The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.

NAME

MyLibrary::Auth

SYNOPSIS

        use MyLibrary::Auth;

                # create a new authentication object
                my $auth = MyLibrary::Auth->new();
                my $auth = MyLibrary::Auth->new(sessid => $sessid);

                # access session attributes
                my $sessid = $auth->sessid();
                my $status = $auth->status();
                my $username = $auth->username();
                
                # place session cookie
                $auth->place_cookie();

                # remove session cookie
                $auth->remove_cookie(); 

                # close a session
                $auth->close_session();

DESCRIPTION

This is the user authentication system for MyLibrary. The parent module, Auth.pm, references several child modules that implement various types of authentication methods. The functionality associated with creating an authentication object and then performing auth functions against it is uniform for each type of authentication. This module encapsulates data somewhat tightly in order to protect the privacy and security of the user. This module assumes authentication through a web browser, however, the module could also be used for simple authentication in almost any context.

This system uses CGI sessions to maintain state. Several pieces of data are stored in the session ticket. Except for Basic authentication, the password for the user is never recorded. If this module is used for web authentication, then HTTPS should also be used for encryption. This authentication system is designed to be extensible. Several modules will be written that inherit from this parent class. Child classes include Kerberos, Basic and LDAPS as various means to perform authentication. However, the system can easily be extended to include other authentication means.

METHODS

new()

This is the constructor for the class. It creates an object with a default set of attributes if no session id is supplied, and initializes the attributes according to session data previously saved if a session id is supplied. This object uses encapsulated data, so the only means to manipulate session variables is via the supplied API. This is done for security reasons and to help maintain data integrity.

        # create a new auth object
        my $auth = MyLibrary::Auth->new();

        # create an auth object based upon session id
        my $auth = MyLibrary::Auth->new(sessid => $sessid);

sessid()

Get the session id for the current auth object. This method cannot set the session id, only retrieve it.

        # get the session id
        my $sessid = $auth->sessid();

status()

Retrieve the status for this session. There are several status indicators based upon whether or not the user was able to successfully authenticate or is in the process of authentication. The state of authentication status can only be changed internal to the object itself.

        # status info
        my $status = $auth->status();

username()

The username is the name entered for authentication purposes and is retained throughout the life of the session. This is used to identify who the last person was to authenticate from the host where authentication was initiated.

        # username
        my $username = $auth->username();

place_cookie()

This method will return a header used to place a cookie with the browser initiating the authentication request.

        # place a cookie
        my $place_cookie_header = $auth->place_cookie();

remove_cookie()

This method return a header that will delete a cookie from the browser for the current session. This usually occurs when the user indicate that they would like their session terminated.

        # delete a cookie
        my $remove_cookie_header = $auth->remove_cookie();

close_session()

This method will delete the session object from the database, and it will no longer be accessible using the session id.

        # close the session
        $auth->close_session()

SEE ALSO

For more information, see the MyLibrary home page: http://dewey.library.nd.edu/mylibrary/.

AUTHORS

Robert Fox <rfox2@nd.edu>