[Catalyst] Catalyst with HTTP authentication

Lukas Thiemeier spamcatcher at thiemeier.net
Mon Mar 11 18:54:33 GMT 2013 

Hi,

I just had some time to try it: C::Authentication::Credential::HTTP and
C::Authentication::Store::Htpasswd work together just fine. Here is my
setup:

in TestApp.pm:

use Catalyst qw/
    ConfigLoader
    Authentication
/;

__PACKAGE__->config(
"Plugin::Authentication" => {
        realms => {
            default => {
                credential => {
                    class => 'HTTP',
                    type => "basic",
                    password_field => 'check_password',
                    password_type => 'self_check',
                },
                store => {
                    class => 'Htpasswd',
                    file => "/tmp/htpasswd",
                },
            },
        },
    },
);


and in Controller/Root.pm (or wherever you need it):

sub index :Path :Args(0) {
    my ( $self, $c ) = @_;
    $c->authenticate;

    if($c->user_exists){
        $c->res->body("logged in");
    }
}

The tricky part is that you have to set "password_field" and
"password_type" correctly, which is not documented. (You have to know
how Catalyst Authentication works and read the docs for Authen::Htpasswd
to find out)

I still recommend to use C::A::Credential::Remote. Let the server do the
job, and keep your application small and simple.

Plus: You can add digest authentication,  certificate authentication,
kerberos authentication and whatever your server supports without
modifying your application.

 Lukas



On 03/11/2013 03:10 PM, Robert Rothenberg wrote:
> I have a project that requires using HTTP authentication.
> 
> There is a Catalyst::Authentication::Credential::HTTP module, but from the
> documentation, it does not seem to support using htpasswd files, which I
> need, because a separate web site will be using that file.
> 
> There is Catalyst::Authentication::Store::Htpasswd, but it does not work
> with Catalyst::Authentication::Credential::HTTP.
> 
> I'm not clear on how to do this, without having to write my own handlers for
> HTTP authentication.
> 
> 
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/

More information about the Catalyst mailing list