I am exploring a few different options for adding authentication support
to Gofer::Transport::http and I would appreciate any feedback.
The most straightforward option is to add several attributes (netloc,
realm, http_user, and http_password) that would be passed to the
$useragent->credentials. These could be specified in the DSN or in
%attrs (using the go prefix). This is the style that we are currently
using in our dev code.
I think that most people don't usually think about the netloc and realm
when using http auth, from the client side. It would be possible to
avoid setting these by subclassing LWP::UserAgent and the
get_basic_credentials method.
Another option would be to specify the username and password in the URL,
(http://userid:passw...@example.com/). The big advantage here is that
the DBI distribution would not need to be touched. However, some people
may have concerns about potential security issues with this method.
Thanks,
Stuart Johnston
- HTTP Authentication for Gofer Stuart Johnston
-
