[Catalyst] Applying external web server authentication: is there a better way?

Tomas Doran bobtfish at bobtfish.net
Wed Jun 3 17:41:57 GMT 2009

Stuart Watt wrote:
> I'm developing an app which uses IIS and FastCGI as its back end. Also, 
> we are expected by the client to use Windows integrated authentication 
> in the server -- this is an intranet app, so no login screen should be 
> expected.
> trying to read the one already performed, so I put together a 
> Catalyst::Authentication::Credential::Environment module, that simply 

Doh, you appear to have duplicated a chunk of effort:


> Is there another simple but better way to achieve this? Ideally one 
> which avoids the deprecated $c->request->user. I'm only starting to use 
> Catalyst for authentication stuff.

Not at the moment / in a released state.

The next Catalyst release will add $c->req->remote_user for this. There 
is currently a failing test (for a bug which has been in Catalyst 
forever) in trunk, and I'm hoping to get this fixed before we release 

I'm also going to be reviewing / merging this branch of 
Catalyst::Plugin::Authentication soonish (which I'm seriously late on 

So to answer your actual question, yes, what you're doing is the right 
thing to do, and will be present in 'officially released' software 
within the next couple of weeks max hopefully.

If you fancy reviewing the code I linked about, and trying it out to see 
if it works for you, and commenting on anything you think needs work 
(including documentation!), then that would be a great help :)


More information about the Catalyst mailing list