[Catalyst] Applying external web server authentication: is there a better way?

Stuart Watt swatt at infobal.com
Wed Jun 3 14:07:48 GMT 2009

I'm developing an app which uses IIS and FastCGI as its back end. Also, =

we are expected by the client to use Windows integrated authentication =

in the server -- this is an intranet app, so no login screen should be =


Picking up the user id is fairly easy - it's set as the REMOTE_USER CGI =

header by IIS authentication, and the engine puts it into the deprecated =

$c->request->user. I was using this as the identity (bad, I know) and =

got burned by the fact that we couldn't properly test multiple users =

with Test::WWW::Mechanize::Catalyst.

I wanted to switch to Catalyst::Plugin::Authentication. This seemed a =

little unusual when we aren't really doing any authentication, but =

trying to read the one already performed, so I put together a =

Catalyst::Authentication::Credential::Environment module, that simply =

reads (the still deprecated) $c->request->user. I didn't really want to =

do all the authentication with Catalyst::Plugin::Authentication, even =

though is seems possible. And testing was now easy, we got per-user =

sessions, and everything. Anyway, what I wrote as the main method was:

sub authenticate {
    my ( $self, $c, $realm, $auth_info ) =3D @_;
    $c->log->debug("Using environment authentication");
    my $username =3D $c->request->user();
    if ( defined( $username ) && ( $username ne '' )) {
        my $user_obj =3D $realm->find_user( { username =3D> $username }, $c=
        if ( ref( $user_obj ) ) {
            $user_obj->id( $username );
            return $user_obj;

Is there another simple but better way to achieve this? Ideally one =

which avoids the deprecated $c->request->user. I'm only starting to use =

Catalyst for authentication stuff.

All the best
-- =

Stuart Watt
ARM Product Developer
Information Balance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20090603/0879b=

More information about the Catalyst mailing list