head1 DESCRIPTION

This module allows authentication against a SecurID server.  A request
is redirected to this handler if the authentication cookie does not
exist or is no longer valid.  The handler will prompt for username and 
passcode.  It will then construct and encrypt a UDP packet and send it to 
the Ace request daemon.  This is necessary since libsdiclient.a needs to 
persist for NEXT TOKEN MODE and SET PIN MODE.  If the authentication is 
valid an encrypted Authentication Cookie is set and the request is redirected 
to the originating URI.  If the user needs to enter NEXT TOKEN or set their 
PIN they will be prompted to do so and if valid the request is then redirected 
to the originating URI.


=head1 LIST OF TOKENS


=item *
AuthCryptKey

The Blowfish key used to encrypt and decrypt the authentication cookie. 

Auth/RCS/Auth.pm,v  view on Meta::CPAN

text
@d1 1
a1 1
# $Id: Auth.pm,v 1.4 2001/06/19 19:39:39 root Exp root $
d530 4
d556 1
a556 1
will be redirected to this handler if the authentication cookie does not
d563 2
a564 2
PIN they will be prompted to do so and then redirected to the originating
URI.
d579 1
a579 1
The name of the of cookie to be set for the authenticaion token.  
d588 1
a588 1
authorizied users.  It defaults to F<SecurID_User> if this variable is not set.
d593 1
a593 1
The path of the of cookie to be set for the authenticaion token.  

AuthenSecurID.pm  view on Meta::CPAN

 require valid-user
</Location>

=head1 DESCRIPTION

This module allows authentication against a SecurID server.  It
detects whether a user has a valid encrypted cookie containing their 
username and last activity time stamp.  If the cookie is valid the module 
will change the activity timestamp to the present time, encrypt and send the
cookie.  If the cookie is not valid the module will redirect to the
authentication handler to prompt for username and passcode.

=head1 LIST OF TOKENS


=item *
AuthCryptKey

The Blowfish key used to encrypt and decrypt the authentication cookie. 
It defaults to F<my secret> if this variable is not set.

AuthenSecurID.pm  view on Meta::CPAN

=item *
AuthCookieTimeOut

The time in minute a cookie is valid for.  It is not recommended to set
below 5.  It defaults to F<30> if this variable is not set.

=item *
Auth_Handler

The path of authentication handler.  This is the URL which request with
invalid cookie are redirected to.  The handler will prompt for username
and passcode.  It does the actual authentication and sets the initial
cookie.  This mechanism is used instead of get_basic_auth_pw because
get_basic_auth_pw will do multiple authentication attempt on pages that 
contain frames.  The ACE server will deny simultaneous authentication 
attempts since it considers this a type of attack.  It defaults to 
F</ace_init> if this variable is not set.  Please see
Apache::AuthenSecurID::Auth to properly configure this functionality.

=head1 CONFIGURATION

RCS/AuthenSecurID.pm,v  view on Meta::CPAN

 require valid-user
</Location>

=head1 DESCRIPTION

This module allows authentication against a SecurID server.  It
detects whether a user has a valid encrypted cookie containing their 
username and last activity time stamp.  If the cookie is valid the module 
will change the activity timestamp to the present time, encrypt and send the
cookie.  If the cookie is not valid the module will redirect to the
authentication handler to prompt for username and passcode.

=head1 LIST OF TOKENS


=item *
AuthCryptKey

The Blowfish key used to encrypt and decrypt the authentication cookie. 
It defaults to F<my secret> if this variable is not set.

RCS/AuthenSecurID.pm,v  view on Meta::CPAN

=item *
AuthCookieTimeOut

The time in minute a cookie is valid for.  It is not recommended to set
below 5.  It defaults to F<30> if this variable is not set.

=item *
Auth_Handler

The path of authentication handler.  This is the URL which request with
invalid cookie are redirected to.  The handler will prompt for username
and passcode.  It does the actual authentication and sets the initial
cookie.  This mechanism is used instead of get_basic_auth_pw because
get_basic_auth_pw will do multiple authentication attempt on pages that 
contain frames.  The ACE server will deny simultaneous authentication 
attempts since it considers this a type of attack.  It defaults to 
F</ace_init> if this variable is not set.  Please see
Apache::AuthenSecurID::Auth to properly configure this functionality.

=head1 CONFIGURATION

RCS/README,v  view on Meta::CPAN

       </Location>


DESCRIPTION
       This module allows authentication against a SecurID
       server.  It detects whether a user has a valid encrypted
       cookie containing their username and last activity time
       stamp.  If the cookie is valid the module will change the
       activity timestamp to the present time, encrypt and send
       the cookie.  If the cookie is not valid the module will
       redirect to the authentication handler to prompt for
       username and passcode.

LIST OF TOKENS
       o AuthCryptKey
              The Blowfish key used to encrypt and decrypt the
              authentication cookie.  It defaults to my secret if
              this variable is not set.

       o AuthCookie
              The name of the of cookie to be set for the

RCS/README,v  view on Meta::CPAN

              variable is not set.

       o AuthCookieTimeOut
              The time in minute a cookie is valid for.  It is
              not recommended to set below 5.  It defaults to 30
              if this variable is not set.

       o Auth_Handler
              The path of authentication handler.  This is the
              URL which request with invalid cookie are
              redirected to.  The handler will prompt for
              username and passcode.  It does the actual
              authentication and sets the initial cookie.  This
              mechanism is used instead of get_basic_auth_pw
              because get_basic_auth_pw will do multiple
              authentication attempt on pages that contain
              frames.  The ACE server will deny simultaneous
              authentication attempts since it considers this a
              type of attack.  It defaults to /ace_init if this
              variable is not set.  Please see
              Apache::AuthenSecurID::Auth to properly configure

RCS/README,v  view on Meta::CPAN

          PerlSetVar AuthApacheCookie Apache_Cookie
          PerlSetVar ace_initd_server name.of.ace.handler.server.com
          PerlSetVar ace_initd_port 1969
       </Location>


DESCRIPTION
       This module allows authentication against a SecurID
       server.  A request is redirected to this handler if the
       authentication cookie does not exist or is no longer
       valid.  The handler will prompt for username and passcode.
       It will then construct and encrypt a UDP packet and send
       it to the Ace request daemon.  This is necessary since
       libsdiclient.a needs to persist for NEXT TOKEN MODE and
       SET PIN MODE.  If the authentication is valid an encrypted
       Authentication Cookie is set and the request is redirected
       to the originating URI.  If the user needs to enter NEXT
       TOKEN or set their PIN they will be prompted to do so and
       if valid the request is then redirected to the originating
       URI.

LIST OF TOKENS
       o AuthCryptKey
              The Blowfish key used to encrypt and decrypt the
              authentication cookie.  It defaults to my secret if
              this variable is not set.

       o AuthCookie

RCS/README,v  view on Meta::CPAN

              on.  It defaults to 1969 if this variable is not
              set.

       o syslog
              The syslog facility ace_initd logs to.  It defaults
              to local2 if this variable is not set.

CONFIGURATION
       Either run from the command line;

       prompt$ nohup ./ace_initd &

       or write the appropriate scripts in the /etc/rc
       directories.

PREREQUISITES
       ace_initd requires Crypt::Blowfish, Crypt::CBC and
       Authen::ACE.


SEE ALSO

RCS/ace_initd,v  view on Meta::CPAN

syslog

The syslog facility ace_initd logs to.  It defaults to F<local2> 
if this variable is not set.


=head1 CONFIGURATION

Either run from the command line;

prompt$ nohup ./ace_initd &

or write the appropriate scripts in the /etc/rc directories.

=head1 PREREQUISITES


ace_initd requires Crypt::Blowfish, Crypt::CBC and Authen::ACE.


=head1 SEE ALSO

README  view on Meta::CPAN

       </Location>


DESCRIPTION
       This module allows authentication against a SecurID
       server.  It detects whether a user has a valid encrypted
       cookie containing their username and last activity time
       stamp.  If the cookie is valid the module will change the
       activity timestamp to the present time, encrypt and send
       the cookie.  If the cookie is not valid the module will
       redirect to the authentication handler to prompt for
       username and passcode.

LIST OF TOKENS
       o AuthCryptKey
              The Blowfish key used to encrypt and decrypt the
              authentication cookie.  It defaults to my secret if
              this variable is not set.

       o AuthCookie
              The name of the of cookie to be set for the

README  view on Meta::CPAN

              variable is not set.

       o AuthCookieTimeOut
              The time in minute a cookie is valid for.  It is
              not recommended to set below 5.  It defaults to 30
              if this variable is not set.

       o Auth_Handler
              The path of authentication handler.  This is the
              URL which request with invalid cookie are
              redirected to.  The handler will prompt for
              username and passcode.  It does the actual
              authentication and sets the initial cookie.  This
              mechanism is used instead of get_basic_auth_pw
              because get_basic_auth_pw will do multiple
              authentication attempt on pages that contain
              frames.  The ACE server will deny simultaneous
              authentication attempts since it considers this a
              type of attack.  It defaults to /ace_init if this
              variable is not set.  Please see
              Apache::AuthenSecurID::Auth to properly configure

README  view on Meta::CPAN

          PerlSetVar AuthApacheCookie Apache_Cookie
          PerlSetVar ace_initd_server name.of.ace.handler.server.com
          PerlSetVar ace_initd_port 1969
       </Location>


DESCRIPTION
       This module allows authentication against a SecurID
       server.  A request is redirected to this handler if the
       authentication cookie does not exist or is no longer
       valid.  The handler will prompt for username and passcode.
       It will then construct and encrypt a UDP packet and send
       it to the Ace request daemon.  This is necessary since
       libsdiclient.a needs to persist for NEXT TOKEN MODE and
       SET PIN MODE.  If the authentication is valid an encrypted
       Authentication Cookie is set and the request is redirected
       to the originating URI.  If the user needs to enter NEXT
       TOKEN or set their PIN they will be prompted to do so and
       if valid the request is then redirected to the originating
       URI.

LIST OF TOKENS
       o AuthCryptKey
              The Blowfish key used to encrypt and decrypt the
              authentication cookie.  It defaults to my secret if
              this variable is not set.

       o AuthCookie

README  view on Meta::CPAN

              on.  It defaults to 1969 if this variable is not
              set.

       o syslog
              The syslog facility ace_initd logs to.  It defaults
              to local2 if this variable is not set.

CONFIGURATION
       Either run from the command line;

       prompt$ nohup ./ace_initd &

       or write the appropriate scripts in the /etc/rc
       directories.

PREREQUISITES
       ace_initd requires Crypt::Blowfish, Crypt::CBC and
       Authen::ACE.


SEE ALSO

ace_initd  view on Meta::CPAN

syslog

The syslog facility ace_initd logs to.  It defaults to F<local2> 
if this variable is not set.


=head1 CONFIGURATION

Either run from the command line;

prompt$ nohup ./ace_initd &

or write the appropriate scripts in the /etc/rc directories.

=head1 PREREQUISITES


ace_initd requires Crypt::Blowfish, Crypt::CBC and Authen::ACE.


=head1 SEE ALSO



( run in 1.169 second using v1.01-cache-2.11-cpan-6aa56a78535 )