Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask
 
PerlMonks  

Using $! and passing errors

by Angel (Friar)
on Nov 15, 2002 at 19:52 UTC ( [id://213253]=perlquestion: print w/replies, xml ) Need Help??

Angel has asked for the wisdom of the Perl Monks concerning the following question:

I am trying to wrote a password validation module that instead of just going GOOD/BAD, allows tracking of number of logins and attempts to prevent beople from hammering, brute force cracking, and other cracking methods.

What I am asking is less of a how do I pass the type of bad login back to the calling script?

1. Have it return a list first element being 1 or 0 for sucessful or uncucessful and second element being the type of error?

2. Have it return the truth value and set $! to the error type. ( I tried this and in the calling script when I tried to print $! it seems that it was not passed back )

3. Have one element with the type of error or "good login" if sucessful.

What do you all think is the best way to do this?

Replies are listed 'Best First'.
Re: Using $! and passing errors
by Ovid (Cardinal) on Nov 15, 2002 at 20:04 UTC

    Exception handling is one of Perl's exceptional (ha!) weak points. You might want to read about Object-Oriented Exception Handling. It's a nice article, though it has some bugs in the code.

    If you're going to keep it simple and return false, don't return 0 or undef! Instead, use a bare return:

    unless ( $password_validated ) {
  # return 0; # <-- Usually bad
  return;
}
else {
  # do what must be done
}

    [download]

    The problem with using return 0; or return undef; is that someone using your code might be assigning the results to an array. If so, checking for "truth" in the array will give a false positive because the array will then have one element whose value is zero or undef. Evaluating the array in a boolean context then evaluates as true instead of the expected false.

    Cheers,
    Ovid

    New address of my CGI Course.
    Silence is Evil

[reply]
[d/l]
Re: Using $! and passing errors
by AltBlue (Chaplain) on Nov 15, 2002 at 20:14 UTC
    Ovid forgot to shed some light about using $! for custom errors: don't do that as $! is triggered only by system or library calls. heh, its mnemonic is $OS_ERROR :)
    --
    AltBlue.
[reply]
Re: Using $! and passing errors
by Ryszard (Priest) on Nov 15, 2002 at 20:27 UTC
    how are you going to layer your application?

    IMO a reasonable way is to have the upper layer (the user layer) only be aware of yes or no and the lower loayer doing all the work.

    It also depends on what you're trying to achive. do you want real time IDS? or do you want auditing?

    I wrote a system once that performed NRT IDS. The approach i used was the upper layer saying yes or no, the lower layer deciding if the login was right or wrong and logging the attempts, and a seperate daemon that would poll the database to determine if this was a brute force attack (by our definition, eg n attempts in a set period).

    If all you want is auditing, then pump you yes/no requests into a logfile and parse it separately...

    To prevent people from hammering, your validation methods would parse a logfile, db, or mem cache before it validated the login attempt to see if your threshold of 'hammering' was met.

    You could even go a step further, and daemonise your authentication process, making that process accessable to other systems, and so it could authenticate against various systems using parameters.... Take it a step further, use an XML (TCP) based transaction with XML::Simple and you've got a real cool, extensible, centralised authentication system capable of meeting whatever requirements you come up with.

    I am the feature creep, I come from round your way...

[reply]
      Well this is a standardized ( or so I hope ) module that my self and the other people working on my project will use to restrict entrance to the system...But Ryszard's idea of layers sounds realy cool and then all I would have to pass is 1 or 0 if it is valid or not. Thank you
[reply]
Re: Using $! and passing errors
by pg (Canon) on Nov 15, 2002 at 21:00 UTC
    you cannot use $!,
    1) It is only meaningful, if you check it right after the failure. However you are tryinh to check it after a functuion returned, and at that moment, $! could be changed long time ago;
    2) $! is usually set by system or library calls.
[reply]
      However this does NOT mean $! is readonly, you can change it. If you want it to be meaningful, set it to a number outside the range that being used by system. Again, there is a big chance that, at the time you check its value, it has been reset by the system, so you don't get what you want.
[reply]
Re: Using $! and passing errors
by Mr. Muskrat (Canon) on Nov 15, 2002 at 20:10 UTC

    Is this going to be accessible on your local network or over the internet? What methods have you tried so far for tracking the number of logins?

    As far as letting the calling script know the result? I'd use a return code that indicated success or failure. 0 meaning success, this leaves all other valid positive numbers for error codes. If successful, you need to pass on the info on the person logging in.

[reply]

Back to Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: perlquestion [id://213253]
Approved by AltBlue
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others pondering the Monastery: (4)
As of 2024-04-25 07:10 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found