Gantry::Control::C::AuthzRegular - Database based authorization for most ORMs.
use Gantry::Control::C::AuthzRegular qw/-Engine=MP20/;
This is a simple database driven autorization system for use with apps which do
NOT rely on Class::DBI (or one of its descendents). If you use Class::DBI, you
want Gantry::Control::C::AuthzCDBI instead of this module. This module also
details the other Authz modules in the library.
- user_model
- Returns Gantry::Control::Model::auth_users. If you want something else,
try Gantry::Control::C::AuthenCDBI or make your own
Gantry::Control::C::AuthzBase subclass.
- group_members_model
- Returns Gantry::Control::Model::group_members. If you want something else,
try Gantry::Control::C::AuthzCDBI or make your own
Gantry::Control::C::AuthzBase subclass.
Sample Apache conf configuration.
<Perl>
use Gantry::Control::C::AuthzRegular qw/-Engine=MP20/;
</Perl>
<Location /location/to/auth >
AuthType Basic
AuthName "Manual"
PerlSetVar auth_dbconn 'dbi:Pg:dbname=...'
PerlSetVar auth_dbuser '<database_user>'
PerlSetVar auth_dbpass '<database_password>'
PerlSetVar auth_dbcommit off
PerlAuthzHandler Gantry::Control::C::AuthzRegular
require group "group_to_require"
</Location>
These are the tables that will be queried for the authorization of the user.
create table "auth_users" (
"id" int4 default nextval('auth_users_seq') NOT NULL,
"user_id" int4,
"active" bool,
"user_name" varchar,
"passwd" varchar,
"crypt" varchar,
"first_name" varchar,
"last_name" varchar,
"email" varchar
);
create table "auth_groups" (
"id" int4 default nextval('auth_groups_seq') NOT NULL,
"ident" varchar,
"name" varchar,
"description" text
);
create table "auth_group_members" (
"id" int4 default nextval('auth_group_members_seq') NOT NULL,
"user_id" int4,
"group_id" int4
);
create table "auth_pages" (
"id" int4 default nextval('auth_pages_seq') NOT NULL,
"user_perm" int4,
"group_perm" int4,
"owner_id" int4,
"group_id" int4,
"uri" varchar,
"title" varchar
);
- Gantry::Control::C::AuthzRegular::PageBased
- This handler is the authorization portion for page based authorization. It
is controlled by Gantry::Control::C::Pages(3) and will authenticate
only users who have been allowed from the administrative interface into a
particular uri. The module returns FORBIDDEN if you do not have access to
a particular uri.
- handler
- The mod_perl authz handler.
Gantry::Control::C::Authen(3), Gantry::Control(3),
Gantry(3)
Tim Keefer <tkeefer@gmail.com> Nicholas Studt
<nstudt@angrydwarf.org>
Copyright (c) 2005-6, Tim Keefer.
This library is free software; you can redistribute it and/or
modify it under the same terms as Perl itself, either Perl version 5.8.6 or,
at your option, any later version of Perl 5 you may have available.