NAME

Apache::AuthzSplitDomainUser - mod_perl module for checking the htgroup file while allowing you to manipulate with perl

SYNOPSIS

<Directory /foo/bar>
# Optional Variables
PerlSetVar groupFile /path/to/htgroups
# Set the format of the username to check against
# defaults to username
PerlSetVar authzUsername username or domain\username

PerlAuthzHandler Apache::AuthzSplitDomainUser

# Standard require stuff, only user and 
# valid-user work currently
require valid-user

# Optional, reqires that you have Apache::Htgroup
# require group groupname
</Directory>

These directives can be used in a .htaccess file as well.

If you wish to use your own PerlAuthzHandler then the require 
directive should follow whatever handler you use.

DESCRIPTION

This module was written so that we could hijack the Authz phase from Apache and modify values that are passed to the Authz Handler with perl. The initial concept was to deal with a problem that we are seeing from winXP boxes that are sending forward DOMAIN\username to Apache. These obviously fail when checked against an authentication, or authorization, scheme where the syntax is simply username.

= item PerlSetVar groupFile

Set this to the path of the htgroup file you wish this module to check in. It allows you to specify your users in groups found on the web server, as opposed to groups within Active Directory, etc.

= item PerlSetVar authzUsername

Set this to "username" or "domain\username" depending on your preference. (This simply formats the input username to allowing checking the username as "domain\username" or "username".) For example:

# speeves is a DOMAIN user of DOMAIN domain\username => DOMAIN\speeves

# speeves is a DOMAIN user of DOMAIN, # but the server administrator wants to # check this user against groups in the # htgroup file as:

# groupname: speeves userA userB

username => speeves

If you allow users to use Domain\Username and restrict access using the require user username or require group groupname make sure to set the username with the domain included. The authorization phase will be looking for Domain\Username string.

Example: require user mydomain\ramirezc

Note

If you are using this module please let me know, I'm curious how many people there are that need this type of functionality.

AUTHOR

Shannon Eric Peevey <speeves@unt.edu>

COPYRIGHT

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

To install Apache::AuthzSplitDomainUser, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Apache::AuthzSplitDomainUser

CPAN shell

perl -MCPAN -e shell
install Apache::AuthzSplitDomainUser

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)