Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. ModPerl>
  3. ModPerl
Re: $r->get_basic_auth_pw
matt at sergeant
Feb 15, 2000, 2:18 AM
Post #1 of 6 (3883 views)
Permalink
On Tue, 15 Feb 2000, Louis-David Mitterrand wrote:
> Although I see that the browser is returning a:
>
> 'Authorization' => 'Basic dnZ2dnY6bW1tbW1tbW1t',
>
> header, the $r->get_basic_auth_pw and $r->connection->user methods
> return nothing when used inside a content handler like Mason. Is this
> normal? Does it only return something from an auth handler?

Seems that way - irritating, isn't it?

I ended up doing this:

my ($auth) = $r->header_in('Authorization');
if (!$auth) {
# No login attempt
die My::Exception->Basic_Auth;
}
if ($auth =~ /Basic\s+(\S*)/) {
$auth = decode_base64($1);
my ($user, $pass) = split ':', $auth, 2;
my $userid;
if (!($userid = check_user($user, $pass) ) ) {
# password incorrect, display passwd dialog again
die My::Exception->Basic_Auth;
}
# password checks out!
$User = User->new($userid);
}
else {
die "Invalid Authorization request!\n";
}

(where My::Exception->Basic_Auth is caught many layers up and sends a 401).

--
<Matt/>

Details: FastNet Software Ltd - XML, Perl, Databases.
Tagline: High Performance Web Solutions
Web Sites: http://come.to/fastnet http://sergeant.org
Available for Consultancy, Contracts and Training.
Re: $r->get_basic_auth_pw [ In reply to ]
matt at sergeant
Feb 15, 2000, 4:11 AM
Post #2 of 6 (3754 views)
Permalink
On Tue, 15 Feb 2000, Matt Sergeant wrote:
> On Tue, 15 Feb 2000, Louis-David Mitterrand wrote:
> > Although I see that the browser is returning a:
> >
> > 'Authorization' => 'Basic dnZ2dnY6bW1tbW1tbW1t',
> >
> > header, the $r->get_basic_auth_pw and $r->connection->user methods
> > return nothing when used inside a content handler like Mason. Is this
> > normal? Does it only return something from an auth handler?
>
> Seems that way - irritating, isn't it?
>
> I ended up doing this:
>
> my ($auth) = $r->header_in('Authorization');
> if (!$auth) {
> # No login attempt
> die My::Exception->Basic_Auth;
> }
> if ($auth =~ /Basic\s+(\S*)/) {
> $auth = decode_base64($1);

Almost forgot: decode_base64 is from MIME::Base64.

--
<Matt/>

Details: FastNet Software Ltd - XML, Perl, Databases.
Tagline: High Performance Web Solutions
Web Sites: http://come.to/fastnet http://sergeant.org
Available for Consultancy, Contracts and Training.
Re: $r->get_basic_auth_pw [ In reply to ]
matt at sergeant
Feb 15, 2000, 4:11 AM
Post #3 of 6 (3776 views)
Permalink
On Tue, 15 Feb 2000, Matt Sergeant wrote:
> On Tue, 15 Feb 2000, Louis-David Mitterrand wrote:
> > Although I see that the browser is returning a:
> >
> > 'Authorization' => 'Basic dnZ2dnY6bW1tbW1tbW1t',
> >
> > header, the $r->get_basic_auth_pw and $r->connection->user methods
> > return nothing when used inside a content handler like Mason. Is this
> > normal? Does it only return something from an auth handler?
>
> Seems that way - irritating, isn't it?
>
> I ended up doing this:
>
> my ($auth) = $r->header_in('Authorization');
> if (!$auth) {
> # No login attempt
> die My::Exception->Basic_Auth;
> }
> if ($auth =~ /Basic\s+(\S*)/) {
> $auth = decode_base64($1);

Almost forgot: decode_base64 is from MIME::Base64.

--
<Matt/>

Details: FastNet Software Ltd - XML, Perl, Databases.
Tagline: High Performance Web Solutions
Web Sites: http://come.to/fastnet http://sergeant.org
Available for Consultancy, Contracts and Training.
RE: $r->get_basic_auth_pw [ In reply to ]
richter at ecos
Feb 15, 2000, 7:02 AM
Post #4 of 6 (3766 views)
Permalink
> > On Tue, 15 Feb 2000, Louis-David Mitterrand wrote:
> > > Although I see that the browser is returning a:
> > >
> > > 'Authorization' => 'Basic dnZ2dnY6bW1tbW1tbW1t',
> > >
> > > header, the $r->get_basic_auth_pw and $r->connection->user methods
> > > return nothing when used inside a content handler like Mason. Is this
> > > normal? Does it only return something from an auth handler?
> >

AuthType must be set to Basic in your httpd.conf, otherwise you won't see
anything from get_basic_auth_pw and have to do it like Matt wrote.

Gerald


> > Seems that way - irritating, isn't it?
> >
> > I ended up doing this:
> >
> > my ($auth) = $r->header_in('Authorization');
> > if (!$auth) {
> > # No login attempt
> > die My::Exception->Basic_Auth;
> > }
> > if ($auth =~ /Basic\s+(\S*)/) {
> > $auth = decode_base64($1);
>
> Almost forgot: decode_base64 is from MIME::Base64.
>
> --
> <Matt/>
>
> Details: FastNet Software Ltd - XML, Perl, Databases.
> Tagline: High Performance Web Solutions
> Web Sites: http://come.to/fastnet http://sergeant.org
> Available for Consultancy, Contracts and Training.
>
RE: $r->get_basic_auth_pw [ In reply to ]
matt at sergeant
Feb 15, 2000, 7:51 AM
Post #5 of 6 (3759 views)
Permalink
On Tue, 15 Feb 2000, Gerald Richter wrote:
> > > On Tue, 15 Feb 2000, Louis-David Mitterrand wrote:
> > > > Although I see that the browser is returning a:
> > > >
> > > > 'Authorization' => 'Basic dnZ2dnY6bW1tbW1tbW1t',
> > > >
> > > > header, the $r->get_basic_auth_pw and $r->connection->user methods
> > > > return nothing when used inside a content handler like Mason. Is this
> > > > normal? Does it only return something from an auth handler?
> > >
>
> AuthType must be set to Basic in your httpd.conf, otherwise you won't see
> anything from get_basic_auth_pw and have to do it like Matt wrote.

It should be added that most of the Auth stuff segfaults if you don't have
AuthType set.

--
<Matt/>

Details: FastNet Software Ltd - XML, Perl, Databases.
Tagline: High Performance Web Solutions
Web Sites: http://come.to/fastnet http://sergeant.org
Available for Consultancy, Contracts and Training.
RE: $r->get_basic_auth_pw [ In reply to ]
matt at sergeant
Feb 15, 2000, 7:51 AM
Post #6 of 6 (3762 views)
Permalink
On Tue, 15 Feb 2000, Gerald Richter wrote:
> > > On Tue, 15 Feb 2000, Louis-David Mitterrand wrote:
> > > > Although I see that the browser is returning a:
> > > >
> > > > 'Authorization' => 'Basic dnZ2dnY6bW1tbW1tbW1t',
> > > >
> > > > header, the $r->get_basic_auth_pw and $r->connection->user methods
> > > > return nothing when used inside a content handler like Mason. Is this
> > > > normal? Does it only return something from an auth handler?
> > >
>
> AuthType must be set to Basic in your httpd.conf, otherwise you won't see
> anything from get_basic_auth_pw and have to do it like Matt wrote.

It should be added that most of the Auth stuff segfaults if you don't have
AuthType set.

--
<Matt/>

Details: FastNet Software Ltd - XML, Perl, Databases.
Tagline: High Performance Web Solutions
Web Sites: http://come.to/fastnet http://sergeant.org
Available for Consultancy, Contracts and Training.

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal