The URL
ftp://ftp.jamesmith.com/pub/perl/Authen/Authen-Ticket-0.01.tar.gz
has entered CPAN as
file: $CPAN/authors/id/J/JS/JSMITH/Authen-Ticket-0.01.tar.gz
size: 19614 bytes
md5: b5bc124ebd5540200c9a4f38281c32c9
Authen::Ticket provides the framework for implementing a ticketing system
for web authentication. Both the client website and ticket server code
can be constructed from Authen::Ticket. The current version requires
cookies to operate correctly.
The framework allows for customization at all phases in the process. This
includes not only the login screens, but the cookie creation and optional
digital signature algorithm as well.
The ticket signature code (Authen::Ticket::Signature) allows for
signature creation and verification of tickets as well as a handler to
provide a key server.
The code is split into four components:
Authen::Ticket mod_perl handler for both server and client
Authen::Ticket::Server base ticket server code
Authen::Ticket::Client base ticket client code
Authen::Ticket::Signature base code for providing signed tickets
A sample sub-class to handle authentication via Net::PH is provided.
The Authen::Ticket(::(Server|Client))? code expects MIME::Base64, Carp, and
CGI. Authen::Ticket::Signature expects OpenSSL (not SSLeay) and Apache::File.
----
BUGS
----
o Tickets must not expire during a POST. This will cause all POST
data to tbe lost.
o Shared memory support is not robust enough. Certain conditions
can cause the server to enter an endless cycle of child destruction
and creation.
--
James Smith <[EMAIL PROTECTED]>, 409-862-3725
Texas A&M CIS Operating Systems Group, Unix
