NAME

Gantry::Control::C::AuthzBase - Database based authorization.

SYNOPSIS

use Gantry::Control::C::AuthzSubClass qw/-Engine=MP20/;

DESCRIPTION

This is a simple database driven autorization system. This module also details the other Authz modules in the library. There are two subclasses: Gantry::Control::C::AuthzRegular and Gantry::Control::C::AuthzCDBI. Use CDBI if you use Class::DBI (or anything descended from it), otherwise use Regular.

APACHE

Sample Apache conf configuration.

<Perl>
   use Gantry::Control::C::Authz qw/-Engine=MP20/;
</Perl>

<Location /location/to/auth >
  AuthType    Basic
  AuthName    "Manual"

  PerlSetVar  auth_dbconn     'dbi:Pg:dbname=...'
  PerlSetVar  auth_dbuser     '<database_user>'
  PerlSetVar  auth_dbpass     '<database_password>'
  
  PerlSetVar  auth_dbcommit   off

  PerlAuthzHandler  Gantry::Control::C::AuthzSubclass

  require     group "group_to_require"
</Location>

Pick an AuthzSubclass, see the DESCRIPTION for advice.

DATABASE

These are the tables that will be queried for the authorization of the user.

create table "auth_users" (
  "id"            int4 default nextval('auth_users_seq') NOT NULL,
  "user_id"       int4,
  "active"        bool,
  "user_name"     varchar,
  "passwd"        varchar,
  "crypt"         varchar,
  "first_name"    varchar,
  "last_name"     varchar,
  "email"         varchar
);

create table "auth_groups" (
  "id"            int4 default nextval('auth_groups_seq') NOT NULL,
  "ident"         varchar,
  "name"          varchar,
  "description"   text
);

create table "auth_group_members" (
  "id"        int4 default nextval('auth_group_members_seq') NOT NULL,
  "user_id"   int4,
  "group_id"  int4    
);

create table "auth_pages" (
  "id"          int4 default nextval('auth_pages_seq') NOT NULL,
  "user_perm"   int4,
  "group_perm"  int4,
  "owner_id"    int4,
  "group_id"    int4,
  "uri"         varchar,
  "title"       varchar
);

MODULES

Gantry::Control::C::Authz::PageBased

This handler is the authorization portion for page based authorization. It is controlled by Gantry::Control::C::Pages(3) and will authenticat only users who have been allowed from the administrative interface into a particular uri. The module returns FORBIDDEN if you do not have access to a particular uri.

METHODS

handler

The mod_perl authz handler.

SEE ALSO

Gantry::Control::C::Authen(3), Gantry::Control(3), Gantry(3)

LIMITATIONS

AUTHOR

Tim Keefer <tkeefer@gmail.com> Nicholas Studt <nstudt@angrydwarf.org>

COPYRIGHT

Copyright (c) 2005-6, Tim Keefer.

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.6 or, at your option, any later version of Perl 5 you may have available.