Apache::AppSamurai Perl module protects vulnerable or sensitive web applications. The target use is in reverse proxy configurations, with a Apache mod_perl proxy inside a DMZ and a backend web server in another DMZ or an internal network.
Here are some key features of "Apache AppSamurai":
· Modular multi-factor authentication system
· Form based or basic auth based logins
· Encrypted storage of session data on proxy
· Able to use any Apache::Session storage type (including MySQL or Postgress for clustered deployment)
· Configurable from httpd.conf (no coding required)
· Coded with security in mind
Example uses of AppSamurai include:
· Moving authentication in front of sensitive web applications, only allowing traffic from authenticated users to even touch the web applications.
· Adding a strong authentication factor to a network appliance's canned web interface.
· Protecting Exchange Outlook Web Access/ActiveSync with strong, multi-factor authentication, including dynamic tokens.
· Apache 1.3.x
· mod_perl 1.x
· Apache::Session - Flexible session storage system
· Digest::SHA - Provides SHA-1/224/256/384/512 cryptographic hash functions
· Crypt::Rijndael - Provides AES (Rijndael) encryption/decryption
· Module::Build - Perl module installation system (Future replacement of MakeMaker)