Apache2-AuthenSecurID

 view release on metacpan or  search on metacpan

Auth/Auth.pm  view on Meta::CPAN

   PerlSetVar AuthCookiePath /path/of/authentication/cookie
   PerlSetVar AuthApacheCookie Apache_Cookie
   PerlSetVar ace_initd_server name.of.ace.handler.server.com
   PerlSetVar ace_initd_port 1969
</Location>

=head1 DESCRIPTION

This module allows authentication against a SecurID server.  A request
is redirected to this handler if the authentication cookie does not
exist or is no longer valid.  The handler will prompt for username and 
passcode.  It will then construct and encrypt a UDP packet and send it to 
the Ace request daemon.  This is necessary since libsdiclient.a needs to 
persist for NEXT TOKEN MODE and SET PIN MODE.  If the authentication is 
valid an encrypted Authentication Cookie is set and the request is redirected 
to the originating URI.  If the user needs to enter NEXT TOKEN or set their 
PIN they will be prompted to do so and if valid the request is then redirected 
to the originating URI.


=head1 LIST OF TOKENS


=item *
AuthCryptKey

The Blowfish key used to encrypt and decrypt the authentication cookie. 

Auth/RCS/Auth.pm,v  view on Meta::CPAN

   PerlSetVar AuthCookiePath /path/of/authentication/cookie
   PerlSetVar AuthApacheCookie Apache_Cookie
   PerlSetVar ace_initd_server name.of.ace.handler.server.com
   PerlSetVar ace_initd_port 1969
</Location>

=head1 DESCRIPTION

This module allows authentication against a SecurID server.  A request
is redirected to this handler if the authentication cookie does not
exist or is no longer valid.  The handler will prompt for username and 
passcode.  It will then construct and encrypt a UDP packet and send it to 
the Ace request daemon.  This is necessary since libsdiclient.a needs to 
persist for NEXT TOKEN MODE and SET PIN MODE.  If the authentication is 
valid an encrypted Authentication Cookie is set and the request is redirected 
to the originating URI.  If the user needs to enter NEXT TOKEN or set their 
PIN they will be prompted to do so and if valid the request is then redirected 
to the originating URI.


=head1 LIST OF TOKENS


=item *
AuthCryptKey

The Blowfish key used to encrypt and decrypt the authentication cookie. 

Auth/RCS/Auth.pm,v  view on Meta::CPAN

text
@d1 1
a1 1
# $Id: Auth.pm,v 1.4 2001/06/19 19:39:39 root Exp root $
d530 4
d556 1
a556 1
will be redirected to this handler if the authentication cookie does not
d563 2
a564 2
PIN they will be prompted to do so and then redirected to the originating
URI.
d579 1
a579 1
The name of the of cookie to be set for the authenticaion token.  
d588 1
a588 1
authorizied users.  It defaults to F<SecurID_User> if this variable is not set.
d593 1
a593 1
The path of the of cookie to be set for the authenticaion token.  

AuthenSecurID.pm  view on Meta::CPAN

 require valid-user
</Location>

=head1 DESCRIPTION

This module allows authentication against a SecurID server.  It
detects whether a user has a valid encrypted cookie containing their 
username and last activity time stamp.  If the cookie is valid the module 
will change the activity timestamp to the present time, encrypt and send the
cookie.  If the cookie is not valid the module will redirect to the
authentication handler to prompt for username and passcode.

=head1 LIST OF TOKENS


=item *
AuthCryptKey

The Blowfish key used to encrypt and decrypt the authentication cookie. 
It defaults to F<my secret> if this variable is not set.

AuthenSecurID.pm  view on Meta::CPAN

=item *
AuthCookieTimeOut

The time in minute a cookie is valid for.  It is not recommended to set
below 5.  It defaults to F<30> if this variable is not set.

=item *
Auth_Handler

The path of authentication handler.  This is the URL which request with
invalid cookie are redirected to.  The handler will prompt for username
and passcode.  It does the actual authentication and sets the initial
cookie.  This mechanism is used instead of get_basic_auth_pw because
get_basic_auth_pw will do multiple authentication attempt on pages that 
contain frames.  The ACE server will deny simultaneous authentication 
attempts since it considers this a type of attack.  It defaults to 
F</ace_init> if this variable is not set.  Please see
Apache2::AuthenSecurID::Auth to properly configure this functionality.

=head1 CONFIGURATION

RCS/AuthenSecurID.pm,v  view on Meta::CPAN

 require valid-user
</Location>

=head1 DESCRIPTION

This module allows authentication against a SecurID server.  It
detects whether a user has a valid encrypted cookie containing their 
username and last activity time stamp.  If the cookie is valid the module 
will change the activity timestamp to the present time, encrypt and send the
cookie.  If the cookie is not valid the module will redirect to the
authentication handler to prompt for username and passcode.

=head1 LIST OF TOKENS


=item *
AuthCryptKey

The Blowfish key used to encrypt and decrypt the authentication cookie. 
It defaults to F<my secret> if this variable is not set.

RCS/AuthenSecurID.pm,v  view on Meta::CPAN

=item *
AuthCookieTimeOut

The time in minute a cookie is valid for.  It is not recommended to set
below 5.  It defaults to F<30> if this variable is not set.

=item *
Auth_Handler

The path of authentication handler.  This is the URL which request with
invalid cookie are redirected to.  The handler will prompt for username
and passcode.  It does the actual authentication and sets the initial
cookie.  This mechanism is used instead of get_basic_auth_pw because
get_basic_auth_pw will do multiple authentication attempt on pages that 
contain frames.  The ACE server will deny simultaneous authentication 
attempts since it considers this a type of attack.  It defaults to 
F</ace_init> if this variable is not set.  Please see
Apache2::AuthenSecurID::Auth to properly configure this functionality.

=head1 CONFIGURATION

RCS/README,v  view on Meta::CPAN


     require valid-user
    </Location>

DESCRIPTION
    This module allows authentication against a SecurID server. It detects
    whether a user has a valid encrypted cookie containing their username
    and last activity time stamp. If the cookie is valid the module will
    change the activity timestamp to the present time, encrypt and send the
    cookie. If the cookie is not valid the module will redirect to the
    authentication handler to prompt for username and passcode.

LIST OF TOKENS
    * AuthCryptKey
    The Blowfish key used to encrypt and decrypt the authentication cookie.
    It defaults to my secret if this variable is not set.

    * AuthCookie
    The name of the of cookie to be set for the authentication token. It
    defaults to SecurID if this variable is not set.

RCS/README,v  view on Meta::CPAN

    * AuthCookiePath
    The path of the of cookie to be set for the authentication token. It
    defaults to / if this variable is not set.

    * AuthCookieTimeOut
    The time in minute a cookie is valid for. It is not recommended to set
    below 5. It defaults to 30 if this variable is not set.

    * Auth_Handler
    The path of authentication handler. This is the URL which request with
    invalid cookie are redirected to. The handler will prompt for username
    and passcode. It does the actual authentication and sets the initial
    cookie. This mechanism is used instead of get_basic_auth_pw because
    get_basic_auth_pw will do multiple authentication attempt on pages that
    contain frames. The ACE server will deny simultaneous authentication
    attempts since it considers this a type of attack. It defaults to
    /ace_init if this variable is not set. Please see
    Apache2::AuthenSecurID::Auth to properly configure this functionality.

CONFIGURATION
    The module should be loaded upon startup of the Apache daemon. Add the

RCS/README,v  view on Meta::CPAN

       PerlSetVar AuthUserCookie Name_of_Username_Authentication_Cookie
       PerlSetVar AuthCookiePath /path/of/authentication/cookie
       PerlSetVar AuthApacheCookie Apache_Cookie
       PerlSetVar ace_initd_server name.of.ace.handler.server.com
       PerlSetVar ace_initd_port 1969
    </Location>

DESCRIPTION
    This module allows authentication against a SecurID server. A request is
    redirected to this handler if the authentication cookie does not exist
    or is no longer valid. The handler will prompt for username and
    passcode. It will then construct and encrypt a UDP packet and send it to
    the Ace request daemon. This is necessary since libsdiclient.a needs to
    persist for NEXT TOKEN MODE and SET PIN MODE. If the authentication is
    valid an encrypted Authentication Cookie is set and the request is
    redirected to the originating URI. If the user needs to enter NEXT TOKEN
    or set their PIN they will be prompted to do so and if valid the request
    is then redirected to the originating URI.

LIST OF TOKENS
    * AuthCryptKey
    The Blowfish key used to encrypt and decrypt the authentication cookie.
    It defaults to my secret if this variable is not set.

    * AuthCookie
    The name of the of cookie to be set for the authentication token. It
    defaults to SecurID if this variable is not set.

RCS/README,v  view on Meta::CPAN

    * --facility
    The syslog facility ace_initd logs to. It defaults to local2 if this
    variable is not set.

    * --daemon
    Break off from the shell and become a daemon.

CONFIGURATION
    Either run from the command line;

    prompt$ nohup ./ace_initd &

    or write the appropriate scripts in the /etc/rc directories.

PREREQUISITES
    ace_initd requires Crypt::Blowfish, Crypt::CBC and Authen::ACE.

SEE ALSO
    Authen::ACE Apache::AuthenSecurID Apache::AuthenSecurID::Auth

AUTHORS

RCS/README,v  view on Meta::CPAN

       </Location>
d41 2
d45 6
a50 8
       This module allows authentication against a SecurID
       server.  It detects whether a user has a valid encrypted
       cookie containing their username and last activity time
       stamp.  If the cookie is valid the module will change the
       activity timestamp to the present time, encrypt and send
       the cookie.  If the cookie is not valid the module will
       redirect to the authentication handler to prompt for
       username and passcode.
d53 33
a85 44
       o AuthCryptKey
              The Blowfish key used to encrypt and decrypt the
              authentication cookie.  It defaults to my secret if
              this variable is not set.

       o AuthCookie
              The name of the of cookie to be set for the

RCS/README,v  view on Meta::CPAN

              variable is not set.

       o AuthCookieTimeOut
              The time in minute a cookie is valid for.  It is
              not recommended to set below 5.  It defaults to 30
              if this variable is not set.

       o Auth_Handler
              The path of authentication handler.  This is the
              URL which request with invalid cookie are
              redirected to.  The handler will prompt for
              username and passcode.  It does the actual
              authentication and sets the initial cookie.  This
              mechanism is used instead of get_basic_auth_pw
              because get_basic_auth_pw will do multiple
              authentication attempt on pages that contain
              frames.  The ACE server will deny simultaneous
              authentication attempts since it considers this a
              type of attack.  It defaults to /ace_init if this
              variable is not set.  Please see
              Apache::AuthenSecurID::Auth to properly configure

RCS/README,v  view on Meta::CPAN

          PerlSetVar AuthApacheCookie Apache_Cookie
          PerlSetVar ace_initd_server name.of.ace.handler.server.com
          PerlSetVar ace_initd_port 1969
       </Location>
d124 8
d134 10
a143 13
       This module allows authentication against a SecurID
       server.  A request is redirected to this handler if the
       authentication cookie does not exist or is no longer
       valid.  The handler will prompt for username and passcode.
       It will then construct and encrypt a UDP packet and send
       it to the Ace request daemon.  This is necessary since
       libsdiclient.a needs to persist for NEXT TOKEN MODE and
       SET PIN MODE.  If the authentication is valid an encrypted
       Authentication Cookie is set and the request is redirected
       to the originating URI.  If the user needs to enter NEXT
       TOKEN or set their PIN they will be prompted to do so and
       if valid the request is then redirected to the originating
       URI.
d146 41
a186 53
       o AuthCryptKey
              The Blowfish key used to encrypt and decrypt the
              authentication cookie.  It defaults to my secret if
              this variable is not set.

       o AuthCookie

RCS/README,v  view on Meta::CPAN

              set.

       o syslog
              The syslog facility ace_initd logs to.  It defaults
              to local2 if this variable is not set.
d256 1
a256 1
       Either run from the command line;
d258 1
a258 1
       prompt$ nohup ./ace_initd &
d260 1
a260 2
       or write the appropriate scripts in the /etc/rc
       directories.
d263 1
a263 3
       ace_initd requires Crypt::Blowfish, Crypt::CBC and
       Authen::ACE.

d266 1

RCS/ace_initd,v  view on Meta::CPAN


=item *
--daemon

Break off from the shell and become a daemon.

=head1 CONFIGURATION

Either run from the command line;

prompt$ nohup ./ace_initd &

or write the appropriate scripts in the /etc/rc directories.

=head1 PREREQUISITES

ace_initd requires Crypt::Blowfish, Crypt::CBC and Authen::ACE.

=head1 SEE ALSO

L<Authen::ACE> L<Apache::AuthenSecurID> L<Apache::AuthenSecurID::Auth>

README  view on Meta::CPAN


     require valid-user
    </Location>

DESCRIPTION
    This module allows authentication against a SecurID server. It detects
    whether a user has a valid encrypted cookie containing their username
    and last activity time stamp. If the cookie is valid the module will
    change the activity timestamp to the present time, encrypt and send the
    cookie. If the cookie is not valid the module will redirect to the
    authentication handler to prompt for username and passcode.

LIST OF TOKENS
    * AuthCryptKey
    The Blowfish key used to encrypt and decrypt the authentication cookie.
    It defaults to my secret if this variable is not set.

    * AuthCookie
    The name of the of cookie to be set for the authentication token. It
    defaults to SecurID if this variable is not set.

README  view on Meta::CPAN

    * AuthCookiePath
    The path of the of cookie to be set for the authentication token. It
    defaults to / if this variable is not set.

    * AuthCookieTimeOut
    The time in minute a cookie is valid for. It is not recommended to set
    below 5. It defaults to 30 if this variable is not set.

    * Auth_Handler
    The path of authentication handler. This is the URL which request with
    invalid cookie are redirected to. The handler will prompt for username
    and passcode. It does the actual authentication and sets the initial
    cookie. This mechanism is used instead of get_basic_auth_pw because
    get_basic_auth_pw will do multiple authentication attempt on pages that
    contain frames. The ACE server will deny simultaneous authentication
    attempts since it considers this a type of attack. It defaults to
    /ace_init if this variable is not set. Please see
    Apache2::AuthenSecurID::Auth to properly configure this functionality.

CONFIGURATION
    The module should be loaded upon startup of the Apache daemon. Add the

README  view on Meta::CPAN

       PerlSetVar AuthUserCookie Name_of_Username_Authentication_Cookie
       PerlSetVar AuthCookiePath /path/of/authentication/cookie
       PerlSetVar AuthApacheCookie Apache_Cookie
       PerlSetVar ace_initd_server name.of.ace.handler.server.com
       PerlSetVar ace_initd_port 1969
    </Location>

DESCRIPTION
    This module allows authentication against a SecurID server. A request is
    redirected to this handler if the authentication cookie does not exist
    or is no longer valid. The handler will prompt for username and
    passcode. It will then construct and encrypt a UDP packet and send it to
    the Ace request daemon. This is necessary since libsdiclient.a needs to
    persist for NEXT TOKEN MODE and SET PIN MODE. If the authentication is
    valid an encrypted Authentication Cookie is set and the request is
    redirected to the originating URI. If the user needs to enter NEXT TOKEN
    or set their PIN they will be prompted to do so and if valid the request
    is then redirected to the originating URI.

LIST OF TOKENS
    * AuthCryptKey
    The Blowfish key used to encrypt and decrypt the authentication cookie.
    It defaults to my secret if this variable is not set.

    * AuthCookie
    The name of the of cookie to be set for the authentication token. It
    defaults to SecurID if this variable is not set.

README  view on Meta::CPAN

    * --facility
    The syslog facility ace_initd logs to. It defaults to local2 if this
    variable is not set.

    * --daemon
    Break off from the shell and become a daemon.

CONFIGURATION
    Either run from the command line;

    prompt$ nohup ./ace_initd &

    or write the appropriate scripts in the /etc/rc directories.

PREREQUISITES
    ace_initd requires Crypt::Blowfish, Crypt::CBC and Authen::ACE.

SEE ALSO
    Authen::ACE Apache::AuthenSecurID Apache::AuthenSecurID::Auth

AUTHORS

ace_initd  view on Meta::CPAN


=item *
--daemon

Break off from the shell and become a daemon.

=head1 CONFIGURATION

Either run from the command line;

prompt$ nohup ./ace_initd &

or write the appropriate scripts in the /etc/rc directories.

=head1 PREREQUISITES

ace_initd requires Crypt::Blowfish, Crypt::CBC and Authen::ACE.

=head1 SEE ALSO

L<Authen::ACE> L<Apache::AuthenSecurID> L<Apache::AuthenSecurID::Auth>



( run in 1.520 second using v1.01-cache-2.11-cpan-6aa56a78535 )