RSS FeedA Perl library for Hash based authorization.
Current Version: 0.1.4 Alpha
Next Planned Stable Release: 0.2.0 10/01/2007
A Robust Perl OO Module for Digest based Authentication leveraging DBI as a backend. This Performance oriented Hash Authentication Library is scalable from single PC to multi-database single sign on www applications. Optionally uses Javascript and Cookies. By default this module uses SHA1, however it is flexible and allows you to use other hash digests such as MD5.
This module attempts to provide a means for easily building a reasonably secure perl application using one way secure hash algorithms. This should not be a replacement for other security precautions such as SSL, SSH, etc. but instead an additional layer of protection to prevent common types of attacks which many perl applications are susceptible to.
This library ideally works in conjunction with client side hash algorithms to provide a much more secure method of authenticating users although you can opt to not use an client side hashing for the sake of compatibility.
This module is licensed under the GPL. See the LICENSE section below for more details.
Session based user access is key to nearly every Internet and intranet application. While there have been a few attempts to make a secure hash login library they have had several short comings such as poor documentation, support, weak algorithms (such as MD5), a poor design, etc. This library seeks to fill an important gap to help make perl applications more secure.
