Authentication handler

I'm looking at the code at the modperl.com site > ('Authenticating against a database') as I need to write an
authentication handler for our site.

This is part of the sample code:

# file: Apache/GateKeeper.pm
use strict;
use Apache::Constants qw(:common);
sub handler {
my $r = shift;
my $gate = $r->dir_config("Gate");

for mod_perl2 do I just use

Apache2::Const qw(:common);

and use the rest of that code as a model or will I run into other
issues?


--
Bruce Johnson
University of Arizona
College of Pharmacy
Information Technology Group

Institutions do not have opinions, merely customs

Re: Authentication handler

Bruce Johnson wrote:
> I'm looking at the code at the modperl.com site
> ('Authenticating against
> a database') as I need to write an authentication handler for our site.
>
> This is part of the sample code:
>
> # file: Apache/GateKeeper.pm
> use strict;
> use Apache::Constants qw(:common);
> sub handler {
> my $r = shift;
> my $gate = $r->dir_config("Gate");
>
> for mod_perl2 do I just use
>
> Apache2::Const qw(:common);
>
> and use the rest of that code as a model or will I run into other issues?
>

You can of course use it as a model.
And you will certainly run into many issues, because web server
authentication is more complex than it might look at first.

I would recommend an alternative approach to you :

1) check in CPAN what already exists as AAA modules for Apache. Chances
are overwhelming that you will find already done, what you are trying to do.
2) Even if you do not find exactly what you need, try to find an
existing module and modify it, carefully, rather than starting from scratch.
3) Even if you do not want to do that, read the documentation of some of
the existing modules. It is probably the best introduction to web AAA
that you'll ever find.

That is one of the benefits of Perl and Open Source : all these things
that others have already spent a lot of time and energy perfecting, are
available to you for perusing, re-use and for further refinement.

Start your search here :
http://cpan.uwinnipeg.ca/search?query=apache+auth&mode=chapt er

Re: Authentication handler

On Dec 18, 2008, at 3:31 PM, Andr=E9 Warnier wrote:

> Bruce Johnson wrote:
>> I'm looking at the code at the modperl.com site =
>> > ('Authenticating against a database') as I need to write an =20
>> authentication handler for our site.
>> This is part of the sample code:
>> # file: Apache/GateKeeper.pm
>> use strict;
>> use Apache::Constants qw(:common);
>> sub handler {
>> my $r =3D shift;
>> my $gate =3D $r->dir_config("Gate");
>> for mod_perl2 do I just use
>> Apache2::Const qw(:common);
>> and use the rest of that code as a model or will I run into other =20
>> issues?
>
> You can of course use it as a model.
> And you will certainly run into many issues, because web server =20
> authentication is more complex than it might look at first.
>
> I would recommend an alternative approach to you :
>
> 1) check in CPAN what already exists as AAA modules for Apache. =20
> Chances are overwhelming that you will find already done, what you =20
> are trying to do.
> 2) Even if you do not find exactly what you need, try to find an =20
> existing module and modify it, carefully, rather than starting from =20=

> scratch.
> 3) Even if you do not want to do that, read the documentation of =20
> some of the existing modules. It is probably the best introduction =20
> to web AAA that you'll ever find.
>
> That is one of the benefits of Perl and Open Source : all these =20
> things that others have already spent a lot of time and energy =20
> perfecting, are available to you for perusing, re-use and for =20
> further refinement.
>
> Start your search here :
> http://cpan.uwinnipeg.ca/search?query=3Dapache+auth&mode=3Dc hapter

Many thanks! Looks like my holiday reading list is set!


--=20
Bruce Johnson
University of Arizona
College of Pharmacy
Information Technology Group

Institutions do not have opinions, merely customs