On 2003.10.31, Dave Bauer <[EMAIL PROTECTED]> wrote:
> On Fri, Oct 31, 2003 at 03:29:24PM +0000, Patrick O'Leary wrote:
> > Alternatively you could just look at ns_register_filter-
> > It's probably what your looking for.
>
> Not really.
Why not? What's wrong with a pre-auth filter that uses [ns_conn authuser],
[ns_conn authpasswd] and [ns_returnunauthorized]?
Instead of pre-auth filters, I did this in my startpage.adp since I'm
using one, and the code looks something like this:
if {![cms.isConnAuth]} {
ns_returnunauthorized
return
}
ns_adp_include [ns_url2file [ns_conn url]]
Obviously, the cms.isConnAuth proc is pretty straight-forward too:
proc cms.isConnAuth {} {
if {[catch {cms.auth [ns_conn authuser] [ns_conn authpassword]} err]} {
return 0
}
return 1
}
What's cms.auth look like, you ask? Here:
proc cms.auth {user pass} {
if {[catch {set expected [cms.db.get auth.dat $user]}]} {
error "no such user '$user' in auth db"
}
if {$pass ne $expected} {
error "invalid password for user '$user' in auth db"
}
}
Of course, this solution works /perfectly/ for me but that's because
it's designed to solve the problem I had.
> I need to do HTTP authentication. I could write an HTTP authentication
> implementation and register that as a filter, but I'd rather not.
Why would you rather not?
Sounds like you've got a technological solution and you're looking for a
problem to solve, not the other way around. Identify your problem and
many workable solutions ought to just become obvious. :-)
-- Dossy
--
Dossy Shiobara mail: [EMAIL PROTECTED]
Panoptic Computer Network web: http://www.panoptic.com/
"He realized the fastest way to change is to laugh at your own
folly -- then you can let go and quickly move on." (p. 70)
--
AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the
body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of
your email blank.
