annotate Lib/IMPL/Security/Auth.pm @ 73:2f31ecabe9ea

doc security
author wizard
date Mon, 29 Mar 2010 06:56:05 +0400
parents eac47fa4f262
children 077357224bec
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
1 package IMPL::Security::Auth;
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
2
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
3 use Digest::MD5 qw(md5_hex);
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
4
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
5 use constant {
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
6 AUTH_SUCCESS => 1,
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
7 AUTH_INCOMPLETE => 2,
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
8 AUT_FAIL => 3
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
9 };
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
10
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
11 use base qw(Exporter);
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
12
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
13 our @EXPORT_OK = qw(&AUTH_SUCCESS &AUTH_INCOMPLETE &AUTH_FAIL &GenSSID);
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
14 our %EXPORT_TAGS = (Const => [qw(&AUTH_SUCCESS &AUTH_INCOMPLETE &AUTH_FAIL)]);
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
15
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
16 {
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
17 my $i = 0;
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
18 sub GenSSID() {
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
19 return md5_hex(time,rand,$i++);
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
20 }
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
21 }
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
22
69
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
23 sub DoAuth {
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
24 die new IMPL::NotImplementedException;
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
25 }
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
26
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
27 sub ValidateSession {
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
28 die new IMPL::NotImplementedException;
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
29 }
8c7b88bdb663 Cookie Simple auth support
wizard
parents: 68
diff changeset
30
73
wizard
parents: 72
diff changeset
31 sub isTrusted {
wizard
parents: 72
diff changeset
32 0;
wizard
parents: 72
diff changeset
33 }
wizard
parents: 72
diff changeset
34
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
35 1;
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
36
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
37 __END__
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
38
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
39 =pod
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
40
71
wizard
parents: 70
diff changeset
41 =head1 NAME
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
42
71
wizard
parents: 70
diff changeset
43 C<IMPL::Security::Auth> Базовыйы класс для пакетов аутентификации.
wizard
parents: 70
diff changeset
44
wizard
parents: 70
diff changeset
45 =head1 DESCRIPTION
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
46
70
2dfb0b0ad12f More docs
wizard
parents: 69
diff changeset
47 Аутентификация носит итеративный характер, для чего создается объект аутентификации который
2dfb0b0ad12f More docs
wizard
parents: 69
diff changeset
48 сохраняет состояние между итерациями.
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
49
70
2dfb0b0ad12f More docs
wizard
parents: 69
diff changeset
50 Результатом аутентификации является сессия, состояние этой сессии также хранит объект
2dfb0b0ad12f More docs
wizard
parents: 69
diff changeset
51 аутентификации.
2dfb0b0ad12f More docs
wizard
parents: 69
diff changeset
52
2dfb0b0ad12f More docs
wizard
parents: 69
diff changeset
53 В процессе авторизации клиент и сервер обмениеваются данными безопасности C<$challenge>.
2dfb0b0ad12f More docs
wizard
parents: 69
diff changeset
54 И результатом каждой итерации является либо упех (C<AUTH_SUCCESS>), либо запрос на продолжение
2dfb0b0ad12f More docs
wizard
parents: 69
diff changeset
55 (C<AUTH_INCOMPLETE>), либо неудача (C<AUTH_FAIL>). Количество итераций может быть разным,
2dfb0b0ad12f More docs
wizard
parents: 69
diff changeset
56 зависит от пакета аутентификации.
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
57
71
wizard
parents: 70
diff changeset
58 =head1 EXPORT
wizard
parents: 70
diff changeset
59
wizard
parents: 70
diff changeset
60 =over
wizard
parents: 70
diff changeset
61
wizard
parents: 70
diff changeset
62 =item C<:Const>
wizard
parents: 70
diff changeset
63
wizard
parents: 70
diff changeset
64 Константы результата аутентификации
wizard
parents: 70
diff changeset
65
wizard
parents: 70
diff changeset
66 =over
wizard
parents: 70
diff changeset
67
wizard
parents: 70
diff changeset
68 =item C<AUTH_SUCCESS>
wizard
parents: 70
diff changeset
69
wizard
parents: 70
diff changeset
70 Успешная аутентификация
wizard
parents: 70
diff changeset
71
wizard
parents: 70
diff changeset
72 =item C<AUTH_INCOMPLETE>
wizard
parents: 70
diff changeset
73
wizard
parents: 70
diff changeset
74 Требуются дополнительные шаги
wizard
parents: 70
diff changeset
75
72
wizard
parents: 71
diff changeset
76 =item C<AUTH_FAIL>
71
wizard
parents: 70
diff changeset
77
wizard
parents: 70
diff changeset
78 Аутентификация неуспешна.
wizard
parents: 70
diff changeset
79
wizard
parents: 70
diff changeset
80 =back
wizard
parents: 70
diff changeset
81
wizard
parents: 70
diff changeset
82 =back
wizard
parents: 70
diff changeset
83
wizard
parents: 70
diff changeset
84 =head1 MEMBERS
wizard
parents: 70
diff changeset
85
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
86 =over
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
87
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
88 =item C<CTOR($SecData)>
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
89
71
wizard
parents: 70
diff changeset
90 Создает пакет для авторизации на основе данных безопасности для пользователя.
wizard
parents: 70
diff changeset
91 C<$SecData> - Зависит от пакета аутентификации.
wizard
parents: 70
diff changeset
92
73
wizard
parents: 72
diff changeset
93 =item C<[get] isTrusted>
wizard
parents: 72
diff changeset
94
wizard
parents: 72
diff changeset
95 Флаг того, что аутентификация закончена успешно.
wizard
parents: 72
diff changeset
96
71
wizard
parents: 70
diff changeset
97 =item C<DoAuth($Challenge)>
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
98
71
wizard
parents: 70
diff changeset
99 Производит аутентификацию пользователя и инициализацию сессии,
wizard
parents: 70
diff changeset
100 возвращает результат аутентификации, в виде массива ($status,$challenge).
wizard
parents: 70
diff changeset
101
wizard
parents: 70
diff changeset
102 =item C<ValidateSession($Challenge)>
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
103
71
wizard
parents: 70
diff changeset
104 Производит аутентификацию сессии, возвращает результат аутентификации,
wizard
parents: 70
diff changeset
105 в виде массива ($status,$challenge).
wizard
parents: 70
diff changeset
106
wizard
parents: 70
diff changeset
107 =item C<[static] CreateSecData(%args)>
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
108
71
wizard
parents: 70
diff changeset
109 Создает данные безопасности, на основе параметров. Параметры зависят от пакета аутентификации.
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
110
71
wizard
parents: 70
diff changeset
111 =item C<[static] SecDataArgs()>
wizard
parents: 70
diff changeset
112
wizard
parents: 70
diff changeset
113 Возвращает хеш с описанием параметров для функции C<CreateSecData>. Ключами являются
73
wizard
parents: 72
diff changeset
114 имена параметров, значениями - типы.
wizard
parents: 72
diff changeset
115
wizard
parents: 72
diff changeset
116 =back
52
15d720913562 security in work
wizard@linux-odin.local
parents: 51
diff changeset
117
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
118 =cut