Apache::MultiAuth - Choose from a number of authentication modules at runtime
Put lines like this in your httpd.conf. In this example authorization is requested for accessing the directory /test. First the credentials (username, password) are checked against the module Apache::AuthSybase and then against the module Apache::AuthenSmb. If any of them succeeds, access to /test is granted.
# in httpd.conf # Important : if not set apachectl configtest will complain about syntax errors PerlModule Apache::MultiAuth <Location /test> AuthName Test AuthType Basic # PerlSetVars for various Apache::Auth* modules # These here are example values for Apache::AuthenSmb PerlSetVar myPDC SAMBA PerlSetVar myDOMAIN ARBEITSGRUPPE # Define order and class of Auth modules to try AuthModule Apache::AuthSybase Apache::AuthenSmb PerlAuthenHandler Apache::MultiAuth require valid-user </Location>
Apache::MultiAuth allows you to specify multiple authentication modules, to be tried in order. If any module in the list returns OK, then the user is considered authenticated; if none return OK, then the MultiAuth module returns AUTH_REQUIRED and the user is reprompted for credentials. This, depending on the browser, results in a 401 authorization required message.
This is useful for cases where, for example, you have several authentication schemes: for example, NIS, SMB, and htpasswd, and some of your users are only registered in some of the auth databases. Using Apache::MultiAuth, they can be queried in order until the right one is found.
In the event that one of these modules returns OK, a note named "AuthenticatedBy" will be set, which contains the name of the module that returned OK, like so:
$r->notes("AuthenticatedBy" => "Module::Name");
This can be retrieved by any handler that runs after the authentication phase, and can be very useful in logging:
CustomLog "%h %l %u %t \"%r\" %>s %b %{AuthenticatedBy}n" common_auth
The last field in the common_auth log format will be the name of the module that handled the authentication.
Apache::MultiAuth allows you to name a number of authentication modules, using the AuthModule directive. These modules are queried, in the order they are provided, until one of them returns OK. Apache::MultiAuth then condiders authentication to be successful, and processing continues. If none of the provided authentication modules returns OK, Apache::MultiAuth passes AUTH_REQUIRED to apache, which results in a 401 Authorization required error.
Stathy G. Touloumis Marcel M. Weber Darren Chamberlain
To install Apache::MultiAuth, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Apache::MultiAuth
CPAN shell
perl -MCPAN -e shell install Apache::MultiAuth
For more information on module installation, please visit the detailed CPAN module installation guide.