Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

non-mod_perl authentication

by gri6507 (Deacon)
on Nov 26, 2002 at 15:37 UTC ( [id://215846]=perlquestion: print w/replies, xml ) Need Help??

gri6507 has asked for the wisdom of the Perl Monks concerning the following question:

Hi

I must apologize ahead of time if some monks deem this content inappropriate. I am new to website authentication and am not sure if I have all my facts straight. My server is running Win2k with Apache2.0, which I do not believe comes with mod_perl. I was looking for alternatives to user authentication. My idea was have a .htaccess + .htpasswd files and then have a regular CGI script pass the user credintials to the protected page like this http://$username:$passwd@$server/$restrictedPage. Is this acceptable for mediocre security? Also, once a user is logged in, is there some ENV var set that says who is logged in, so that my CGI script can deal with that user directly?

Thanks for your help.

Replies are listed 'Best First'.
Re: non-mod_perl authentication
by Chmrr (Vicar) on Nov 26, 2002 at 15:50 UTC

    A quick clarification -- mod_perl is not needed to do HTTP Simple authentication, which is what .htaccess and .htpasswd files will get you by default. Also, mod_perl is easy to get for Apache 2.0 under win32.

    That being said, this is more of an Apache question than a perl question. You simply need to set up your .htaccess and .htpasswd files correctly, and without any perl programming, you'll get Simple authentication (which may or may not be what you want..) A quick search turned up this quick guide to writing said files. As it notes, $ENV{REMOTE_USER} will be set to the remote user name.

    mod_perl will come in handy if you want to authenticate against other, more complicated authentication sources.

    perl -pe '"I lo*`+$^X$\"$]!$/"=~m%(.*)%s;$_=$1;y^`+*^e v^#$&V"+@( NO CARRIER'

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://215846]
Approved by valdez
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others taking refuge in the Monastery: (4)
As of 2024-03-29 00:20 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found