Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

Re: htaccess through perl without apache

by sutch (Curate)
on Mar 27, 2003 at 02:39 UTC ( [id://246148]=note: print w/replies, xml ) Need Help??


in reply to htaccess through perl without apache

Another option is to not deal with the htpasswd file and store and test user credentials within your program. For example:
use CGI; my $request = CGI->new; if( $ENV{'REMOTE_USER'} eq "sutch" && $ENV{'REMOTE_PASSWD' } eq "myb4d +" ) { # user is authenticated print $request->header; # return restricted web page here } else { print $request->header( '-status' => '401 Authentication required', +'-auth-type' => 'Basic', '-WWW-Authenticate' => 'Basic realm="My Rest +ricted Area"' ); # return failed authentication message here }
This will provide the user with the familiar username/password dialog box that is displayed when using htaccess. Instead of Apache handling the authentication though, the script tests the REMOTE_USER and REMOTE_PASSWD environment variables to authenticate the user.

A benefit of handling the authentication yourself is that you can also expire authenticated sessions and allow users to logout. This can be done by returning a 401 status with different realm text.

Replies are listed 'Best First'.
Re: Re: htaccess through perl without apache
by true (Pilgrim) on Mar 27, 2003 at 06:31 UTC
    This sounds interesting.

    But i'm not getting the environment variables REMOTE_USER and REMOTE_PASSWD returning anything. I login successfully with htaccess but neither return anything.

    #!/usr/bin/perl use CGI; my $request = CGI->new; print $request->header; print <<EOM; CHECK/$ENV{'REMOTE_USER'}/$ENV{'REMOTE_PASSWD'} EOM exit;
    This is running on Win2k Apache2 BTW.

    thanks update

    $ENV{'REMOTE_USER'} will return but $ENV{'REMOTE_PASSWD'} will not

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://246148]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others musing on the Monastery: (5)
As of 2024-03-28 19:32 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found