Difference between revisions of "API:EPrints/Apache/Auth"

From EPrints Documentation
Jump to: navigation, search
 
(One intermediate revision by the same user not shown)
Line 6: Line 6:
 
<!-- Pod2Wiki=_private_ --><!-- Pod2Wiki=head_name -->
 
<!-- Pod2Wiki=_private_ --><!-- Pod2Wiki=head_name -->
 
==NAME==
 
==NAME==
'''EPrints::Apache::Auth''' - Password authentication &amp; authorisation checking for EPrints.
+
'''EPrints::Apache::Auth''' - Password authentication &amp; authorisation checking for EPrints.
  
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>
Line 39: Line 39:
  
 
  $rc = EPrints::Apache::Auth::authen( $r, [ $realm ] )
 
  $rc = EPrints::Apache::Auth::authen( $r, [ $realm ] )
Perform authentication on request $r.  If using auth_basic then include $realm as well.
+
Perform authentication on request <tt>$r</tt>.  If using <tt>auth_basic</tt> then include <tt>$realm</tt> as well.
  
Returns an HTTP response code. =cut ######################################################################
+
Returns a HTTP response code.
 
 
sub authen {
 
my( $r, $realm ) = @_;
 
 
 
  return OK unless $r-&gt;is_initial_req; # only the first internal request
 
 
 
  my $repository = $EPrints::HANDLE-&gt;current_repository;
 
  if( !defined $repository )
 
  {
 
    return FORBIDDEN;
 
  }
 
 
 
  my $rc;
 
  if( !_use_auth_basic( $r, $repository ) )
 
  {
 
    $rc = auth_cookie( $r, $repository );
 
  }
 
  else
 
  {
 
    $rc = auth_basic( $r, $repository, $realm );
 
  }
 
 
 
  return $rc; }
 
 
 
sub _use_auth_basic {
 
my( $r, $repository ) = @_;
 
 
 
  my $rc = 0;
 
   
 
    return 0 if ($repository-&gt;config( "disable_basic_auth" )); ## This is to prevent eprints falls back to use basic auth when it is not appropriate (e.g. shibboleth, adfs enabled repositories) GCUOER-57
 
 
 
  if( !$repository-&gt;config( "cookie_auth" ) )
 
  {
 
    $rc = 1;
 
  }
 
  if( !$rc )
 
  {
 
    my $uri = URI-&gt;new( $r-&gt;uri, "http" );
 
    my $script = $uri-&gt;path;
 
 
 
    my $econf = $repository-&gt;config( "auth_basic" ) || [];
 
 
 
    foreach my $exppath ( @$econf )
 
    {
 
      if( $exppath !~ /^\// )
 
      {
 
        $exppath = $repository-&gt;config( "rel_cgipath" )."/$exppath";
 
      }
 
      if( $script =~ /^$exppath/ )
 
      {
 
        $rc = 1;
 
        last;
 
      }
 
    }
 
  }
 
  # if the user agent doesn't support text/html then use Basic Auth
 
  # NOTE: browsers requesting objects in &lt;img src&gt; will also not specify
 
  # text/html, so we always look for a cookie-authentication before checking
 
  # basic auth
 
  if( !$rc )
 
  {
 
    my $accept = $r-&gt;headers_in-&gt;{'Accept'} || '';
 
    my @types = split /\s*,\s*/, $accept;
 
    if( !grep { m#^text/html\b# } @types )
 
    {
 
      $rc = 1;
 
    }
 
    # Microsoft Internet Explorer - Accept: */*
 
    my $agent = $r-&gt;headers_in-&gt;{'User-Agent'} || '';
 
    # http://msdn.microsoft.com/en-us/library/ms537509(v=vs.85).aspx
 
    if( $agent =~ /\bMSIE ([0-9]{1,}[\.0-9]{0,})/ )
 
    {
 
      $rc = 0;
 
    }
 
  }
 
 
 
  return $rc; }
 
 
 
###################################################################### =pod
 
  
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>
Line 133: Line 54:
  
 
  $rc = EPrints::Apache::Auth::authen_doc( $r, [ $realm ] )
 
  $rc = EPrints::Apache::Auth::authen_doc( $r, [ $realm ] )
Perform authentication on request $r for a document.  If using  auth_basic then include $realm as well.
+
Perform authentication on request <tt>$r</tt> for a document.  If using  <tt>auth_basic</tt> then include <tt>$realm</tt> as well.
  
Returns an HTTP response code.
+
Returns a HTTP response code.
  
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>
Line 148: Line 69:
  
 
  $rc = EPrints::Apache::Auth::auth_cookie( $r, $repository )
 
  $rc = EPrints::Apache::Auth::auth_cookie( $r, $repository )
Perform authentication by cookie on request $r for repository $repository.   Redirect as appropriate.
+
Perform authentication by cookie on request S!$r! for repository <tt>$repository</tt>. Redirect as appropriate.
  
Returns an HTTP response code.
+
Returns a HTTP response code.
  
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>
Line 162: Line 83:
 
===auth_basic===
 
===auth_basic===
  
  $rc = EPrints::Apache::Auth::auth_basic( $r, $repository, $realm )
+
  $rc = EPrints::Apache::Auth::auth_basic( $r, $repository, [ $realm ] )
Perform authentication by basic authentication on request $r for  repository $repository.
+
Perform authentication by basic authentication on request <tt>$r</tt> for  repository <tt>$repository</tt>. If using <tt>auth_basic</tt> then include  <tt>$realm</tt> as well.
  
Returns an HTTP response code.
+
Returns a HTTP response code.
  
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>
Line 178: Line 99:
  
 
  $rc = EPrints::Apache::Auth::authz( $r )
 
  $rc = EPrints::Apache::Auth::authz( $r )
Perform authorization of request $r.
+
Perform authorization of request <tt>$r</tt>.
  
Returns an HTTP response code (always 200 OK).
+
Returns a HTTP response code (always <tt>200 OK</tt>).
  
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>
Line 193: Line 114:
  
 
  $rc = EPrints::Apache::Auth::authz( $r )
 
  $rc = EPrints::Apache::Auth::authz( $r )
Perform authorization of request $r for a document.
+
Perform authorization of request <tt>$r</tt> for a document.
  
Returns an HTTP response code
+
Returns a HTTP response code
  
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>
 
<div style='background-color: #e8e8f; margin: 0.5em 0em 1em 0em; border: solid 1px #cce;  padding: 0em 1em 0em 1em; font-size: 80%; '>

Latest revision as of 12:42, 15 March 2023

EPrints 3 Reference: Directory Structure - Metadata Fields - Repository Configuration - XML Config Files - XML Export Format - EPrints data structure - Core API - Data Objects


API: Core API

Latest Source Code (3.4, 3.3) | Revision Log | Before editing this page please read Pod2Wiki


NAME

EPrints::Apache::Auth - Password authentication & authorisation checking for EPrints.

User Comments


DESCRIPTION

This module handles the authentication and authorisation of users viewing private sections of an EPrints website.

User Comments


METHODS

User Comments


authen

$rc = EPrints::Apache::Auth::authen( $r, [ $realm ] )

Perform authentication on request $r. If using auth_basic then include $realm as well.

Returns a HTTP response code.

User Comments


authen_doc

$rc = EPrints::Apache::Auth::authen_doc( $r, [ $realm ] )

Perform authentication on request $r for a document. If using auth_basic then include $realm as well.

Returns a HTTP response code.

User Comments


auth_cookie

$rc = EPrints::Apache::Auth::auth_cookie( $r, $repository )

Perform authentication by cookie on request S!$r! for repository $repository. Redirect as appropriate.

Returns a HTTP response code.

User Comments


auth_basic

$rc = EPrints::Apache::Auth::auth_basic( $r, $repository, [ $realm ] )

Perform authentication by basic authentication on request $r for repository $repository. If using auth_basic then include $realm as well.

Returns a HTTP response code.

User Comments


authz

$rc = EPrints::Apache::Auth::authz( $r )

Perform authorization of request $r.

Returns a HTTP response code (always 200 OK).

User Comments


authz

$rc = EPrints::Apache::Auth::authz( $r )

Perform authorization of request $r for a document.

Returns a HTTP response code

User Comments


COPYRIGHT

© Copyright 2000-2024 University of Southampton.

EPrints 3.4 is supplied by EPrints Services.

http://www.eprints.org/eprints-3.4/

LICENSE

This file is part of EPrints 3.4 http://www.eprints.org/.

EPrints 3.4 and this file are released under the terms of the GNU Lesser General Public License version 3 as published by the Free Software Foundation unless otherwise stated.

EPrints 3.4 is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.

You should have received a copy of the GNU Lesser General Public License along with EPrints 3.4. If not, see http://www.gnu.org/licenses/.

User Comments