Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

Re: automating basic authentication

by BooK (Curate)
on Sep 16, 2003 at 14:32 UTC ( #291831=note: print w/ replies, xml ) Need Help??


in reply to automating basic authentication

What you want to do is to add auto-authentication to a particular web site. I'll talk about how you could do this with the next version of HTTP::Proxy, which will be out someday, when I have more time to work on the remaining details.

I must admit I haven't read your code that much, and that the old API is a little behind me now, but:

  • You simply have to add a filter that adds the correct WWW-Authenticate: header (you can sniff the connection, for example). You shouldn't receive any 401, since you are authenticated.
  • You should only push this filter for request that you need to authenticate:
    proxy->push_headers_filter( host => 'www\\.example\\.com', # it's a regexp request => sub { my ( $headers, $message ) = @_; $headers->header( Authorization => "Basic cm9verMSZXZhadDpRHRq +" ); } );
  • There is no need for a response filter, if the answer you get is a 200. If you are correctly authenticated by the server, it won't send back a WWW-Authenticate: header.
  • If you send the wrong password, you'll get a 401.
  • Did you try Basic instead of BASIC?
  • A possible application would be a filter that catches WWW-Authenticate: and Authorization: to store/cache authentication information and reuse it for all users.

In your post you say:

the docs for the module are quite basic

I resent that... ;-) In version 0.09, the HTTP/Proxy.pm file is 974 lines long, and there are 303 lines of pod documentation. Please tell me what's missing, so I can improve that in the next version (where 12 new modules will appear).

Warning: The HTTP::Proxy API will change a lot in version 0.10. It should be much easier to write simple filters, and a lot of helper filters and examples will be included. The latest CVS snapshot is always available from http://http-proxy.mongueurs.net/.

For those interested, an example proxy is running most of the time on home.bruhat.net:8080. (It's a proxy: you need to configure your browser to use it.)


Comment on Re: automating basic authentication
Download Code
Re: Re: automating basic authentication
by cLive ;-) (Parson) on Sep 16, 2003 at 18:25 UTC
    "Please tell me what's missing"

    Just some more slightly complicated examples :) I get the general idea, but it would be good to include an example that does quite a bit more based on the request - eg, cookie retrieval and testing and then proceeding based on cookie value etc...

    But thanks for the reply. Much appreciated :)

    cLive ;-)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://291831]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (7)
As of 2014-09-21 22:15 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (176 votes), past polls