Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Re: Re: Re: Incorporate .htaccess password protection in a CGI script

by swiftone (Curate)
on Oct 24, 2002 at 00:08 UTC ( #207583=note: print w/ replies, xml ) Need Help??


in reply to Re: •Re: Incorporate .htaccess password protection in a CGI script
in thread Incorporate .htaccess password protection in a CGI script

The problem I'm would like to solve is authenticating via a CGI script (instead of the popup) and then track the user via something like REMOTE_USER.

Oh! Sorry, not possible. The user info and popup is controlled via the browser-server connection, before a CGI takes effect. (You can control this interaction via a mod_perl handler, but you options are still limited because so much happens at the browser level)

You could, in theory, have a .htaccess protected area, with a CGI login script that forwarded you to http://user:password@domain/path/file.html that would bypass the "popup", and include a custom 403 (forbidden) page that sends you to that script should someone try to come in by another method, but that's pretty clunky, and I'm pretty sure (not positive) that that's a netscape convention and not a universal one (though I think IE also supports it).

There is a reason most places eventually go to sessions :) Even if .htaccess control is elegant, they want the script interface, and they aren't compatible.

Update: The eagle book has a good section on what the server/browser are doing behind the scenes for authentication/authorization. It won't help you do what your trying (I've tried it myself), but it does explain what's happening and lets you understand why it doesn't work.

Also added the bit about 403 above.


Comment on Re: Re: Re: Incorporate .htaccess password protection in a CGI script
Re: Re: Re: Re: Incorporate .htaccess password protection in a CGI script
by nedals (Deacon) on Oct 24, 2002 at 01:52 UTC

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://207583]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others scrutinizing the Monastery: (9)
As of 2014-07-30 23:05 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (241 votes), past polls