CGI and Perl

Whos There? User/Group Verification

Finally, you can use the http access.conf file, along with a couple of other files and tools, to configure security for a specific directory or file on a per-user or per-group basis. You'll need to create the .htpasswd file on a per-directory basis and/or a global .htpasswd file. The HTTPD::UserAdmin module is the tool of choice for manipulating passwd/group files. It knows about the various types of user and group databases that the Apache, NCSA, and even CERN servers implement, and provides you with a generic interface that hides the inconsistencies, simplifying the maintenance of the databases.

The user/group databases may take various forms and use different internal formats, depending on your preference and what tools are available on your system. The HTTPD::UserAdmin module allows you to access databases implemented as DBM files or straight text files. It also gives you the capability to talk to an SQL database and to get/put user information to an SQL database. Its companion, HTTPD::Authen, knows about the various formats of the entries in these files, including MD5 (Message Digest), as well as standard (default) DES encryption and, of course, plaintext.

The HTTPD::UserAdmin module provides you with several useful methods after you've created a new HTTPD::UserAdmin object. These include the following:

add(name,passwd) Add a new user to the database
delete(name) Delete a user from the database
exists(name) Check if the user exists in the database
password(name) Return the encrypted password for the user
list Return a list of all the usernames in the database
update(name,password) Update the user with a new password
group Create a new GroupAdmin object
lock([timeout]) Create a file lock for the database in anticipation of updating it
unlock Unlock the database
db(dbname) Select a different database

There are several examples, provided as tests in the t/ directory, that accompany the HTTPD:: module suite. You can adapt these to suit your particular needs. The simplest case might be one in which you wish to add a new user to an existing database. The following simple script lets you do this, first by checking if the specified user already exists in the database. If so, it updates the record with the new password. If not, it creates the new entry for the user.

#!/usr/local/bin/perl
 require HTTPD::UserAdmin;
 $path = "/usr/local/etc/httpd/conf";
 $username = shift || "josie";
 $password = "pussycats";
 $user = new HTTPD::UserAdmin(DBType => "Text", Path => $path, Server => "apache");
 if($user->exists($username)){
     print "$username already exists in the database\n";
     print "Updating with new password\n";
     $user->update($username, $password);
 }
 else{
     print "Adding $username to database\n";
     $user->add($username, $password);
     if($user->exists($username)){
         print "Successful\n";
     }
 }