man WebKDC () - functions to support the WebKDC

NAME

WebKDC - functions to support the WebKDC

SYNOPSIS

  use WebAuth;
  use WebKDC;
  use WebKDC::Exception;
  use WebKDC::WebRequest;
  use WebKDC::WebResponse;


  my ($status, $exception) = 
         WebKDC::make_request_token_request($req, $resp);

DESCRIPTION

WebKDC is a set of convenience functions built on top of mod WebAuth to implement the WebKDC.

All functions have the potential to throw either a WebKDC::WebKDCException or WebAuth::Exception.

EXPORT

None

FUNCTIONS

make_request_token_request(req,resp)
  ($status, $e) = WebKDC::make_request_token_request($req, $resp);
Used to handle an incoming request token. It should be used in the following fashion: 
  my $req = new WebKDC::WebRequest;
  my $resp = new WebKDC::WebResponse;

  # if the user just submitted their username/password, include them
  if ($username && $password) {
    $req->user($username);
    $req->pass($password);
  }

  # pass in any proxy-tokens we have from a cookies
  # i.e., enumerate through all cookies that start with webauth_wpt
  # and put them into a hash:
  # $cookies = { "webauth_wpt_krb5" => $cookie_value }

  $req->proxy_cookies($cookies);

  # $req_token_str and $service_token_str would normally get
  # passed in via query/post parameters

  $req->request_token($req_token_str);
  $req->service_token($service_token_str);

  my ($status, $e) = WebKDC::make_request_token_request($req, $resp);

  # for all these cases, check if $resp->proxy_cookies() has any
  # proxy cookies we need to update when sending back a page to
  # the browser

  if ($status == WK_SUCCESS) {
     # ok, request succesful
  } elsif ($status == WK_ERR_USER_AND_PASS_REQUIRED) {
     # prompt for user/pass
  } elsif ($status == WK_ERR_LOGIN_FAILED) {
     # supplied user/pass was invalid, try again
  } else {
    # use this if/elsif/else to pick the error message
    if ($status == WK_ERR_UNRECOVERABLE_ERROR) {
       # something nasty happened.
    } elsif ($status == WK_ERR_REQUEST_TOKEN_STATLE) {
       # user took too long to login, original request token is stale
    } elsif ($status == WK_ERR_WEBAUTH_SERVER_ERROR) {
       # like WK_ERR_UNRECOVERABLE_ERROR, but indicates the error
       # most likely is due to the webauth server making the request,
    } else {
       # treat like WK_ERROR_UNRECOVERABLE ERROR
    }
    # display the error message and don't prompt anymore
  }

AUTHOR

Roland Schemers (schemers@stanford.edu)

SEE ALSO

WebKDC::WebKDCException WebKDC::Token WebKDC::WebRequest WebKDC::WebRespsonse WebAuth.