The Perl Advent Calendar needs more articles for 2022. Submit your idea today!


Catalyst::Authentication::AuthTkt - shim for Apache::AuthTkt


 # in your file
 use Catalyst qw(

 # Configure an authentication realm in your app config:
    default_realm authtkt
            class AuthTkt
                class AuthTkt
                class AuthTkt
                cookie_name auth_tkt

                # if ignore_ip is on in your login script, set this
                ignore_ip 1
                # either the path to your Apache .conf file
                #conf path/to/httpd.conf
                # or set the secret string explicitly
                #secret fee fi fo fum
                # these next two are the Apache::AuthTkt defaults
                timeout 2h
                timeout_refresh 0.50
                # explicitly define a domain for the cookie
                # NOTE the leading dot means every host in the subdomain
                # mock a user -- this effectively turns off
                # the auth system. *** for development only ***
                    id joeuser
                    tokens foo
                    tokens bar

    auth_url http://yourdomain/login

 # and then in your Root controller:

 has auth_url => (
    is => 'ro',
    required => 1,

 sub auto : Private {
     my ( $self, $c ) = @_;
     # validate the ticket and update ticket and session if necessary
     return 1 if $c->authenticate;
     # no valid login found so redirect.
     $c->response->redirect( $self->auth_url );
     # tell Catalyst to abort processing.
     return 0;

 # and then elsewhere in your app
 if ($c->user_exists) {
    $c->log->debug("Logged in as user " . $c->user->id);


This module implements the Catalyst::Authentication API for Apache::AuthTkt version 0.08 and later.

This module does not implement any features for creating the AuthTkt cookie. Instead, this module simply checks that the AuthTkt cookie is present and unpacks it in accordance with the Authentication API. The intention is that you create/set the AuthTkt cookie independently of the Authentication code, whether in a separate application (e.g. the mod_auth_tkt login.cgi script) or via the Apache::AuthTkt module directly.

mod_auth_tkt is a single-sign-on C module for Apache. Using this module, however, you could implement all the features of mod_auth_tkt, in Perl, using any web server where you can deploy Catalyst, including front-end-proxy/back-end-mod_perl and lighttpd situations.


Peter Karman, <karman at cpan dot org>


Please report any bugs or feature requests to bug-catalyst-authentication-authtkt at, or through the web interface at I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.


You can find documentation for this module with the perldoc command.

    perldoc Catalyst::Authentication::AuthTkt

You can also look for information at:


The Minnesota Supercomputing Institute sponsored the development of this software.


Copyright 2008 by the Regents of the University of Minnesota.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.