CGI-Authent
1 match

 view release on metacpan or  search on metacpan

Authent.pm  view on Meta::CPAN 

  a function, or a string to be eval()uated. The string '_default' has
  a special meaning, it gets translated to 'defined $ENV{REMOTE_USER}',
  so it checks if the user was authentificated by the server.
  If the function/expression returns a true value, the script runs,
  otherwise the user gets asked for a login/password pair.

 header => 'Some: additional headers'
  You may add some headers to the response that will be sent if the test fails.
  You may add several headers either as
   header => 'Header1\r\nHeader2'
  or
   header1 => 'Header1',
   header2 => 'Header2'
   
 Authenticate => 'Additional authentification methods'
  You may specify additional authentification methods here.
  The string you specify will be prepended by 'WWW-Authenticate: ' and
  added to the headers.
  You may use the same methods for several methods as with headers.

=head2 Tests

The default test is 'defined $ENV{REMOTE_USER}' which only checks
whether the user entered any login/password pair that was accepted
by the server.

Other predefined tests are :

 CGI::Authent::can_read $file[, $file2, ...]
  Does the script have permissions to read the file(s)?
 
 CGI::Authent::isbetween 'h:m-h:m';
  It the time in this range?

 CGI::Authent::between 'h:m-h:m';
  It the time in this range? This version will disallow
  access buring other times completely! No request for authentification,
  just 403 Forbiden response!


You may of course combine several tests :

 test => 'CGI::Authent::can_read "c:\\inetpub\\group1.lck" and CGIAuthent::between '8:00-17:00'
          or
          CGI::Authent::can_read "c:\\inetpub\\group2.lck" and CGI::Authent::between '17:00-8:00'
         '

=head2 Other functions

 CGI::Authent::forbide [$message]
  Send the "HTTP 403 Forbiden" response.

 CGI::Authent::login [$message]
  Send the "HTTP 401 UnAuthentified" response.

=head2 REMINDER

CGI::Authent doesn't validate the passwords. It cannot even see them. It
just does a few tests and if the tests fail it sends to the user a
request for authentication. But it's the server's task to validate the
credentials passed by the browser.

If you want for example to validate passwords against a database,
consult your servers documentation. You will probably have to install some filter or plugin.
It should be relatively easy to find such beasts on the net. I've written an ISAPI filter for this,
you may get it at http://jenda.krynicky.cz/authfilter.1.0.zip . Take it as an example, not as a solution!

=head2 Guts

All options are parsed and added to the headers before yout test runs,
so you may change the headers from it.

The headers are in $CGI::Authent::header, the message is in $CGI::Authent::message.

=head2 AUTHOR

Jan Krynicky <Jenda@Krynicky.cz>
7/26/1999

=cut

 view all matches for this distribution
 view release on metacpan -  search on metacpan

( run in 0.968 second using v1.00-cache-2.02-grep-82fe00e-cpan-2c419f77a38b )