Hello all,
thank you for your suggestions to my problem. I have solved it this way:
use Apache ();
my $r=Apache->request();
my $auth=$r->header_in("Authorization");
$auth =~ s/Basic//;
my ($user, $pass)=split(/:/, decode_base64($auth));
Apache is configured *without* any Authentication handlers.
Hi,
> On Wed, Sep 14, 2005 at 05:41:35AM +0200, Gerald Richter wrote:
> > > Of course, Basic Authentication is evil, and should only
> be used for
> > > toy projects (since it doesn't scale) over HTTPS.
> >
> > I see that, since password is transmitted in clear text, it is a
> > security probl
On Wed, Sep 14, 2005 at 05:41:35AM +0200, Gerald Richter wrote:
> > Of course, Basic Authentication is evil, and should only be
> > used for toy projects (since it doesn't scale) over HTTPS.
>
> I see that, since password is transmitted in clear text, it is a security
> problem in http, but where
At Tue, 13 Sep 2005 21:33:28 +0200, Dirk Jagdmann wrote:
> Or would it be possible if I code a custom Auth Handler (as shown in the
> mod_perl manual) and then store the password somewhere where I can
> access it from my (Emb)perl code?
Best would be to write a custom auth handler and do whatever
>
> I haven't tried it, but you should just be able to get the
> Authorization http header (via the apache request) and base64
> decode it, giving you a 'username:password' string.
>
That will work,
($ret, $pw) = $req_rec -> get_basic_auth_pw ;
Will do it for you (see perldoc Apache).
> Of
On Tue, Sep 13, 2005 at 09:33:28PM +0200, Dirk Jagdmann wrote:
> I'm currently developing a software which is receiving requests via http
> where username and password are transmitted via HTTP (basic)
> authentication (as base64 encoded string in the HTTP request header).
> The other parameters are
