[albany-pm] A login/logout Authentication Question
David Scott
david at scottcreativeservices.com
Sat May 17 07:37:14 PDT 2008
I have a directory auth/test.
It is .htaccess protected with a login and password.
I want the auth directory to have a login page where temporary access is
granted to a person who authenticates using off-site authentication.
I want to take that approved person using Location: to the test
directory already .htaccess authenticated. Once in, his browser will
allow him to access any pages in the test directory without having to
re-authenticate until the browser is closed. I know that if I either
change .htaccess or remove the person from .htgroup any further attempts
to access the test directory will result in .htaccess asking for a login
and password.
I want .htaccess to allow anyone from an .htgroup file.
After logging in, I will add that person to the .htgroup file before
taking him to the test directory. I want to temporarily allow that
person to use the test directory then logout. At that time I will drop
that person from .htgroup file. I will generate the passwords for the
password file so the visitor never knows the real login/password he is
using. Even if he does know it, I will change it for his next access.
This way, a group of people with different login's and passwords can
access the test directory only as many times as my program allows.
.
I have tried LWP::UserAgent credentials() with no success. .htaccess
just asks for a login and password when the person arrives at the test
directory.
#code snippet
my $ua = new LWP::UserAgent(keep_alive=>1);
$ua->credentials('secure.ourshoppingkart.com:443', 'Members Only',
'davidscott', 'avocado'); I also tried port 80 and the DES encrypted
password.
I have also tried HTTP::Headers with the same result
.
$uname = 'davidscott';
$password = 'avocado'; # I also tried the DES encrypted version
'avU2MAZFSWxuY'
require HTTP::Headers;
$h = HTTP::Headers->new;
$h->www_authenticate;
$h->authorization_basic($uname, $password);
I think what I need to do is create/set http header fields and values.
Remote_User, Remote_Password,WWW.Authenticate,and Keep_Alive.
Does anyone have any suggestions or know what I need to do to accomplish
this?
Thanks,
David Scott
More information about the Albany-pm
mailing list