Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Re: Authentication and CGI

by flocto (Pilgrim)
on Mar 24, 2002 at 02:25 UTC ( [id://153862]=note: print w/replies, xml ) Need Help??


in reply to Authentication and CGI

I think that HTTP-Authentication is the way to go. That's how I set up all my sites and it's working really well.

You don't even have to know how the authentication algorithm works, since all you have to do is write a small CGI wrapper around htpasswd so people can add themselves. After successfull authentication you can find the username in the REMOTE_USER environment variable.

But, passwords will be submited unencripted, so if you make something important you might want to use some encrypted, like an SSL server or MD5-Digest authentication.

Doing HTTP authentication in perl isn't hard either: You have to send an header with the status 403 (Unauthorized) which will pop up the username/password dialog on the client side. Then you have to look for the "Http-authentication" (or something like this) header field which contains (BASE64 encoded) "username:password". There you go :)

-octo-

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://153862]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others perusing the Monastery: (5)
As of 2024-04-19 06:28 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found