Is there a module to manipulate an htdigest password file in Perl?

Question

I operate a small development cluster and repository system for a couple of open-source project groups to use. I run these systems on a volunteer basis. Recently, people have expressed concern at the repository system using basic authentication to access the SVN repository system, so I'm transitioning the whole system over to digest authentication. The thing is that I have a number of utilities written around the basic scheme so that each person can change their own SVN password as they wish.

In a nutshell, I'm looking for a Perl module that will quickly allow me to add, delete, and modify entries into an htdigest generated password file. I would ideally like something similar to the Apache::Htpasswd module. I have read that you can use one of the encryption modules to generate a digested password then write that using the htpasswd module, but I have no idea how to actually implement that solution. Plus, I'd really prefer not to do that, because that'd require extensive rewriting of a lot of custom written system utilities. Does anyone have any suggestions?

~KW

Answer 1

For password management there's a DBI interface: Apache::AuthDBI, and HTTPD::UserAdmin.

For configuration...it could be out of date (it was built in 2001), but Apache::ConfigFile may at least get you started in the right direction. A .htaccess file is just a very localized (within your directory structure) version of a server configuration file.

If the Apache config file format has changed significantly enough this module may not handle everything you need, but by looking at its code you may at least figure out how to work on a more up-to-date implementation.

There is also Apache::ConfigParser, which was at least updated in 2005. It might be closer to 'current'. Or may be yet another good source of information for building your own solution.

UPDATE: Oh, I found what looks like a more full-featured, and up-to-date option for you. Apache::Admin::Config. Again, since .htaccess is just a path-localized configuration file, in the same format as the serverwide file, this module could be of help to you. -- Enjoy.