1Plack::Middleware::AuthU:s:eBrasCiocn(t3r)ibuted Perl DoPcluamcekn:t:aMtiidodnleware::Auth::Basic(3)
2
3
4

NAME

6       Plack::Middleware::Auth::Basic - Simple basic authentication middleware
7

SYNOPSIS

9         use Plack::Builder;
10         my $app = sub { ... };
11
12         builder {
13             enable "Auth::Basic", authenticator => \&authen_cb;
14             $app;
15         };
16
17         sub authen_cb {
18             my($username, $password) = @_;
19             return $username eq 'admin' && $password eq 's3cr3t';
20         }
21

DESCRIPTION

23       Plack::Middleware::Auth::Basic is a basic authentication handler for
24       Plack.
25

CONFIGURATION

27       authenticator
28           A callback function that takes username and password supplied and
29           returns whether the authentication succeeds. Required.
30
31           Authenticator can also be an object that responds to "authenticate"
32           method that takes username and password and returns boolean, so
33           backends for Authen::Simple is perfect to use:
34
35             use Authen::Simple::LDAP;
36             enable "Auth::Basic", authenticator => Authen::Simple::LDAP->new(...);
37
38       realm
39           Realm name to display in the basic authentication dialog. Defaults
40           to restricted area.
41

LIMITATIONS

43       This middleware expects that the application has a full access to the
44       headers sent by clients in PSGI environment. That is normally the case
45       with standalone Perl PSGI web servers such as Starman or
46       HTTP::Server::Simple::PSGI.
47
48       However, in a web server configuration where you can't achieve this
49       (i.e. using your application via Apache's mod_cgi), this middleware
50       does not work since your application can't know the value of
51       "Authorization:" header.
52
53       If you use Apache as a web server and CGI to run your PSGI application,
54       you can either a) compile Apache with
55       "-DSECURITY_HOLE_PASS_AUTHORIZATION" option, or b) use mod_rewrite to
56       pass the Authorization header to the application with the rewrite rule
57       like following.
58
59         RewriteEngine on
60         RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
61

AUTHOR

63       Tatsuhiko Miyagawa
64

SEE ALSO

66       Plack
67
68
69
70perl v5.12.3                      2011-06-22 Plack::Middleware::Auth::Basic(3)
Impressum