GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
OpenXPKI::Server::Authentication::Base(3) User Contributed Perl Documentation OpenXPKI::Server::Authentication::Base(3)

The base class for all authentication handlers.

Expects the configuration path to the handlers parameters as argument and stores it in the prefix attribute.

Loads all config settings for attributes that exist in the configuration.

It also provides the role attribute to all child classes.

prefix
The configuration path as passed to the constructor. Stored as ArrayRef, if a string was passed it was split at the delimiter character.
role
Should receive a role preset, type is String/Undef.
authinfo
HashRef that might be added or preset to the returned handle. See the handler subclass for details.
namespace
String to be used as namespace prefix when generating the userid. Should be three to eight lowercase characters, the values certid, system and internal are reserved and must only be used if the handler returns an adequate userid.

Handlers must implement the method handleInput that is called with the hash received from the authenticating client. They should return undef if the data that was received is not sufficient to start authentication.

They must return an instance of OpenXPKI::Server::Authentication::Handle in case an authentication attempt was made. On success, the attributes username, userid and role must be set. On error the error attribute must be set. See OpenXPKI::Server::Authentication::Handle for more details / options.

get_userinfo

Expects the username as parameter and queries the configuration layer at prefix.user.username for the userinfo hash. Returns an empty hash if no userinfo was found.

Implementations should use this to allow an easy expansion of this functionality

get_userid

While the username is related to the credentials that where used to authentuicate the userid should provide a unique and durable handle to link items to an identity. In case you have multiple authentication backends the userid should be prefixed by a namespace - this method is a simpe wrapper that expects the username and returns it prefixed with the namespace set as parameter to this class. If namespace is not set, it returns the unmodified input value.

map_role

Check if the given string is a valid key in rolemap and return its value.

You can define the special key _default to use as a fallback in case the string is not found. If neither one matches, undef is returned.

If rolemap is not set, returns the input string.

register_login

Expects an instance of OpenXPKI::Server::Authentication::Handle and writes status information from the given result into the datapool based on the setting of the history attribute.

If history contains the key last_login and the given handle is a valid login, the timestamp of the last successful login will be read from the datapool and populated into the userinfo hash. If no item is found, the current timestamp is used. The datapool item will then be updated with the current timestamp, the valus of the last_login attribute will be used as expiry time (see set_data_pool_item).

The method will return without any changes made, if the handle is not a valid authentication result.

2022-05-14 perl v5.32.1
Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.