I'm trying to write a proxy server that will automatically add basic authentication to a request to a particular host. I've been having a play with BooK's HTTP::Proxy, but can't seem to get it to work as expected. Here's the server:
#!/usr/bin/perl
use HTTP::Proxy qw();
use strict;
use warnings;
my $proxy = HTTP::Proxy->new( port => 3128 );
$proxy->push_headers_filter(
request => sub {
my $headers = shift;
# grabbed from http request header of logged in browser
$headers->header( Authorization => "BASIC cm9verMSZXZhadDpRHRq
+");
},
response => sub {
$_[0]->remove_header(qw(WWW-Authenticate));
},
);
$proxy->start;
So far, the proxy server works OK as far as other domains go. But, when I try to connect to the authentication server, I still get the enter password box.
Any suggestions on how to proceed?
I'm not 100% sure I'm doing this the right way either - the docs for the module are quite basic, and I haven't found any tutorials yet on writing proxies.
The above example is for just one password. In reality, there may be a few, and I need to add the correct encrypted password to the request header as appropriate.
Or maybe there's a better way to achieve this? What I need to be able to do is:
- authenticate users via proxy (probably set a session cookie)
- when authenticated by the proxy, if a user calls a password protected server in my list, I automatically add Authorization headers to requests, so they get a seamless login and don't have to know passwords (and I can lock them out as needed)
- only call the push_headers_filter() method if user's sessioncookie is valid and site is on list.
I do not have access to the machine sending the username/password challenges.
Any thoughts or suggestions?
cLive ;-)
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.