Thanks for the help. I was hoping that Apache would check the password for
me but this should work.
Now, how do I get Apache to run my PerlAuthenHandler without setting the
AuthType or AuthName in httpd.conf?
Do I need to do the Authentication in a PerlHandler?
-Todd
On Wed, 27 Sep 2000, Carlos Ramirez wrote:
> 1. Oh, I mis-interpreted your question. I thought you already had a list of
> virtual directories with the
> AuthNames defined.
>
> You can set the AuthName by sending them in the server response header field:
>
> WWW-Authenticate Basic $realm
>
> So the first request to /companyA, you AuthHandler will respond with:
>
> $r->header_out(WWW-Authenticate => 'Basic $realm); ## Sets Realm field
> $r->note_basic_auth_failure; ## Prompts for password
>
> The when a username and password are supplied i.e.
> ($ret,$password) = $r->get_basic_auth_pw;
>
> where $ret = 1;
>
> Then:
> 1. determine the AuthUserFile
> 2. use Apache::Htpasswd to check password
>
> -Carlos
>
>
>
>
>
>
>
> Todd Chapman wrote:
>
> > Problems with your suggestion:
> >
> > 1. The realm will not be known until I get path_info so
> > <Location></Location> directives will not work.
> >
> > 2. How can I get Perl to do the password lookup in the dynamically
> > selected AuthUserFile?
> >
> > Thanks for the help.
> >
> > -Todd
> >
> > On Wed, 27 Sep 2000, Carlos Ramirez wrote:
> >
> > > You can you use Location to specify seperate AuthUserFile's like so:
> > >
> > > <Location /companyA>
> > > AuthType Basic
> > > AuthName CompanyA
> > > AuthUserFile path/to/CompanyAUsersFile
> > >
> > > </Location>
> > > ....
> > > <Location /companyN>
> > > AuthType Basic
> > > AuthName CompanyN
> > > AuthUserFile path/to/CompanyNUsersFIle
> > > </Location>
> > >
> > >
> > > Or you can write your own AuthHandler that lookups up AuthName, AuthUserFile
> > > in a seperate file against the path_info. This will eliminate the need to
> > > flood you httpd.conf file with a bunch of <Location></Location> directives.
> > >
> > >
> > >
> > >
> > >
> > >
> > > Todd Chapman wrote:
> > >
> > > > I have read chapter 6 of the modperl book but still don't know how to set
> > > > up authenification the way I want. I would like to use Basic
> > > > authentification to protect virtual documents. The trick is that I want
> > > > to set AuthName and AuthUserFile based on path_info.
> > > >
> > > > For example:
> > > >
> > > > http://virtual/companyA/dir1
> > > >
> > > > would prompt for a password in the companyA realm and check it against the
> > > > appropriate AuthUserFile.
> > > >
> > > > How do I add this flexibility without reinventing the parts Apache already
> > > > does so well?
> > > >
> > > > Thanks.
> > > >
> > > > -Todd
> > >
> > > --
> > > -----------------------------------------------------------------------
> > > Carlos Ramirez + Boeing + Reusable Space Systems + 714.372.4181
> > > -----------------------------------------------------------------------
> > > - Someday I'll find that peer and reset his connection!
> > >
> > >
> > >
>
> --
> -----------------------------------------------------------------------
> Carlos Ramirez + Boeing + Reusable Space Systems + 714.372.4181
> -----------------------------------------------------------------------
> - Someday I'll find that peer and reset his connection!
>
>
>
