access to authenticaed userid 1

[perlone]

I have a site running on Apache (hosted by Mindspring / Earthlink). The site has a secure area with basic authentication triggered by an .htaccess file. This all works great.

In another perl script, I need to know the authenticated userid but REMOTE_USER is always blank. How can I reliably access the authenticated userid from perl (or javascript)?

I hope you can help, my brain hurts from reading books and searching the web.

 

[tsdragon]

Here's a subroutine that will return the userid from a basic authentication logon.

#-----------------------------------------------------------
# GetLogon
#-----------------------------------------------------------
#
# Gets the logged-on userid
#
# Decodes it from the HTTP_AUTHORIZATION header, which is the
# base64 encoding of userid:password (for BASIC AUTH).
#
#-----------------------------------------------------------

sub GetLogon {

my($authtype,$authstring) = split(' ', $ENV{'HTTP_AUTHORIZATION'});

return "unknown" unless $authtype =~ /basic/i;

# We COULD use the following two lines, but it would include
# code that we don't really need much.

#use MIME::Base64 ();
#$decoded = MIME::Base64::decode($encoded);

# The following code comes from perlfaq9

$authstring =~ tr[A-Za-z0-9+/][]cd; # remove non-base64 chars
$authstring =~ tr[A-Za-z0-9+/][ -_]; # convert to uuencoded format
$len = pack("c", 32 + 0.75*length($authstring)); # compute length byte
my $authstring = unpack("u", $len . $authstring); # uudecode and print

# Now we have userid:password. Split off just the userid
my ($user,undef) = split(':', $authstring);

return $user;

} # GetLogon

Tracy Dryden
tracy@bydisn.com

Meddle not in the affairs of dragons,
For you are crunchy, and good with mustard.

 

[perlone]

Thanks a lot!

 

[tsdragon]

You're welcome! I already had it sitting around, so all I had to do was cut&paste it here.
Tracy Dryden
tracy@bydisn.com

Meddle not in the affairs of dragons,
For you are crunchy, and good with mustard.