http://www.perlmonks.org?node_id=200597


in reply to CGI Advice

For requirement (2) you can get the submitted password user name from $ENV{REMOTE_USER}. Presumably if he got this far then this user is properly logged on, so you'd just check whether this particular user has delete rights. Or if you want him to submit his authentication a second time for security, you can get him to do that into a CGI form and then check validity using Apache::Htpasswd.

edit 26/9/02 spartacus9 is quite right, and tactful to call it a 'minor' point - it is of course the user name you get and not the password - my bad.§ George Sherston

Replies are listed 'Best First'.
Re: Re: CGI Advice
by spartacus9 (Beadle) on Sep 26, 2002 at 03:21 UTC
    minor clarification, but it is important to note that you cannot get the actual password from reading $ENV{REMOTE_USER}, or any other environment variable for that matter. $ENV{REMOTE_USER} will give you the username under which the user has authenticated, but not the password. That said, George Sherston is correct in that you can assume that if he got far enough to populate the REMOTE_USER variable that he is properly logged in.