<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    Hi,<br>
    <br>
    thanks for confirming, that I didn't miss anything. I have – for now
    – resolved to something similar:<br>
    <br>
    my ($username,$password) =
    $c-&gt;req-&gt;headers-&gt;authorization_basic;<br>
    my ($u,$d) = split(/\@/,$username);<br>
    $c-&gt;req-&gt;headers-&gt;authorization_basic($u,$password);<br>
    my $res = $c-&gt;authenticate({}, $realm);<br>
    <br>
    if($c-&gt;user_exists) {<br>
        $c-&gt;log-&gt;debug("checking
    '".$c-&gt;user-&gt;domain-&gt;domain."' against '$d'");<br>
        if ($c-&gt;user-&gt;domain-&gt;domain ne $d) {<br>
            $c-&gt;user-&gt;logout;<br>
            $c-&gt;log-&gt;warn("invalid api http login from
    '".$c-&gt;req-&gt;address."'");<br>
            my $r = $c-&gt;get_auth_realm($realm);<br>
            $r-&gt;credential-&gt;authorization_required_response($c,
    $r);<br>
            return;<br>
        }<br>
        ...<br>
    } else {<br>
        $c-&gt;log-&gt;warn("invalid api http login from
    '".$c-&gt;req-&gt;address."'");<br>
        my $r = $c-&gt;get_auth_realm($realm);<br>
        $r-&gt;credential-&gt;authorization_required_response($c, $r);<br>
        return;<br>
    }<br>
    <br>
    <br>
    If I get around to it, I'll consider extending
    Catalyst::Authentication::Credential::HTTP because this sounds like
    a useful feature.<br>
    <br>
    -Gerhard<br>
    <br>
    <br>
    <br>
    <div class="moz-cite-prefix">On 2016-05-17 11:45, Dermot wrote:<br>
    </div>
    <blockquote
cite="mid:CAK+UtvK1jxrqFEkXH9Uqn+qkpSVJbQK5=rUJUQ07RYLF4ZgCmw@mail.gmail.com"
      type="cite">
      <div dir="ltr">We had a similar problem at $work. To get what we
        wanted we had to stop using the HTTP plugin and do something
        like this (warning: hand-written, un-tested code follows) in the
        Root controller.
        <div><br>
        </div>
        <div>my ( $username, $password ) =
          $c-&gt;request-&gt;headers-&gt;authorization_basic;<br>
        </div>
        <div>my $logged_in_user;</div>
        <div>if ( defined $username &amp;&amp; defined $password ) {<br>
        </div>
        <div> 
           some_method_in_users_that_concatenates_and_athenticates($username,
          $password);</div>
        <div>}<br>
        </div>
        <div><br>
        </div>
        <div>if ($logged_in_user) {</div>
        <div>   $c-&gt;stash(user =&gt; $logged_in_user;</div>
        <div>   ...</div>
        <div>}<br>
        </div>
        <div>else {</div>
        <div>  $c-&gt;response-&gt;header('WWW-Authenticate' =&gt;
          'Basic realm="MyRealm");</div>
        <div>  $c-&gt;response-&gt;content_type('text/plain');</div>
        <div>  $c-&gt;response-&gt;status(401);</div>
        <div>  $c-&gt;detach();</div>
        <div>}</div>
        <div><br>
        </div>
        <div><br>
        </div>
        <div>HTH,</div>
        <div>Dermot</div>
      </div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">On 13 May 2016 at 16:32, Gerhard
          Jungwirth <span dir="ltr">&lt;<a moz-do-not-send="true"
              href="mailto:gjungwirth@sipwise.com" target="_blank">gjungwirth@sipwise.com</a>&gt;</span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0
            .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
            <br>
            I am using Catalyst::Authentication::Store::DBIx::Class and<br>
            Catalyst::Authentication::Credential::HTTP with the
            following configuration:<br>
            <br>
                    my_realm =&gt; {<br>
                        credential =&gt; {<br>
                            class =&gt; 'HTTP',<br>
                            type =&gt; 'basic',<br>
                            username_field =&gt; 'username',<br>
                            password_field =&gt; 'password',<br>
                            password_type =&gt; 'clear',<br>
                        },<br>
                        store =&gt; {<br>
                            class =&gt; 'DBIx::Class',<br>
                            user_model =&gt; 'DB::my_user_table',<br>
                        },<br>
                    },<br>
            <br>
            Which works great. The thing is: I want the user to
            authenticate in the form "username@domain:password" using
            HTTP Basic Authentication, where username and domain are
            checked against separate fields in my DBIx::Class table.
            (Ideally, domain is checked against a related table in my
            schema)<br>
            <br>
            Is that supported? If not, can it be added? If not, how do
            you suggest I implement that?<br>
            <br>
            Thanks and Cheers,<br>
            Gerhard<br>
            <br>
            _______________________________________________<br>
            List: <a moz-do-not-send="true"
              href="mailto:Catalyst@lists.scsys.co.uk" target="_blank">Catalyst@lists.scsys.co.uk</a><br>
            Listinfo: <a moz-do-not-send="true"
              href="http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst"
              rel="noreferrer" target="_blank">http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst</a><br>
            Searchable archive: <a moz-do-not-send="true"
              href="http://www.mail-archive.com/catalyst@lists.scsys.co.uk/"
              rel="noreferrer" target="_blank">http://www.mail-archive.com/catalyst@lists.scsys.co.uk/</a><br>
            Dev site: <a moz-do-not-send="true"
              href="http://dev.catalyst.perl.org/" rel="noreferrer"
              target="_blank">http://dev.catalyst.perl.org/</a><br>
          </blockquote>
        </div>
        <br>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
List: <a class="moz-txt-link-abbreviated" href="mailto:Catalyst@lists.scsys.co.uk">Catalyst@lists.scsys.co.uk</a>
Listinfo: <a class="moz-txt-link-freetext" href="http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst">http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst</a>
Searchable archive: <a class="moz-txt-link-freetext" href="http://www.mail-archive.com/catalyst@lists.scsys.co.uk/">http://www.mail-archive.com/catalyst@lists.scsys.co.uk/</a>
Dev site: <a class="moz-txt-link-freetext" href="http://dev.catalyst.perl.org/">http://dev.catalyst.perl.org/</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>