Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

[Mason] Sending right header to force http basic authentication

by jeteve (Pilgrim)
on Nov 25, 2005 at 15:19 UTC ( #511687=perlquestion: print w/ replies, xml ) Need Help??
jeteve has asked for the wisdom of the Perl Monks concerning the following question:

Hi !

I'd like to make a component that forces the user to authenticate again. I founded how to do it in php, this is simple as that:

<?php Header("WWW-Authenticate: Basic realm=\"My Realm\""); Header("HTTP/1.0 401 Unauthorized"); echo "You canceled authentication\n"; exit; ?>

But I cannot figured out how to do it in mason. I tried:

<%flags> inherit=> undef </%flags> <%perl> $m->autoflush(0); $m->clear_buffer(); $r->header_out->add("WWW-Authenticate" => 'Basic realm="RealmChain"'); $r->header_out->add("HTTP/1.0 401 Unauthorized" => ''); $r->send_http_header(); $m->abort(); </%perl>
But it just make my browser display a void page.

Could anybody can help ?

Thanks ! Jerome.

-- Nice photos of naked perl sources here !

Comment on [Mason] Sending right header to force http basic authentication
Select or Download Code
Re: [Mason] Sending right header to force http basic authentication
by simonm (Vicar) on Nov 26, 2005 at 03:51 UTC
    See this section of the Mason documentation.

    Perhaps semething like this:

    <%perl> $m->autoflush(0); $m->clear_buffer(); $r->header_out->add("WWW-Authenticate" => 'Basic realm="RealmChain"'); $r->send_http_header(); $m->abort("401 Unauthorized"); </%perl>
      This doesn't seem to work. Although abort() forced the correct status (401), it somehow removed the WWW-Authenticate header:
      $r->header_out->add("WWW-Authenticate" => 'Basic realm="RealmChain"'); $r->send_http_header();
        try : $r->err_header_out instead of $r->header_out
Re: [Mason] Sending right header to force http basic authentication
by Anonymous Monk on Nov 28, 2005 at 21:43 UTC
    I think you are going to find that this is highly browser-dependent as well... in general basic auth does not support forcing a user to re-authenticate! http://httpd.apache.org/docs/1.3/howto/auth.html#basicfaq

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://511687]
Approved by jfroebe
Front-paged by planetscape
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (8)
As of 2015-07-07 05:28 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (87 votes), past polls