NAME

Gantry::Plugins::Uaf::Authenticate - An Basic Authentication Framework

DESCRIPTION

This class is responsible for authenicating, managing the session store and creating the User object. This module should be overridden and extended as needed by your application.

This module understands the following config settings:

uaf_cookie_path     - The path for the security token, defaults to "/"
uaf_cookie_domain   - The cookie domain, not currently used
uaf_cookie_secure   - Wither the cookie should only be used with SSL

uaf_title           - title for the login page, defaults to 'Please Login"
uaf_wrapper         - the wrapper for the login page, defaults to "default.tt"
uaf_template        - the template for the login page, defaults to "login.tt"

uaf_denied_title    - title for the denied page, defaults to "Login Denied"
uaf_denied_wrapper  - the wrapper for the denied page, defaults to "default.tt"
uaf_denied_template - the template for the denied page, defaults to "login_denied.tt"
new

This initilizes the object, the Gantry object needs to be passed with this call.

is_valid($)

This method is used to authenticate the current session. The default authentication behaviour is based on security tokens. A token is storeed within the session store and a token is retireved from a cookie. If the two match, the session is condsidered autheticate. When the session is authenticated an User object is returned.

validate($$)

This method handles the validation of the current session. It accepts two parameters. They are a username and password. When the session is validated, an User object is created and returned. The default validate() method only knows about "admin" and "demo" users, with default passwords of "admin" and "demo". This method should be overridden to refelect your applications Users datastore and validation policy.

invalidate($)

This method will invalidate the current session. You may wish to override this method. By default it removes the User object form the session store, removes the secuity token from the session store and removes the security cookie.

login($$)

This method handles the url "/login" and any actions on that url. By default this method display a simple login page which contains a login form. That form is submitted back to the "/login" url, where the username and password are processed. This processing is done by the validate() method. If validation is succesful an User object is created. This object is then stored within the session store so is_valid() can access it when doing session authentication. Also an initial security token is created.

This method also implements a simple three tries at login attempts. If after three tries, all attempts are redirected to "/login/denied", which displays a simple "denied" page. After a succesful login, a redirect is sent for "/".

logout($)

This method handles the url "/logout". It runs the invalidate() method and then redirects back to "/".

relocate($$)

Handles relocations, it currently just calls the Gantry relocate() function.

set_token($$)

This method creates the security token. It is passed the User object. The default action is to create a token using parts of the User object and random data. This token is then stored in the session store and sent to the browser as a cookie.

avoid($)

Some application may wish to implement an avoidence scheme for certain situations. This is a hook to allow that to happen. The default action is to do nothing.

filter($)

This method returns the url filter that is used by uaf_authenticate().

SEE ALSO

Gantry
Gantry::Plugins::Uaf 
Gantry::Plugins::Uaf::Rule
Gantry::Plugins::Uaf::User
Gantry::Plugins::Uaf::Authorize

AUTHOR

Kevin L. Esteb <kesteb@wsipc.org>

COPYRIGHT AND LICENSE

Copyright (C) 2007 Kevin L. Esteb

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.8 or, at your option, any later version of Perl 5 you may have available.