Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

[Mason] Sending right header to force http basic authentication

by jeteve (Pilgrim)
on Nov 25, 2005 at 15:19 UTC ( #511687=perlquestion: print w/ replies, xml ) Need Help??
jeteve has asked for the wisdom of the Perl Monks concerning the following question:

Hi !

I'd like to make a component that forces the user to authenticate again. I founded how to do it in php, this is simple as that:

<?php Header("WWW-Authenticate: Basic realm=\"My Realm\""); Header("HTTP/1.0 401 Unauthorized"); echo "You canceled authentication\n"; exit; ?>

But I cannot figured out how to do it in mason. I tried:

<%flags> inherit=> undef </%flags> <%perl> $m->autoflush(0); $m->clear_buffer(); $r->header_out->add("WWW-Authenticate" => 'Basic realm="RealmChain"'); $r->header_out->add("HTTP/1.0 401 Unauthorized" => ''); $r->send_http_header(); $m->abort(); </%perl>
But it just make my browser display a void page.

Could anybody can help ?

Thanks ! Jerome.

-- Nice photos of naked perl sources here !

Comment on [Mason] Sending right header to force http basic authentication
Select or Download Code
Re: [Mason] Sending right header to force http basic authentication
by simonm (Vicar) on Nov 26, 2005 at 03:51 UTC
    See this section of the Mason documentation.

    Perhaps semething like this:

    <%perl> $m->autoflush(0); $m->clear_buffer(); $r->header_out->add("WWW-Authenticate" => 'Basic realm="RealmChain"'); $r->send_http_header(); $m->abort("401 Unauthorized"); </%perl>
      This doesn't seem to work. Although abort() forced the correct status (401), it somehow removed the WWW-Authenticate header:
      $r->header_out->add("WWW-Authenticate" => 'Basic realm="RealmChain"'); $r->send_http_header();
        try : $r->err_header_out instead of $r->header_out
Re: [Mason] Sending right header to force http basic authentication
by Anonymous Monk on Nov 28, 2005 at 21:43 UTC
    I think you are going to find that this is highly browser-dependent as well... in general basic auth does not support forcing a user to re-authenticate! http://httpd.apache.org/docs/1.3/howto/auth.html#basicfaq

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://511687]
Approved by jfroebe
Front-paged by planetscape
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others studying the Monastery: (2)
As of 2014-07-26 14:03 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (177 votes), past polls