Difference between revisions of "API:EPrints/Apache/Auth"

From EPrints Documentation
Jump to: navigation, search
Line 41: Line 41:
 
Perform authentication on request $r.  If using auth_basic then include $realm as well.
 
Perform authentication on request $r.  If using auth_basic then include $realm as well.
  
Returns an HTTP response code. =cut ######################################################################
+
Returns an HTTP response code.
 
 
sub authen {
 
my( $r, $realm ) = @_;
 
 
 
  return OK unless $r->is_initial_req; # only the first internal request
 
 
 
  my $repository = $EPrints::HANDLE->current_repository;
 
  if( !defined $repository )
 
  {
 
    return FORBIDDEN;
 
  }
 
 
 
  my $rc;
 
  if( !_use_auth_basic( $r, $repository ) )
 
  {
 
    $rc = auth_cookie( $r, $repository );
 
  }
 
  else
 
  {
 
    $rc = auth_basic( $r, $repository, $realm );
 
  }
 
 
 
  return $rc; }
 
 
 
sub _use_auth_basic {
 
my( $r, $repository ) = @_;
 
 
 
  my $rc = 0;
 
   
 
    return 0 if ($repository->config( "disable_basic_auth" )); ## This is to prevent eprints falls back to use basic auth when it is not appropriate (e.g. shibboleth, adfs enabled repositories) GCUOER-57
 
 
 
  if( !$repository->config( "cookie_auth" ) )
 
  {
 
    $rc = 1;
 
  }
 
  if( !$rc )
 
  {
 
    my $uri = URI->new( $r->uri, "http" );
 
    my $script = $uri->path;
 
 
 
    my $econf = $repository->config( "auth_basic" ) || [];
 
 
 
    foreach my $exppath ( @$econf )
 
    {
 
      if( $exppath !~ /^\// )
 
      {
 
        $exppath = $repository->config( "rel_cgipath" )."/$exppath";
 
      }
 
      if( $script =~ /^$exppath/ )
 
      {
 
        $rc = 1;
 
        last;
 
      }
 
    }
 
  }
 
  # if the user agent doesn't support text/html then use Basic Auth
 
  # NOTE: browsers requesting objects in <img src> will also not specify
 
  # text/html, so we always look for a cookie-authentication before checking
 
  # basic auth
 
  if( !$rc )
 
  {
 
    my $accept = $r->headers_in->{'Accept'} || '';
 
    my @types = split /\s*,\s*/, $accept;
 
    if( !grep { m#^text/html\b# } @types )
 
    {
 
      $rc = 1;
 
    }
 
    # Microsoft Internet Explorer - Accept: */*
 
    my $agent = $r->headers_in->{'User-Agent'} || '';
 
    # http://msdn.microsoft.com/en-us/library/ms537509(v=vs.85).aspx
 
    if( $agent =~ /\bMSIE ([0-9]{1,}[\.0-9]{0,})/ )
 
    {
 
      $rc = 0;
 
    }
 
  }
 
 
 
  return $rc; }
 
 
 
###################################################################### =pod
 
  
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>

Revision as of 21:08, 14 December 2021

EPrints 3 Reference: Directory Structure - Metadata Fields - Repository Configuration - XML Config Files - XML Export Format - EPrints data structure - Core API - Data Objects

API: Core API

Latest Source Code (3.4, 3.3) | Revision Log | Before editing this page please read Pod2Wiki


NAME

EPrints::Apache::Auth - Password authentication & authorisation checking for EPrints.

User Comments


DESCRIPTION

This module handles the authentication and authorisation of users viewing private sections of an EPrints website.

User Comments


METHODS

User Comments


authen

$rc = EPrints::Apache::Auth::authen( $r, [ $realm ] )

Perform authentication on request $r. If using auth_basic then include $realm as well.

Returns an HTTP response code.

User Comments


authen_doc

$rc = EPrints::Apache::Auth::authen_doc( $r, [ $realm ] )

Perform authentication on request $r for a document. If using auth_basic then include $realm as well.

Returns an HTTP response code.

User Comments


auth_cookie

$rc = EPrints::Apache::Auth::auth_cookie( $r, $repository )

Perform authentication by cookie on request $r for repository $repository. Redirect as appropriate.

Returns an HTTP response code.

User Comments


auth_basic

$rc = EPrints::Apache::Auth::auth_basic( $r, $repository, $realm )

Perform authentication by basic authentication on request $r for repository $repository.

Returns an HTTP response code.

User Comments


authz

$rc = EPrints::Apache::Auth::authz( $r )

Perform authorization of request $r.

Returns an HTTP response code (always 200 OK).

User Comments


authz

$rc = EPrints::Apache::Auth::authz( $r )

Perform authorization of request $r for a document.

Returns an HTTP response code

User Comments


COPYRIGHT

© Copyright 2023 University of Southampton.

EPrints 3.4 is supplied by EPrints Services.

http://www.eprints.org/eprints-3.4/

LICENSE

This file is part of EPrints 3.4 http://www.eprints.org/.

EPrints 3.4 and this file are released under the terms of the GNU Lesser General Public License version 3 as published by the Free Software Foundation unless otherwise stated.

EPrints 3.4 is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.

You should have received a copy of the GNU Lesser General Public License along with EPrints 3.4. If not, see http://www.gnu.org/licenses/.

User Comments


Retrieved from ‘https://wiki.eprints.org/w/index.php?title=API:EPrints/Apache/Auth&oldid=13919