Re: auth mechanism and req. record

[prev] [thread] [next] [Date index for 2005/04/22]

From: Geoffrey Young
Subject: Re: auth mechanism and req. record
Date: 13:15 on 22 Apr 2005


Dintelmann, Peter wrote:
> When you are implementing your own authentication mechanism e.g.
> in a server using the multiprotocol feature you have to pass two
> pieces of information to the Auth handler: the name of the auth
> mechanism used and the data submitted by the client (e.g. a MD5
> hash).
> 
> The name of the auth mechanism can be passed via $r->ap_auth_type().
> But what is the the correct way to pass the client auth data? Should
> I use the request notes table to this end?

I'm not sure I follow what you need but I'll try.

all data passed from the client is available.  in this instance you probably
want $r->headers_in->get('Authorization') to grab the authentication
information sent by the client.

but if you're trying to do digest authentication yourself there is a better way:

  for apache 2.1:

    http://search.cpan.org/dist/Apache-AuthenHook/

  for apache 1.3

    http://search.cpan.org/dist/Apache-AuthDigest/

HTH

--Geoff

auth mechanism and req. record
Dintelmann, Peter 12:39 on 22 Apr 2005

Re: auth mechanism and req. record
Geoffrey Young 13:15 on 22 Apr 2005

Generated at 09:30 on 27 Apr 2005 by mariachi v0.52