Catalyst::Plugin::Authentication::Credential::HTTP - HTTP Basic and Digest authentication for Catalyst.
use Catalyst qw/ Authentication Authentication::Store::Moose Authentication::Credential::HTTP /; __PACKAGE__->config->{authentication}{http}{type} = 'any'; # or 'digest' or 'basic' __PACKAGE__->config->{authentication}{users} = { Mufasa => { password => "Circle Of Life", }, }; sub foo : Local { my ( $self, $c ) = @_; $c->authorization_required( realm => "foo" ); # named after the status code ;-) # either user gets authenticated or 401 is sent do_stuff(); } # with ACL plugin __PACKAGE__->deny_access_unless("/path", sub { $_[0]->authenticate_http }); sub end : Private { my ( $self, $c ) = @_; $c->authorization_required_response( realm => "foo" ); $c->error(0); }
This moduule lets you use HTTP authentication with Catalyst::Plugin::Authentication. Both basic and digest authentication are currently supported.
Tries to authenticate_http, and if that fails calls authorization_required_response and detaches the current action call stack.
authenticate_http
authorization_required_response
This method just passes the options through untouched.
Looks inside $c->request->headers and processes the digest and basic (badly named) authorization header.
$c->request->headers
This will only try the methods set in the configuration.
See the next two methods for what %opts can contain.
Try to authenticate one of the methods without checking if the method is allowed in the configuration.
%opts can contain store (either an object or a name), user (to disregard %the username from the header altogether, overriding it with a username or user %object).
store
user
Sets $c->response to the correct status code, and adds the correct header to demand authentication data from the user agent.
$c->response
Typically used by authorization_required, but may be invoked manually.
authorization_required
%opts can contain realm, domain and algorithm, which are used to build %the digest header.
realm
domain
algorithm
Set or get the $nonce object used by the digest auth mode.
$nonce
You may override these methods. By default they will call get and set on $c->cache.
get
set
$c->cache
All configuration is stored in YourApp->config->{authentication}{http}.
YourApp->config->{authentication}{http}
This should be a hash, and it can contain the following entries:
Either a name or an object -- the default store to use for HTTP authentication.
Can be either any (the default), basic or digest.
any
basic
digest
This controls authorization_required_response and authenticate_http, but not the "manual" methods.
Yuval Kogman, nothingmuch@woobling.org
nothingmuch@woobling.org
Jess Robinson
Sascha Kiefer esskar@cpan.org
esskar@cpan.org
Copyright (c) 2005-2006 the aforementioned authors. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
To install Catalyst::Plugin::Authentication::Credential::HTTP, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Catalyst::Plugin::Authentication::Credential::HTTP
CPAN shell
perl -MCPAN -e shell install Catalyst::Plugin::Authentication::Credential::HTTP
For more information on module installation, please visit the detailed CPAN module installation guide.