NAME
Authen::Simple::IMAP - Simple IMAP and IMAPS authentication
SYNOPSIS
use Authen::Simple::IMAP;
my $imap = Authen::Simple::IMAP->new(
host => 'imap.example.com',
protocol => 'IMAPS',
);
if ( $imap->authenticate( $username, $password ) ) {
# successful authentication
}
# or as a mod_perl Authen handler
PerlModule Authen::Simple::Apache
PerlModule Authen::Simple::IMAP
PerlSetVar AuthenSimplePAM_host "imap.example.com"
PerlSetVar AuthenSimplePAM_protocol "IMAPS"
<Location /protected>
PerlAuthenHandler Authen::Simple::IMAP
AuthType Basic
AuthName "Protected Area"
Require valid-user
</Location>
DESCRIPTION
Authenticate against IMAP or IMAPS services.
Requires Net::IMAP::Simple for IMAP and Net::IMAP::Simple::SSL for IMAPS. These modules are loaded when the object is created, not at compile time.
METHODS
new
This method takes a hash of parameters. The following options are valid:
host
The hostname of the IMAP server
protocol
Either 'IMAP' or 'IMAPS'. Any other value causes an exception. Selecting 'IMAPS' will cause an exception if Net::IMAP::Simple::SSL is not installed.
log
Any object that supports "debug", "info", "error" and "warn".
log => Log::Log4perl->get_logger('Authen::Simple::PAM')
escape_slash
In some environments, a password containing a slash will fail unless the slash is escaped. Set escape_slash to true to escape slashes in passwords, or false to leave them unescaped. This is true by default.
imap
Any object that supports "login" and "errstr" methods. The obvious choice being a Net::IMAP::Simple object, but if you want to use something else, here's how you can do it. This is how I use a mock imap object for the unit tests.
authenticate( $username, $password )
Returns true on success and false on failure.
DEPENDENCIES
Net::IMAP::Simple is required, and Net::IMAP::Simple::SSL is required for IMAPS. Net::IMAP::Simple::Plus adds some patches to the otherwise abandoned and broken Net::IMAP::Simple, so I recommend it.
BUGS AND LIMITATIONS
I've never tried this in mod_perl, so including the mod_perl example in the synopsis is pure hubris on my part.
The unit tests are pretty sparse. They don't include any tests against real IMAP servers. They just do a successful and failed password against a mock imap server object.
This module uses Net::IMAP::Simple, which is broken and abandoned. I should either use something else or implement the IMAP stuff myself. I wound up wrapping the Net::IMAP::Simple stuff in an alarm+eval block to get it to behave.
SEE ALSO
CREDITS
I pretty much ripped the best parts of this doc out of Christian Hansen's Authen::Simple::PAM and replaced "pam" with "imap" in a few places. The lousy parts are my own.
AUTHOR
Dylan Martin <dmartin@sccd.ctc.edu>
LICENCE AND COPYRIGHT
Copyright (c) 2009, Dylan Martin <dmartin@sccd.ctc.edu>
and Seattle Central Community College.
This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself. See perlartistic.
DISCLAIMER OF WARRANTY
BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE SOFTWARE AS PERMITTED BY THE ABOVE LICENCE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.