Apache-SiteControl
view release on metacpan - search on metacpan
view release on metacpan or search on metacpan
that can be compromised by reading a config file.
- INCOMPATIPLE NAME CHANGE: Changed AccessController to Apache::SiteControl.
This makes more sense in the CPAN sense, and will help with installation
and version checking. See README.UPGRADING_TO_1.0.
June 14, 2005: Version 0.46
- Added encryption when saving passwords to session files. Adds a little
security, but still needs to be better.
May 5, 2005: Version 0.42
- Fixed bug in saving extra user credentials to session
May 1, 2005: Version 0.42
- Changed name to Apache::SiteControl
- Removed radius bugfix from 0.41...needs more debugging
May 1, 2005:
- Fixed bug when passing extended credentials to check_credentials.
Apr 29, 2005: Version 0.41
- Added the ability to pass extra "credentials" from the login page. This
will allow you to choose alternatives (such as imap server for a webmail
client, etc.)
- Patched Radius.pm to include NAS IP
Apr 20, 2005: Version 0.41
- Added ability to store password in user object. This is enabled with an
Apache directive.
Mar 1, 2005: Version 0.3.1
- Changed call to user factory so that all credentials are passed. This
makes it possible to embed the password in the user object for things like
pass-through logins.
- New option to allow caching of passwords in the server side session (off
by default for security reasons...see docs/apache)
June 7, 2004: Version 0.3
- Now works with Apache 2/mod_perl 2 in Apache compat mode
- Wrote sample sites for both apache 1 and 2.
- Updated docs to reflect all the changes
docs/apache view on Meta::CPAN
- The auth name to use with apache for the set of auth parameters. See docs
for apache.
RadiusAccessControllerHost: default localhost
- If using radius, the name of the host that is running the radius server
RadiusAccessControllerSecret: default unknown
- If using radius, the secret key that allows communication
SiteControlMethod: default SiteControl::Radius
- The module that is used to verify credentials. See SiteControl::Radius for
ideas on writing your own.
UserObjectSavePassword: default 0
- Should the user's password be saved in the server side session file. This
is necessary for webapps that must log into other servers as that user
(i.e. imap).
UserObjectPasswordCipher: default CAST5
- The cipher to use for encrypting the user passwords in the session files
lib/Apache/SiteControl.pm view on Meta::CPAN
my @cred = @_; # Credentials from login form
my $debug = $r->dir_config("SiteControlDebug") || 0;
my $checker = $r->dir_config("SiteControlMethod") || "Apache::SiteControl::Radius";
my $factory = $r->dir_config("SiteControlUserFactory") || "Apache::SiteControl::UserFactory";
my $user = undef;
my $ok;
# Load the user authentication module
eval "require $checker" or $r->log_error("Could not load $checker: $@");
eval "require $factory" or $r->log_error("Could not load $factory: $@");
eval '$ok = ' . ${checker} . '::check_credentials($r, @cred)' or $r->log_error("authentication error code: $@");
if($ok) {
eval('$user = ' . "$factory" . '->makeUser($r, @cred)');
if($@) {
$r->log_error("Error reported during call to ${factory}->makeUser: $@");
}
}
return $user->{sessionid} if defined($user);
lib/Apache/SiteControl/Radius.pm view on Meta::CPAN
use strict;
use warnings;
use Carp;
use Authen::Radius;
#use Apache::Connection;
#use Apache::RequestRec;
#use APR::SockAddr;
our $VERSION = "1.0";
sub check_credentials
{
my $r = shift; # Apache request object
my $username = shift;
my $password = shift;
my $host = $r->dir_config("RadiusSiteControlHost") || "localhost";
my $secret = $r->dir_config("RadiusSiteControlSecret") || "unknown";
my $radius;
# Get my IP address to pass as the
# Source IP and NAS IP Address
lib/Apache/SiteControl/UserFactory.pm view on Meta::CPAN
sub init_engine
{
my $cipher = shift;
my $key = shift;
if(!defined($engine)) {
$engine = Crypt::CBC->new({ key => $key, cipher => $cipher });
}
}
# Params: Apache request, username, password, other credentials...
sub makeUser
{
my $this = shift;
my $r = shift;
my $username = shift;
my $password = shift;
my @other_cred = @_;
my $sessiondir = $r->dir_config("SiteControlSessions") || "/tmp";
my $lockdir = $r->dir_config("SiteControlLocks") || "/tmp";
my $debug = $r->dir_config("SiteControlDebug") || 0;
sample/SimpleAuth.pm view on Meta::CPAN
package SimpleAuth;
use 5.008;
use strict;
use warnings;
sub check_credentials
{
my $r = shift; # Apache request object
my $username = shift;
my $password = shift;
return 1 if($username eq 'admin' && $password eq 'test');
return 1 if($username eq 'user' && $password eq 'test');
return 0;
}
view all matches for this distributionview release on metacpan - search on metacpan
( run in 0.640 second using v1.00-cache-2.02-grep-82fe00e-cpan-2c419f77a38b )