Apache::AuthenCache - Authentication caching used in conjuction with a primary authentication module (Apache::AuthenDBI, Apache::AuthenLDAP, etc.)


 # In your httpd.conf
 PerlModule Apache::AuthenCache

 # In httpd.conf or .htaccess:
 AuthName Name
 AuthType Basic

 PerlAuthenHandler Apache::AuthenCache <Primary Authentication Module> Apache::AuthenCache::manage_cache

 require valid-user # Limited to valid-user

 # Optional parameters
 # Defaults are listed to the right.
 PerlSetVar AuthenCache_CacheTime     900 # Default: indefinite
 PerlSetVar AuthenCache_CaseSensitive Off # Default: On
 PerlSetVar AuthenCache_Encrypted     Off # Default: On
 PerlSetVar AuthenCache_NoPasswd      On  # Default: Off


Apache::AuthenCache implements a caching mechanism in order to speed up authentication and to reduce the usage of system resources. It must be used in conjunction with a regular mod_perl authentication module (it was designed with AuthenDBI and AuthenLDAP in mind). For a list of mod_perl authentication modules see:

When a request that requires authorization is received, AuthenCache::handler looks up the REMOTE_USER in a perl-realm shared-memory cache (using IPC::Cache) and compares the cached password to the sent password. A new cache is created for the first request in a realm or if the realm's cache has expired. If the passwords match, the handler returns OK and clears the downstream Authen handlers from the stack. Otherwise, it returns DECLINED and allows the next PerlAuthenHandler in the chain to be called.

After the primary authentication handler completes with an OK, AuthenCache::manage_cache adds the new user to the cache.


The following variables can be defined within the configuration of Directory, Location, or Files blocks or within .htaccess files.


This directive contains the number of seconds before the cache is expired. Default is an indefinite time limit.


If this directive is set to 'Off', userid matches will be case insensitive. Default is 'On'.


If this directive is set to 'Off', passwords are not encrypted. Default is 'On', ie passwords use standard Unix crypt.


If this directive is set to 'On', passwords must be blank. Default is 'Off'.


mod_perl 1.11_01 is required. IPC::Cache is also required.


crypt(3c), httpd(8), mod_perl(1)


Jason Bodnar <> Christian Gilmore <>


Copyright (C) 1998-2001, Jason Bodnar

This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.