1
# See bottom of file for license and copyright information
5
---+ package Foswiki::LoginManager::ApacheLogin
7
This is login manager that you can specify in the security setup section of
8
[[%SCRIPTURL{"configure"}%][configure]]. It instructs Foswiki to
9
cooperate with your web server (typically Apache) to require authentication
10
information (username & password) from users. It requires that you configure
11
your web server to demand authentication for scripts named "login" and anything
12
ending in "auth". The latter should be symlinks to existing scripts; e.g.,
13
=viewauth -> view=, =editauth -> edit=, and so on.
15
See also UserAuthentication.
17
Subclass of Foswiki::LoginManager; see that class for documentation of the
18
methods of this class.
22
package Foswiki::LoginManager::ApacheLogin;
23
use base 'Foswiki::LoginManager';
30
---++ ClassMethod new ($session)
32
Construct the ApacheLogin object
37
my ( $class, $session ) = @_;
38
my $this = $class->SUPER::new($session);
40
$session->enterContext('can_login');
42
# Can't logout, though
43
Foswiki::registerTagHandler( 'LOGOUT', sub { return '' } );
49
---++ ObjectMethod forceAuthentication () -> boolean
51
method called when authentication is required - redirects to (...|view)auth
52
Triggered on auth fail
56
sub forceAuthentication {
58
my $session = $this->{session};
59
my $query = $session->{request};
61
# See if there is an 'auth' version
62
# of this script, may be a result of not being logged in.
63
my $newAction = $query->action() . 'auth';
65
if ( !$query->remote_user() &&
66
exists $Foswiki::cfg{SwitchBoard}{$newAction} ) {
67
# Assemble the new URL using the host, the changed script name,
69
my $url = $session->getScriptUrl( 1, $newAction );
70
if ( $query->path_info() ) {
72
unless $url =~ m#/$# || $query->path_info() =~ m#^/#;
73
$url .= $query->path_info();
76
# Redirect with passthrough so we don't lose the original query params
77
$session->redirect( $url, 1 );
85
---++ ObjectMethod loginUrl () -> $loginUrl
87
TODO: why is this not used internally? When is it called, and why
88
Content of a login link
94
my $session = $this->{session};
95
my $topic = $session->{topicName};
96
my $web = $session->{webName};
97
return $session->getScriptUrl( 0, 'logon', $web, $topic, @_ );
102
---++ ObjectMethod login( $query, $session )
104
this allows the login and logon cgi-scripts to use the same code.
105
all a logon does, is re-direct to viewauth, and apache then figures out
106
if it needs to challenge the user
111
my ( $this, $query, $session ) = @_;
113
my $url = $session->getScriptUrl(
116
$session->{topicName},
120
$url .= ( ';' . $query->query_string() ) if $query->query_string();
122
$session->redirect( $url, 1 ); # with passthrough
127
---++ ObjectMethod getUser () -> $authUser
129
returns the userLogin if stored in the apache CGI query (ie session)
136
my $query = $this->{session}->{request};
139
# Ignore remote user if we got here via an error
140
# Only useful with CGI engine & Apache webserver
141
unless ( ( $ENV{REDIRECT_STATUS} || 0 ) >= 400 ) {
142
$authUser = $query->remote_user() if $query;
143
Foswiki::LoginManager::_trace( $this,
144
"apache getUser says " . ( $authUser || 'undef' ) );
151
# Module of Foswiki - The Free and Open Source Wiki, http://foswiki.org/
153
# Copyright (C) 2008-2009 Foswiki Contributors. All Rights Reserved.
154
# Foswiki Contributors are listed in the AUTHORS file in the root
155
# of this distribution. NOTE: Please extend that file, not this notice.
157
# Additional copyrights apply to some or all of the code in this
160
# Copyright (C) 2005-2006 TWiki Contributors. All Rights Reserved.
161
# TWiki Contributors are listed in the AUTHORS file in the root
162
# of this distribution. NOTE: Please extend that file, not this notice.
163
# Copyright (C) 2005 Greg Abbas, twiki@abbas.org
165
# This program is free software; you can redistribute it and/or
166
# modify it under the terms of the GNU General Public License
167
# as published by the Free Software Foundation; either version 2
168
# of the License, or (at your option) any later version. For
169
# more details read LICENSE in the root of this distribution.
171
# This program is distributed in the hope that it will be useful,
172
# but WITHOUT ANY WARRANTY; without even the implied warranty of
173
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
175
# As per the GPL, removal of this notice is prohibited.