AppSamurai is a mod_perl based system to protect vulnerable or sensitive Web applications. The target use is in reverse proxy configurations, with an Apache/mod_perl reverse proxy inside a DMZ and a backend Web server in another DMZ or an internal network. AppSamurai's features include a modular, multi-factor authentication system, form based or basic auth based logins, encrypted storage of session data on a proxy, the ability to use any Apache::Session storage type (including databases for clustered deployment), and the ability to configure it from httpd.conf.
License: Perl License
Changes:
This release adds nonce and signature to the login.pl login form and checking in Apache::AppSamurai::login(). All form logins must now provide a valid nonce and signature. It adds AuthSimple.pm, an authentication module for the Authen::Simple authentication framework, supporting numerous authentication methods (Kerberos, LDAP, PAM, etc.) It improves detection/requirement handling for mod_perl and Crypt::CBC ciphers.
