Authentification
An authentification type module are used to verify user
authentification and provide user information. The most common use is
to provide a connection to an existing user database, for example a
NIS or LDAP. There can only be one authentification module loaded in a
virtual server.
The module type constant is MODULE_AUTH.
The special methods for Authentication Modules are:
- array auth( string authdata, object id )
-
is called with the authentification data as sent by the browser and
should return an array suitable for further processing by Challenger.
The authdata array has the format; ({ "Basic",
basic_auth_data }). In the future there may be other
authentification schemes that basic in use, in which case the
array contents may change.
The basic_auth_data contains a string with user name and
password, separated by colon.
The auth() method should return an array of the
following format; ({ successp, username, password }).
authp is either one, for successful authentification, or zero
if the authentification was unsuccessful. If the authentification was
successful the password
The auth method should return an array whose first element
is 1 if the authentication was successful, and otherwise 0. The second
element should be the user name. The third is either 0 (for successful
authentication) or a string containing the invalid password (for
failed authentication).
- array userinfo( string user_name )
-
fetches information about a certain user. user_name contains
the login name of the user. It should return an array of the following
format: ({ user_name, password, uid, gid, real_name,
home_directory, login_shell }).
user_name is a string containing the user's login name.
password is the password of the user, usually encrypted. It
need not be present at all. uid is an integer containing the
user id. gid is an integer containing the user's primary group
id. real_name is a string containing the real name of the user.
home_directory is the path to the users home directory. It is
used by the User filesystem module to provide access
to users' home pages. Finally login_shell contains the login
shell used by the user. It is used by the ftp protocol to emulate the
behavior of the normal unix ftpd.
- array user_from_uid( int uid )
-
this is another method that fetches information about users, but it
uses the user id as key rather than the login name. The method returns
an array of the same type as the userinfo() method.
- array userlist()
-
returns an array with the names of all users in the user databases.
For performance reasons some authentification modules will not allow
this but rather return an empty array.
|