Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris

Re: automating basic authentication

by BooK (Curate)
on Sep 16, 2003 at 14:32 UTC ( #291831=note: print w/replies, xml ) Need Help??

in reply to automating basic authentication

What you want to do is to add auto-authentication to a particular web site. I'll talk about how you could do this with the next version of HTTP::Proxy, which will be out someday, when I have more time to work on the remaining details.

I must admit I haven't read your code that much, and that the old API is a little behind me now, but:

  • You simply have to add a filter that adds the correct WWW-Authenticate: header (you can sniff the connection, for example). You shouldn't receive any 401, since you are authenticated.
  • You should only push this filter for request that you need to authenticate:
    proxy->push_headers_filter( host => 'www\\.example\\.com', # it's a regexp request => sub { my ( $headers, $message ) = @_; $headers->header( Authorization => "Basic cm9verMSZXZhadDpRHRq +" ); } );
  • There is no need for a response filter, if the answer you get is a 200. If you are correctly authenticated by the server, it won't send back a WWW-Authenticate: header.
  • If you send the wrong password, you'll get a 401.
  • Did you try Basic instead of BASIC?
  • A possible application would be a filter that catches WWW-Authenticate: and Authorization: to store/cache authentication information and reuse it for all users.

In your post you say:

the docs for the module are quite basic

I resent that... ;-) In version 0.09, the HTTP/ file is 974 lines long, and there are 303 lines of pod documentation. Please tell me what's missing, so I can improve that in the next version (where 12 new modules will appear).

Warning: The HTTP::Proxy API will change a lot in version 0.10. It should be much easier to write simple filters, and a lot of helper filters and examples will be included. The latest CVS snapshot is always available from

For those interested, an example proxy is running most of the time on (It's a proxy: you need to configure your browser to use it.)

Replies are listed 'Best First'.
Re: Re: automating basic authentication
by cLive ;-) (Prior) on Sep 16, 2003 at 18:25 UTC
    "Please tell me what's missing"

    Just some more slightly complicated examples :) I get the general idea, but it would be good to include an example that does quite a bit more based on the request - eg, cookie retrieval and testing and then proceeding based on cookie value etc...

    But thanks for the reply. Much appreciated :)

    cLive ;-)

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://291831]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others having an uproarious good time at the Monastery: (4)
As of 2017-08-19 04:04 GMT
Find Nodes?
    Voting Booth?
    Who is your favorite scientist and why?

    Results (310 votes). Check out past polls.