Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask

Re: Re: Re: Incorporate .htaccess password protection in a CGI script

by swiftone (Curate)
on Oct 24, 2002 at 00:08 UTC ( #207583=note: print w/replies, xml ) Need Help??

in reply to Re: •Re: Incorporate .htaccess password protection in a CGI script
in thread Incorporate .htaccess password protection in a CGI script

The problem I'm would like to solve is authenticating via a CGI script (instead of the popup) and then track the user via something like REMOTE_USER.

Oh! Sorry, not possible. The user info and popup is controlled via the browser-server connection, before a CGI takes effect. (You can control this interaction via a mod_perl handler, but you options are still limited because so much happens at the browser level)

You could, in theory, have a .htaccess protected area, with a CGI login script that forwarded you to http://user:password@domain/path/file.html that would bypass the "popup", and include a custom 403 (forbidden) page that sends you to that script should someone try to come in by another method, but that's pretty clunky, and I'm pretty sure (not positive) that that's a netscape convention and not a universal one (though I think IE also supports it).

There is a reason most places eventually go to sessions :) Even if .htaccess control is elegant, they want the script interface, and they aren't compatible.

Update: The eagle book has a good section on what the server/browser are doing behind the scenes for authentication/authorization. It won't help you do what your trying (I've tried it myself), but it does explain what's happening and lets you understand why it doesn't work.

Also added the bit about 403 above.

  • Comment on Re: Re: Re: Incorporate .htaccess password protection in a CGI script

Replies are listed 'Best First'.
Re: Re: Re: Re: Incorporate .htaccess password protection in a CGI script
by nedals (Deacon) on Oct 24, 2002 at 01:52 UTC

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://207583]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (4)
As of 2018-03-20 07:15 GMT
Find Nodes?
    Voting Booth?
    When I think of a mole I think of:

    Results (248 votes). Check out past polls.