[Catalyst] Applying external web server authentication: is there a better way?

Stuart Watt swatt at infobal.com
Wed Jun 3 18:22:03 GMT 2009

Many thanks, Tomas, just what I needed. Right now I'm still on 5.7 due =

to an immediate release, but next week I'll go to 5.8, and then I'll be =

happy to review and test a better solution. Credential::Remote looks =

like what I didn't find. When I started working with this authentication =

issue, I wouldn't even have understood Credential::Remote type code, but =

by Monday I'll be better placed and have time enough to give it a =

thorough test.

All the best

Tomas Doran wrote:
> Stuart Watt wrote:
>> I'm developing an app which uses IIS and FastCGI as its back end. =

>> Also, we are expected by the client to use Windows integrated =

>> authentication in the server -- this is an intranet app, so no login =

>> screen should be expected.
> <snip>
>> trying to read the one already performed, so I put together a =

>> Catalyst::Authentication::Credential::Environment module, that simply =

> Doh, you appear to have duplicated a chunk of effort:
> http://dev.catalyst.perl.org/repos/Catalyst/branches/Catalyst-Plugin-Auth=
pm =

>> Is there another simple but better way to achieve this? Ideally one =

>> which avoids the deprecated $c->request->user. I'm only starting to =

>> use Catalyst for authentication stuff.
> Not at the moment / in a released state.
> The next Catalyst release will add $c->req->remote_user for this. =

> There is currently a failing test (for a bug which has been in =

> Catalyst forever) in trunk, and I'm hoping to get this fixed before we =

> release 5.80005.
> I'm also going to be reviewing / merging this branch of =

> Catalyst::Plugin::Authentication soonish (which I'm seriously late on =

> already)!
> So to answer your actual question, yes, what you're doing is the right =

> thing to do, and will be present in 'officially released' software =

> within the next couple of weeks max hopefully.
> If you fancy reviewing the code I linked about, and trying it out to =

> see if it works for you, and commenting on anything you think needs =

> work (including documentation!), then that would be a great help :)
> Cheers
> t0m
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: =

> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
> -- =

> This message was scanned by ESVA and is believed to be clean.
> Click here to report this message as spam. =

> http://antispam.infobal.com/cgi-bin/learn-msg.cgi?id=3D8D20F27F14.90E6C

-- =

Stuart Watt
ARM Product Developer
Information Balance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20090603/2679a=

More information about the Catalyst mailing list