services: services/perl/lib/AppSwitch/Authenticate Client.pm Service.pm
Status: Pre-Alpha
Brought to you by:
jgsmith
Menu
▾
▴
services: services/perl/lib/AppSwitch/Authenticate Client.pm Service.pm
|
From: <app...@li...> - 2001-08-01 04:54:32
|
jgsmith 01/07/31 21:54:31
Added: perl/lib/AppSwitch/Authenticate Client.pm Service.pm
Log:
Initial commit
Revision Changes Path
1.1 services/perl/lib/AppSwitch/Authenticate/Client.pm
Index: Client.pm
===================================================================
package AppSwitch::Authenticate::Client;
use base q(AppSwitch::Base::Client);
use strict;
our $VERSION = q(0.01);
{
no warnings;
our $RPC_SERVICE = "authenticate";
}
sub user_add {
my($self, $domain, $username, $password) = object_or_default(@_);
return $self -> request("user_add", (
domain => $domain,
username => $username,
password => $password
) );
}
sub user_delete {
my($self, $domain, $username) = object_or_default(@_);
return $self -> request("user_delete", (
domain => $domain,
username => $username
) );
}
sub user_exists {
my($self, $domain, $username) = object_or_default(@_);
return $self -> request("user_exists", (
domain => $domain,
username => $username
) );
}
sub user_authenticate {
my($self, $domain, $username, $password) = object_or_default(@_);
return $self -> request("user_authenticate", (
domain => $domain,
username => $username,
password => $password
) );
}
sub ticket_authenticate {
my($self, $domain, $ticket) = object_or_default(@_);
return $self -> request("ticket_authenticate", (
domain => $domain,
ticket => $ticket
) );
}
1;
__END__
=head1 NAME
AppSwitch::Authenticate::Client
=head1 SYNOPSIS
use AppSwitch::Authenticate::Client;
$bool = user_add($domain, $username, $password);
$bool = user_exists($domain, $username);
$ticket = user_authenticate($domain, $username, $password);
$bool = user_delete($domain, $username);
$ticket = ticket_authenticate($domain, $ticket);
=head1 DESCRIPTION
The authenticate client and server provide a fairly complete interface to
an authentication database.
The authentication model allows for repeat authentication without
requiring the username and password each time. Once a ticket is available,
it may be authenticated with the C<ticket_authenticate> method, which will
return a new ticket if the previous one was valid. This allows tickets to
be passed between sites without the danger of simple replay attacks with a
ticket. C<ticket_authenticate> will only return a ticket once per ticket.
=head1 METHODS
=over 4
=item ticket_authenticate(domain, ticket)
This method will return a new ticket if the given ticket is valid. A
ticket should only be used once.
=item user_add(domain, username, password)
This method will try to add a username with the given password to the
domain. Note that C<user_exists> may return false for some usernames that
do not succeed with C<user_add>. C<user_exists> cannot be used as a test
for usernames that are reserved but do not represent valid authentication
accounts.
=item user_authenticate(domain, username, password)
This method will return true iff the username and password are valid in the
given domain.
=item user_delete(domain, username)
This method will try to delete the username from the given domain.
=item user_exists(domain, username)
This method will return true iff the username represents a valid
username/password in the domain. That is, given the proper password,
C<user_authenticate> will return true for this user.
=back
=head1 AUTHOR
James Smith <jg...@ja...>
=head1 COPYRIGHT
Copyright (C) 2001 James Smith
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. Neither the name of the Project nor the names of its contributors
may be used to endorse or promote products derived from this
software without specific prior written permission.
1.1 services/perl/lib/AppSwitch/Authenticate/Service.pm
Index: Service.pm
===================================================================
package AppSwitch::Authenticate::Service;
use base q{AppSwitch::Base::Service};
use strict;
our $VERSION = 0.01;
sub do_user_add : Method(user_add) {
die "Unable to add users\n";
}
sub do_user_delete : Method(user_delete) {
die "Unable to delete users\n";
}
sub do_user_exists : Method(user_exists) {
die "Unable to determine existance of user\n";
}
sub do_user_authenticate : Method(user_authenticate) {
die "Unable to authenticate user\n";
}
sub do_ticket_authenticate : Method(ticket_authenticate) {
die "Unable to determine authenticity of ticket\n";
}
1;
__END__
=head1 NAME
AppSwitch::Authenticate::Service;
=head1 SYNOPSIS
my $handler = initialize My::Authenticate::Service $daemon;
=head1 DESCRIPTION
This module provides an authentication service (authenticate.*).
Proper use of this module requires the creation of a subclass. Any of the
following methods may be redefined to avoid the default error behavior.
do_user_add
do_user_delete
do_user_exists
do_user_authenticate
do_ticket_authenticate
=head1 AUTHOR
James Smith <jg...@ja...>
=head1 SEE ALSO
L<AppSwitch::Base::Service>,
L<AppSwitch::Authenticate::Client>.
=head1 COPYRIGHT
Copyright (C) 2001 James Smith
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. Neither the name of the Project nor the names of its contributors
may be used to endorse or promote products derived from this
software without specific prior written permission.
|
