NAME

CGI::AIS::Session - Perl extension to manage CGI user sessions with external identity authentication via AIS

SYNOPSIS use DirDB; # or any other concurrent-access-safe # persistent hash abstraction use CGI::AIS::Session; my $Session = Authenticate( aissri <= 'http://www.pay2send.com/cgi/ais/', tieargs <= ['DirDB', './data/Sessions'], XML <= ['name','age','region','gender'], agent <= 'Bollow', # this is the password for the AIS service, if needed ( $$ % 100 ? () : (timeout <= 4 * 3600)) # four hours ); if($$Session{identity} eq 'NULL'){ print "Location: http://www.pay2send.com/cgi/ais/login\n\n" exit; }elsif($Session->{identity} eq 'ERROR'){ print "Content-type: text/plain\n\n"; print "There was an error with the authentication layer", " of this web service: $Session->{error}\n\n", "please contact $ENV{SERVER_ADMIN} to report this."; exit; } tie my %UserData, 'DirDB', "./data/$$Session{identity}";

DESCRIPTION

Creates and maintains a read-only session abstraction based on data in a central AIS server.

The session data provided by AIS is read-only. A second database keyed on the identity provided by AIS should be used to store persistent local information such as shopping cart contents. This may be repaired in future releases, so the session object will be more similar to the session objects used with the Apache::Session modules, but for now, all the data in the object returned by Authenticate comes from the central AIS server.

On the first use, the user is redirected to the AIS server according to the AIS protocol. Then the identity, if any, is cached under a session key in the session database as tied to by the 'tieargs' parameter.

This module will create a http cookie named AIS_Session.

Authenticate will croak on aissri methods other than http in this version.

Additional expected XML fields can be listed in an XML parameter.

If a 'timeout' paramter is provided, Sessions older than the timeout get deleted from the tied sessions hash.

'ERROR' and 'NULL' identities are not cached.

Internally, the possible states of this system are:

no cookie, no OTU OTU cookie

Only the last one results in returning a session object. The other two cause redirection.

if a query string of AIS_LOGOUT is postpended to any url in the domain protected by this module, the session will be deleted before it times out.

EXPORTS

the Authenticate routine is exported.

AUTHOR

David Nicol, davidnico@cpan.org

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

DESCRIPTION

EXPORTS

AUTHOR

SEE ALSO

Module Install Instructions