[tpop3d-discuss] Perl authentication for dummies

[Martin Schmitt]

Hi everybody!

As I've reported already a long time ago, I'm using an authenticator
(modeled after the apop-authenticator included in the tpop3d distribution)
that authenticates users either by a file called ~/.pop-secret, or uses
their /etc/shadow entry if they have no interactive login shell. This makes
it possible for me to separate POP3 passwords from SSH system passwords. 

I've been using this as an "other" authenticator for a very long time, and
after a recent rewrite, it doesn't even have to start a separate process to
write the user's name into our MySQL database which is used for
Pop-before-SMTP handling.

The authenticator is here:

http://www.scsy.de/~mas/debug/tpop3d/dotpop-secret.txt

Even though the rewrite has greatly improved reliability of my
authenticator (I had to deal with authenticator crashes and stale lockfiles
before), I'd like to set it all up more cleanly using tpop3d's auth-perl.

The goals which I want to achieve by turning the authenticator from
auth-other into auth-perl are:

- Don't keep database credentials inside the authenticator, pass them from
  tpop3d.conf instead.
- Make database connection persistent. (Use SCSY::PopB4Smtp->new() only
  once and go on from there using the input() method.)
- Make the authenticator redistributable as a CPAN-style module for my
  clients and for the public, if anyone cares at all.

I have tried to grok the manual section regarding auth-perl, but I can't
really make heads or tails of it and don't know where to begin from. Maybe
someone of you has some examples to get me started.

Thanks in advance,

-martin

-- 
+-------------------------+------------------------+-------------------------+
| Martin Schmitt          | Schmitt Systemberatung | SPAM-Wetterlage         |
| http://www.scsy.de/~mas | http://www.scsy.de     | http://www.scsy.de/spam |
+-------------------------+------------------------+-------------------------+