Authentication
/;
- __PACKAGE__->config->{'Plugin::Authentication'} =
+ __PACKAGE__->config( 'Plugin::Authentication' =>
{
default => {
credential => {
}
}
}
- };
+ }
+ );
This tells the authentication plugin what realms are available, which
credential and store modules are used, and the configuration of each. With
You can accomplish this simply by installing the L<DBIx::Class|Catalyst::Authentication::Store::DBIx::Class> Store and
changing your config:
- __PACKAGE__->config->{'Plugin::Authentication'} =
+ __PACKAGE__->config( 'Plugin::Authentication'} =>
{
default_realm => 'members',
members => {
role_column => 'roles'
}
}
- };
+ }
+ );
The authentication system works behind the scenes to load your data from the
new source. The rest of your application is completely unchanged.
=head1 CONFIGURATION
# example
- __PACKAGE__->config->{'Plugin::Authentication'} =
+ __PACKAGE__->config( 'Plugin::Authentication' =>
{
default_realm => 'members',
authserver => '192.168.10.17'
}
}
- };
+ }
+ );
NOTE: Until version 0.10008 of this module, you would need to put all the
-realms inside a "realms" key in the configuration. That is not required anymore.
+realms inside a "realms" key in the configuration. Please see
+L</COMPATIBILITY CONFIGURATION> for more information
=over 4
=item use_session
Whether or not to store the user's logged in state in the session, if the
-application is also using L<Catalyst::Plugin::Session>. This
+application is also using L<Catalyst::Plugin::Session>. This
value is set to true per default.
+However, even if use_session is disabled, if any code touches $c->session, a session
+object will be auto-vivified and session Cookies will be sent in the headers. To
+prevent accidental session creation, check if a session already exists with
+if ($c->sessionid) { ... }. If the session doesn't exist, then don't place
+anything in the session to prevent an unecessary session from being created.
+
=item default_realm
This defines which realm should be used as when no realm is provided to methods
=item L<Catalyst::Authentication::Credential::Kerberos>
+=back
+
=head2 Authorization
L<Catalyst::Plugin::Authorization::ACL>,
covered in L<Catalyst::Plugin::Authentication::Internals>. We hope that most
modules will move to the compatible list above very quickly.
+=head1 COMPATIBILITY CONFIGURATION
+
+Until version 0.10008 of this module, you needed to put all the
+realms inside a "realms" key in the configuration.
+
+ # example
+ __PACKAGE__->config( 'Plugin::Authentication'} =>
+ {
+ default_realm => 'members',
+ realms => {
+ members => {
+ ...
+ },
+ },
+ }
+ );
+
+If you use the old, deprecated C<< __PACKAGE__->config( 'authentication' ) >>
+configuration key, then the realms key is still required.
+
=head1 COMPATIBILITY ROUTINES
In version 0.10 of L<Catalyst::Plugin::Authentication>, the API
Return the store whose name is 'default'.
-This is set to C<< $c->config->{'Plugin::Authentication'}{store} >> if that value exists,
+This is set to C<< $c->config( 'Plugin::Authentication' => { store => # Store} ) >> if that value exists,
or by using a Store plugin:
# load the Minimal authentication store.