Catching the Auth Basic infromation?

[Haunter]

I would like to know who has logged in to
the site via Auth Basic under apache and then retrieve other access about them from a database based on the information. I have root access Linux RH7.2 system so that is not a problem of making the script owned by root.

Is this even possible?

 

[Coderifous]

I'm not sure if this is what you mean, but, in apache, there is an environment variable that houses the username if the user is in fact 'logged in'. It's something like HTTP_USER_AUTH or something like that. I can't remember though.

 

[Haunter]

That is the one. Ty

 

[tsdragon]

I think this is what you want:

#---------------------------------------------------------------------
# GetLogon
#---------------------------------------------------------------------
#
# Gets the logged-on userid for the admin section
#
# Decodes it from the HTTP_AUTHORIZATION header, which is the
# base64 encoding of userid:password (for BASIC AUTH).
#
#---------------------------------------------------------------------

sub GetLogon {

my($authtype,$authstring) = split(' ', $ENV{'HTTP_AUTHORIZATION'});

return "unknown" unless $authtype =~ /basic/i;

# We COULD use the following two lines, but it would include
# code that we don't really need much.

#use MIME::Base64 ();
#$decoded = MIME::Base64::decode($encoded);

# The following code comes from perlfaq9

$authstring =~ tr[A-Za-z0-9+/][]cd;					# remove non-base64 chars
$authstring =~ tr[A-Za-z0-9+/][ -_];				# convert to uuencoded format
$len = pack("c", 32 + 0.75*length($authstring));	# compute length byte
my $authstring = unpack("u", $len . $authstring);	# uudecode and print

# Now we have userid:password. Split off just the userid
my ($user,undef) = split(':', $authstring);

return $user;

} # GetLogon

Tracy Dryden
tracy@bydisn.com

http://www.bydisn.com

Meddle not in the affairs of dragons,
For you are crunchy, and good with mustard.