I'm trying to write a proxy server that will automatically add basic authentication to a request to a particular host. I've been having a play with BooK's HTTP::Proxy, but can't seem to get it to work as expected. Here's the server:

#!/usr/bin/perl
use HTTP::Proxy qw();
use strict;
use warnings;

my $proxy = HTTP::Proxy->new( port => 3128 );

$proxy->push_headers_filter(
    request => sub {
        my $headers = shift;
        # grabbed from http request header of logged in browser
        $headers->header( Authorization => "BASIC cm9verMSZXZhadDpRHRq
+");
    },
    response => sub {
        $_[0]->remove_header(qw(WWW-Authenticate));
    },
);
$proxy->start;
[download]

So far, the proxy server works OK as far as other domains go. But, when I try to connect to the authentication server, I still get the enter password box.

Any suggestions on how to proceed?

I'm not 100% sure I'm doing this the right way either - the docs for the module are quite basic, and I haven't found any tutorials yet on writing proxies.

The above example is for just one password. In reality, there may be a few, and I need to add the correct encrypted password to the request header as appropriate.

Or maybe there's a better way to achieve this? What I need to be able to do is:

• authenticate users via proxy (probably set a session cookie)
• when authenticated by the proxy, if a user calls a password protected server in my list, I automatically add Authorization headers to requests, so they get a seamless login and don't have to know passwords (and I can lock them out as needed)
• only call the push_headers_filter() method if user's sessioncookie is valid and site is on list.

I do not have access to the machine sending the username/password challenges.

Any thoughts or suggestions?

cLive ;-)