This message was sent from Geocrawler.com by "Darko Krizic" <[EMAIL PROTECTED]>
Be sure to reply to that address.
Hello!
I just hacked a little PerlHandler (content handler) module that uses Basic auth. I
found out that things like
$r->note_basic_auth_failure;
my($res, $sent_pw) = $r->get_basic_auth_pw;
return AUTH_REQUIRED
do not work correctly for a content handler. Therefore I wrote this code:
#!/usr/bin/perl -w
package My;
use strict;
use Apache ();
use Apache::Log;
use Apache::Constants (qw/:common/);
use MIME::Base64; # needed for decode of basic auth
sub handler
{
my $r = shift;
my $user;
my $password;
my $userpass = $r->header_in("Authorization") || undef;
Apache->request($r);
my $log = $r->log();
# optionally decode authorization
if( $userpass ) { # got any authorization
if( $userpass =~ m/^Basic / ) {
# only basic
$userpass =~ s/^Basic //; # remove leading
($user,$password) # decode user + pass
= split(":", decode_base64 $userpass);
$log->warn("user=$user, password=$password");
}
}
unless( defined $user
and $user eq "DeKay" and
defined $password
and $password eq "got it"
) {
# no auth or auth not valid
$r->header_out("WWW-Authenticate" => "Basic realm=\"Test\"");
$r->content_type("text/html");
$r->status(AUTH_REQUIRED);
$r->send_http_header;
$r->print("Auth required");
return OK;
}
# auth valid
$r->content_type("text/html");
$r->send_http_header;
$r->print("user: $user<BR>");
$r->print("Password: $password<BR>");
return OK;
}
1;
Questions:
- This does not look very mod_perlish, can this be done "better"?
- How can I make Apache print its "Authentication required" message itself? In this
module I have to do this by myself.
...darko
Geocrawler.com - The Knowledge Archive