man Bric::App::Auth () - Does the dirty work of authentication.

NAME

Bric::App::Auth - Does the dirty work of authentication.

VERSION

$LastChangedRevision$

DATE

$LastChangedDate: 2005-07-10 21:05:35 -0700 (Sun, 10 Jul 2005) $

SYNOPSIS

  <VirtualHost _default_:443>
      ErrorLog /usr/local/apache/logs/error_log
      TransferLog /usr/local/apache/logs/access_log
      SSLEngine on
      SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
      SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
      SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
      <Location /login>
          SetHandler perl-script
          PerlHandler Bric::App::Auth
      </Location>
  </VirtualHost>

DESCRIPTION

This module handles the user authentication.

INTERFACE

Constructors

NONE.

Destructors

NONE.

Public Class Methods

NONE.

Public Functions

Checks to see if the user is logged in to the current session. Used by Bric::App::AccessHandler. Throws: NONE. Side Effects: NONE. Notes: NONE. Logs the user into Bricolage, setting the authentication cookie to allow future access that can be checked by a call to auth(). CW$bool is true on successful login. CW$bool is undef on failed login, and CW$msg contains the reason why the login failed. Throws: None. Side Effects: NONE. Notes: NONE. Sets up a different user for the current user to masquerade as. This is useful when an administrator needs a to masquerade as another user in order to check in assets that user hasn't checked in. Note that CWmasquerade() performs no authentication. It is expected that the current user will have permission to masquerade as the user passed in. Throws: None. Side Effects: NONE. Notes: NONE. Logs the currently logged-in user out. Throws: None. Side Effects: NONE. Notes: NONE.

PRIVATE

Private Class Methods

NONE.

Private Instance Methods

NONE.

Private Functions

Bakes the authentication cookie. Throws: None. Side Effects: NONE. Notes: NONE. Returns the data points required for baking cookies. These include the MD5 hash, the expiration time, and the IP subnet. Throws: None. Side Effects: NONE. Notes: NONE. Expires the user session and then returns an error message explaining why the user wasn't able to authenticate. Throws:

*
Unable to expire user session.
*
Difficulties tie'ing the session hash. Side Effects: NONE. Notes: NONE.

NOTES

NONE.

AUTHOR

David Wheeler <david@wheeler.net>

SEE ALSO

Bric