Apache-AppSamurai-1.01

Changes for version 1.01 - 2008-05-03

REQUIRED CHANGE - The new login form signature check (described below) require changes to login.pl and login.html. It is recommended that you replace your existing login.pl with examples/htdocs/login.pl. To preserve your customizations to login.html, it is recommended that you add in changes manually. For most cases, you should be able to add lines right after:
- <input type="hidden" name="destination" value="__URI__" />
- to support the changes. Add the following to your login.html:
  - <input type="hidden" name="nonce" value="__NONCE__" /> <input type="hidden" name="sig" value="__SIG__" />
Added nonce and signature to login.pl login form and checking in Apache::AppSamurai::login(). All form logins must now provide a valid nonce and signature. This is a Cross Site Request Forgery style protection, but since the user is not yet logged in, does not ACTUALLY provide CSRF protection. Instead, it is a additional bar to raise and prevent some types of scripted brute force/DoS attempts.
Added AuthSimple.pm, a authentication module for the Authen::Simple authentication framework, which supports numerous authentication methods (Kerberos, LDAP, PAM, etc.)
Changed Build.PL to attempt to pre-detect mod_perl version installed, adding requirement for mod_perl 2 if nothing is found
Changed Build.PL to attempt to pre-detect cipher module for use with Crypt::CBC, adding requirement for Crypt::Rijndael if none are found
Added "use warnings" to all modules
Added Pod test (Pod Coverage test left disabled until more methods are documented or set to ignore)

Modules

Apache::AppSamurai::AuthWhatchamcallit

Apache::AppSamurai

An Authenticating Mod_Perl Front End

Apache::AppSamurai::AuthBase

Base module for all AppSamurai authentication sub modules.

Apache::AppSamurai::AuthBasic

Check credentials against backend web server using HTTP basic auth

Apache::AppSamurai::AuthRadius

Check credentials against RADIUS service

Apache::AppSamurai::AuthSimple

Check credentials with Authen::Simple framework

Apache::AppSamurai::Session

Apache::AppSamurai wrapper for Apache::Session

Apache::AppSamurai::Session::Generate::HMAC_SHA

HMAC/SHA256 session generator for Apache::AppSamurai::Session

Apache::AppSamurai::Session::Serialize::CryptBase64

Storable, AES, and MIME::Base64 for session serializer

Apache::AppSamurai::Tracker

Apache::AppSamurai scratch-pad/tracking storage

Apache::AppSamurai::Util

Apache::AppSamurai utility methods

Examples

Other files

To install Apache::AppSamurai, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Apache::AppSamurai

CPAN shell

perl -MCPAN -e shell
install Apache::AppSamurai

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

Changes for version 1.01 - 2008-05-03

Modules

Examples

Other files

Module Install Instructions