NAME

Data::Passphrase::Apache - HTTP service for checking passphrase strength

SYNOPSIS

In httpd.conf:

<Location />
    Require valid-user
    SSLRequireSSL
    
    PerlHandler +Data::Passphrase::Apache
    
    # turn on debugging (default: 0)
    PerlSetVar PassphraseDebug 1
    
    # use a remote service for form_handler (default: localhost)
    PerlSetVar PassphraseLocation \
               "https://example.com/passphrase/validate"
    
    # set location of rules file (default: /etc/passphrase_rules)
    PerlSetVar PassphraseRules \
               /usr/local/etc/passphrase_rules
</Location>

HTTP client:

use constant LOCATION => 'https://itso.iu.edu/validate/http';

use LWP::UserAgent;

my $username = $ENV{LOGNAME};
for (;;) {
    print 'Passphrase (clear): ';
    chomp (my $passphrase = <STDIN>);

    my $user_agent = LWP::UserAgent->new();
    my $response   = $user_agent->post(LOCATION, {
        passphrase => $passphrase,
        username   => $username,
    });
    $code          = $response->code();
    $message       = $response->message();

    print "$code $message\n";
}

SOAP client:

use SOAP::Lite +autodispatch =>
    proxy    => 'http://itso.iu.edu/validate/soap',
    uri      => 'http://passphrase.iu.edu/Data/Passphrase';

my $username = $ENV{LOGNAME};
for (;;) {
    print 'Passphrase (clear): ';
    chomp (my $passphrase = <STDIN>);

    my $response = SOAP::Lite
        ->uri('http://passphrase.iu.edu/Data/Passphrase')
        ->proxy('http://itso.iu.edu/validate/soap')
        ->validate_passphrase({
            username   => $username,
            passphrase => $passphrase,
        })->result()
        or die $!;
    print $response->{code}, ' ', $response->{message}, "\n";
}

DESCRIPTION

This mod_perl module provides HTTP and SOAP interfaces to Data::Passphrase. A trivial form handler is also included, mostly as an example. By default, the various interfaces are accessible by the following URIs:

Interface     URI
---------     ---
HTTP          https://example.com/http
SOAP          https://example.com/soap
WSDL          https://example.com/wsdl
form example  https://example.com/form

HTTP Interface

An application or user may submit the passphrase to be checked via the query parameter passphrase. The module also supports a username parameter, which defaults to $r->user(). Sites may wish to configure rules to check passphrases based on user-related data, so the username parameter may be useful for testing.

The response consists only of an HTTP response code and status message. If a passphrase is deemed to weak via a certain rule, the error code associated with that rule is returned. Usually, these error codes are in the 4xx range. If a passphrase passes all rules, 200 is returned.

This module supports GET and POST request methods, but POST is usually appropriate to avoid passphrases being recorded in server logs. RESTful URLs are not used for the same reason.

SOAP Interface

SOAP semantics are provided by SOAP::Lite with a corresponding WSDL provided by Pod::WSDL. This interface exposes only the validate_passphrase() procedural method; there is no object-oriented RPC functionality.

Form Example

The form handler is just a trivial example for use in testing or as a starting point.

AUTHOR

Andrew J. Korty <ajk@iu.edu>

SEE ALSO

Data::Passphrase(3), Pod::WSDL(3), SOAP::Lite(3)