CGI::Application::Plugin::RequireSSL(3pm)

1CGI::Application::PlugiUns:e:rReCqounitrreiSbSuLt(e3d)PCeGrIl::DAopcpulmiecnattaitoino:n:Plugin::RequireSSL(3)
2
3
4

NAME

6       CGI::Application::Plugin::RequireSSL - Force SSL in specified pages or
7       modules
8

VERSION

10       Version 0.04
11

SYNOPSIS

13           use CGI::Application::Plugin::RequireSSL;
14
15           sub login_form :RequireSSL {
16               my $self = shift;
17               # etc
18           }
19

DESCRIPTION

21       CGI::Application::Plugin::RequireSSL allows individual run modes or
22       whole modules to be protected by SSL. If a standard HTTP request is
23       received, you can specify whether an error is raised or if the request
24       should be redirected to the HTTPS equivalent URL.
25

EXPORT

27       Exported methods:
28           config_requiressl, mode_redirect
29

USAGE

31   run mode-level protection
32       run mode protection is specified by the RequireSSL attribute after the
33       method name:
34
35           sub process_login :RequireSSL {
36               my $self = shift;
37           }
38
39   Module-level protection
40       You can protect a complete module by setting the 'require_ssl'
41       parameter in your instance script:
42
43           use MyApp;
44           my $webapp = MyApp->new(
45               PARAMS => {require_ssl => 1}
46           );
47           $webapp->run();
48
49   Redirecting to a protected URL.
50       By default, an error is raised if a request is made to a protected run
51       mode or module using HTTP. However, you can specify that the request is
52       redirected to the HTTPS url by setting the rewrite_to_ssl parameter as
53       long as the requested method is not POST:
54
55           my $webapp = MyApp->new(
56               PARAMS => {rewrite_to_ssl => 1}
57           );
58
59   Turning off checks.
60       If you need to turn off checks, simply set the ignore_check parameter
61       when configuring the plugin (see "config_requiressl" below).
62
63   Reverting to HTTP
64       Once a successful request is made to a protected run mode or module,
65       subsequent requests to a non-protected run mode or module will revert
66       to using HTTP.  To prevent this from happening, set the parameter
67       keep_in_ssl in the configuration (see "config_requiressl" below)
68

METHODS

70   config_requiressl
71       Optionally configure the plugin in your cgiapp_init method
72
73           $self->config_requiressl(
74               keep_in_ssl => 0,
75               ignore_check => 0,
76           )
77
78       Valid parameters are:
79
80       ·   keep_in_ssl - if set, all subsequent requests following one to a
81           protected run mode or module will be via HTTPS.
82
83       ·   ignore_check - ignore SSL schecking. This is useful if your
84           application is deployed in an environment that doesn't support SSL.
85
86   mode_redirect
87       This is a run mode that will be automatically called if the request
88       should be redirected to the equivalent HTTP or HTTPS URL. You should
89       not call it directly.
90

AUTHOR

92       Dan Horne, "<dhorne at cpan.org>"
93

BUGS

95       Please report any bugs or feature requests to
96       "bug-cgi-application-plugin-requiressl at rt.cpan.org", or through the
97       web interface at
98       http://rt.cpan.org/NoAuth/ReportBug.html?Queue=CGI-Application-Plugin-RequireSSL
99       <http://rt.cpan.org/NoAuth/ReportBug.html?Queue=CGI-Application-Plugin-
100       RequireSSL>.  I will be notified, and then you'll automatically be
101       notified of progress on your bug as I make changes.
102

CAVEAT

104       This module been tested under the FastCGI persistent environment, but
105       not under mod_perl. The author would apprecaute feedback from anyone
106       who is able to test with that environment.
107

SUPPORT

109       You can find documentation for this module with the perldoc command.
110
111           perldoc CGI::Application::Plugin::RequireSSL
112
113       You can also look for information at:
114
115       ·   AnnoCPAN: Annotated CPAN documentation
116
117           http://annocpan.org/dist/CGI-Application-Plugin-RequireSSL
118           <http://annocpan.org/dist/CGI-Application-Plugin-RequireSSL>
119
120       ·   CPAN Ratings
121
122           http://cpanratings.perl.org/d/CGI-Application-Plugin-RequireSSL
123           <http://cpanratings.perl.org/d/CGI-Application-Plugin-RequireSSL>
124
125       ·   RT: CPAN's request tracker
126
127           http://rt.cpan.org/NoAuth/Bugs.html?Dist=CGI-Application-Plugin-RequireSSL
128           <http://rt.cpan.org/NoAuth/Bugs.html?Dist=CGI-Application-Plugin-
129           RequireSSL>
130
131       ·   Search CPAN
132
133           http://search.cpan.org/dist/CGI-Application-Plugin-RequireSSL
134           <http://search.cpan.org/dist/CGI-Application-Plugin-RequireSSL>
135

ACKNOWLEDGEMENTS

137       ·   Users of the CGI::Application wiki (http://www.cgi-app.org) who
138           requested this module.
139
140       ·   Andy Grundman - I stole the idea of the keep_in_ssl parameter from
141           his Catalyst::Plugin::RequireSSL module
142

COPYRIGHT & LICENSE

144       Copyright 2007 Dan Horne, all rights reserved.
145
146       This program is free software; you can redistribute it and/or modify it
147       under the same terms as Perl itself.
148
149
150
151perl v5.12.3                      2007-0C7G-I1:2:Application::Plugin::RequireSSL(3)