NAME

ROADS::Auth - A class to check user authentication for admin tools

SYNOPSIS

use ROADS::Auth;
CheckUserAuth("app_users"); # check user against app_users ACL

DESCRIPTION

This class implements a simple access control list mechanism which piggybacks on top of the access controls provided by HTTP. It assumes that the user has been authenticated already by HTTP, and that the authenticated user name is available in the REMOTE_USER environment variable - usually set in the process of launching a CGI program.

METHODS

CheckUserAuth( registry_name );

Looks in the user registry registry_name, which is a DB(M) database keyed on the user name, for a record keyed on the REMOTE_USER environmental variable. Exits with an error page if authentication fails.

FILES

config/multilingual/*/lib/authfail.html - message returned on an authentication failure

config/auth/* - DBM databases of per-program registry information.

BUGS

The CheckUserAuth method should return a response code rather than bombing out if the user couldn't be authenticated.

This should really be a class to manipulate authentication objects, rather than just a checker.

SEE ALSO

"mktemp.pl" in admin-cgi

COPYRIGHT

Copyright (c) 1988, Martin Hamilton <martinh@gnu.org> and Jon Knight <jon@net.lut.ac.uk>. All rights reserved.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

It was developed by the Department of Computer Studies at Loughborough University of Technology, as part of the ROADS project. ROADS is funded under the UK Electronic Libraries Programme (eLib), the European Commission Telematics for Research Programme, and the TERENA development programme.

AUTHOR

Jon Knight <jon@net.lut.ac.uk>, Martin Hamilton <martinh@gnu.org>