mod_auth_cookie_dbm 1.0.2

mod_auth_cookie_dbm is a session authentication/expiration using (cryptographically strong) cookies.
mod_auth_cookie_dbm is a session authentication/expiration using (cryptographically strong) cookies. Cookie-to-username mapping with DBM database.

It was devised as a better replacement for the "Basic" authentication components that ship with Apache.

Classic "Basic" authentication has some downsides:

- Username and password are shipped across the net with every request.
- There is no concept of a "session" (nor encores, such as timeouts and automatic logout)

This module

1. checks requests for a cookie, named in the CookieDBMAuthCookieName configuration directive.

2. If found, the cookie value is looked up in a DBM database, named in the CookieDBMAuthFile directive.
If the lookup fails, a redirect is made to a page specified in the CookieDBMAuthFailureURL directive.

3. The DBM entry is expected to contain a username and optionally an expiry time. Fields are colon-separated, the expiry time is a spelled-out integer (the field gets passed to strtol()) representing the time_t
If valid, the username is taped onto the request, thus "emulating" Basic authentication.
If expired, redirect to the CookieDBMAuthFailureURL.

The CookieDBMAuthFailureURL typically points at a "login page" CGI script. This program, after checking the user's credentials, should make up a cookie value (preferably a long, cryptographically strong random string), enter it in the dbm file, and pass it to the browser. It might also update an AuthUserFile or AuthDBMUserFile database on the fly.

Acknowledgements:

This module was written from scratch, with some inspiration from the mod_auth_cookie_mysql and mod_auth_cookie_pgsql2 modules.

Requirements:

Apache 2.x

What's New in This Release:

Repair the Repair. (fix a missed null termination -- serious.)

last updated on:
May 25th, 2006, 17:59 GMT
price:
FREE!
developed by:
Magnus Backstrom Ringman
homepage:
www.medic.chalmers.se
license type:
BSD License 
category:
ROOT \ Internet \ HTTP (WWW)

FREE!

In a hurry? Add it to your Download Basket!

user rating

UNRATED
0.0/5
 

0/5

Add your review!

SUBMIT