Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: ModPerl: ModPerl

Re: $r->get_basic_auth_pw

  

 
ModPerl modperl RSS feed   Index | Next | Previous | View Threaded


matt at sergeant

Feb 15, 2000, 2:18 AM

Post #1 of 6 (1597 views)
Permalink
Re: $r->get_basic_auth_pw
On Tue, 15 Feb 2000, Louis-David Mitterrand wrote:
> Although I see that the browser is returning a:
>
> 'Authorization' => 'Basic dnZ2dnY6bW1tbW1tbW1t',
>
> header, the $r->get_basic_auth_pw and $r->connection->user methods
> return nothing when used inside a content handler like Mason. Is this
> normal? Does it only return something from an auth handler?

Seems that way - irritating, isn't it?

I ended up doing this:

my ($auth) = $r->header_in('Authorization');
if (!$auth) {
# No login attempt
die My::Exception->Basic_Auth;
}
if ($auth =~ /Basic\s+(\S*)/) {
$auth = decode_base64($1);
my ($user, $pass) = split ':', $auth, 2;
my $userid;
if (!($userid = check_user($user, $pass) ) ) {
# password incorrect, display passwd dialog again
die My::Exception->Basic_Auth;
}
# password checks out!
$User = User->new($userid);
}
else {
die "Invalid Authorization request!\n";
}

(where My::Exception->Basic_Auth is caught many layers up and sends a 401).

--
<Matt/>

Details: FastNet Software Ltd - XML, Perl, Databases.
Tagline: High Performance Web Solutions
Web Sites: http://come.to/fastnet http://sergeant.org
Available for Consultancy, Contracts and Training.


matt at sergeant

Feb 15, 2000, 4:11 AM

Post #2 of 6 (1513 views)
Permalink
Re: $r->get_basic_auth_pw [In reply to]
On Tue, 15 Feb 2000, Matt Sergeant wrote:
> On Tue, 15 Feb 2000, Louis-David Mitterrand wrote:
> > Although I see that the browser is returning a:
> >
> > 'Authorization' => 'Basic dnZ2dnY6bW1tbW1tbW1t',
> >
> > header, the $r->get_basic_auth_pw and $r->connection->user methods
> > return nothing when used inside a content handler like Mason. Is this
> > normal? Does it only return something from an auth handler?
>
> Seems that way - irritating, isn't it?
>
> I ended up doing this:
>
> my ($auth) = $r->header_in('Authorization');
> if (!$auth) {
> # No login attempt
> die My::Exception->Basic_Auth;
> }
> if ($auth =~ /Basic\s+(\S*)/) {
> $auth = decode_base64($1);

Almost forgot: decode_base64 is from MIME::Base64.

--
<Matt/>

Details: FastNet Software Ltd - XML, Perl, Databases.
Tagline: High Performance Web Solutions
Web Sites: http://come.to/fastnet http://sergeant.org
Available for Consultancy, Contracts and Training.


matt at sergeant

Feb 15, 2000, 4:11 AM

Post #3 of 6 (1530 views)
Permalink
Re: $r->get_basic_auth_pw [In reply to]
On Tue, 15 Feb 2000, Matt Sergeant wrote:
> On Tue, 15 Feb 2000, Louis-David Mitterrand wrote:
> > Although I see that the browser is returning a:
> >
> > 'Authorization' => 'Basic dnZ2dnY6bW1tbW1tbW1t',
> >
> > header, the $r->get_basic_auth_pw and $r->connection->user methods
> > return nothing when used inside a content handler like Mason. Is this
> > normal? Does it only return something from an auth handler?
>
> Seems that way - irritating, isn't it?
>
> I ended up doing this:
>
> my ($auth) = $r->header_in('Authorization');
> if (!$auth) {
> # No login attempt
> die My::Exception->Basic_Auth;
> }
> if ($auth =~ /Basic\s+(\S*)/) {
> $auth = decode_base64($1);

Almost forgot: decode_base64 is from MIME::Base64.

--
<Matt/>

Details: FastNet Software Ltd - XML, Perl, Databases.
Tagline: High Performance Web Solutions
Web Sites: http://come.to/fastnet http://sergeant.org
Available for Consultancy, Contracts and Training.


richter at ecos

Feb 15, 2000, 7:02 AM

Post #4 of 6 (1516 views)
Permalink
RE: $r->get_basic_auth_pw [In reply to]
> > On Tue, 15 Feb 2000, Louis-David Mitterrand wrote:
> > > Although I see that the browser is returning a:
> > >
> > > 'Authorization' => 'Basic dnZ2dnY6bW1tbW1tbW1t',
> > >
> > > header, the $r->get_basic_auth_pw and $r->connection->user methods
> > > return nothing when used inside a content handler like Mason. Is this
> > > normal? Does it only return something from an auth handler?
> >

AuthType must be set to Basic in your httpd.conf, otherwise you won't see
anything from get_basic_auth_pw and have to do it like Matt wrote.

Gerald


> > Seems that way - irritating, isn't it?
> >
> > I ended up doing this:
> >
> > my ($auth) = $r->header_in('Authorization');
> > if (!$auth) {
> > # No login attempt
> > die My::Exception->Basic_Auth;
> > }
> > if ($auth =~ /Basic\s+(\S*)/) {
> > $auth = decode_base64($1);
>
> Almost forgot: decode_base64 is from MIME::Base64.
>
> --
> <Matt/>
>
> Details: FastNet Software Ltd - XML, Perl, Databases.
> Tagline: High Performance Web Solutions
> Web Sites: http://come.to/fastnet http://sergeant.org
> Available for Consultancy, Contracts and Training.
>


matt at sergeant

Feb 15, 2000, 7:51 AM

Post #5 of 6 (1518 views)
Permalink
RE: $r->get_basic_auth_pw [In reply to]
On Tue, 15 Feb 2000, Gerald Richter wrote:
> > > On Tue, 15 Feb 2000, Louis-David Mitterrand wrote:
> > > > Although I see that the browser is returning a:
> > > >
> > > > 'Authorization' => 'Basic dnZ2dnY6bW1tbW1tbW1t',
> > > >
> > > > header, the $r->get_basic_auth_pw and $r->connection->user methods
> > > > return nothing when used inside a content handler like Mason. Is this
> > > > normal? Does it only return something from an auth handler?
> > >
>
> AuthType must be set to Basic in your httpd.conf, otherwise you won't see
> anything from get_basic_auth_pw and have to do it like Matt wrote.

It should be added that most of the Auth stuff segfaults if you don't have
AuthType set.

--
<Matt/>

Details: FastNet Software Ltd - XML, Perl, Databases.
Tagline: High Performance Web Solutions
Web Sites: http://come.to/fastnet http://sergeant.org
Available for Consultancy, Contracts and Training.


matt at sergeant

Feb 15, 2000, 7:51 AM

Post #6 of 6 (1520 views)
Permalink
RE: $r->get_basic_auth_pw [In reply to]
On Tue, 15 Feb 2000, Gerald Richter wrote:
> > > On Tue, 15 Feb 2000, Louis-David Mitterrand wrote:
> > > > Although I see that the browser is returning a:
> > > >
> > > > 'Authorization' => 'Basic dnZ2dnY6bW1tbW1tbW1t',
> > > >
> > > > header, the $r->get_basic_auth_pw and $r->connection->user methods
> > > > return nothing when used inside a content handler like Mason. Is this
> > > > normal? Does it only return something from an auth handler?
> > >
>
> AuthType must be set to Basic in your httpd.conf, otherwise you won't see
> anything from get_basic_auth_pw and have to do it like Matt wrote.

It should be added that most of the Auth stuff segfaults if you don't have
AuthType set.

--
<Matt/>

Details: FastNet Software Ltd - XML, Perl, Databases.
Tagline: High Performance Web Solutions
Web Sites: http://come.to/fastnet http://sergeant.org
Available for Consultancy, Contracts and Training.

ModPerl modperl RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.