1Plack::Middleware::AuthU:s:eBrasCiocn(t3r)ibuted Perl DoPcluamcekn:t:aMtiidodnleware::Auth::Basic(3)
2
3
4
6 Plack::Middleware::Auth::Basic - Simple basic authentication middleware
7
9 use Plack::Builder;
10 my $app = sub { ... };
11
12 builder {
13 enable "Auth::Basic", authenticator => \&authen_cb;
14 $app;
15 };
16
17 sub authen_cb {
18 my($username, $password, $env) = @_;
19 return $username eq 'admin' && $password eq 's3cr3t';
20 }
21
23 Plack::Middleware::Auth::Basic is a basic authentication handler for
24 Plack.
25
27 authenticator
28 A callback function that takes username, password and PSGI
29 environment supplied and returns whether the authentication
30 succeeds. Required.
31
32 Authenticator can also be an object that responds to "authenticate"
33 method that takes username and password and returns boolean, so
34 backends for Authen::Simple is perfect to use:
35
36 use Authen::Simple::LDAP;
37 enable "Auth::Basic", authenticator => Authen::Simple::LDAP->new(...);
38
39 realm
40 Realm name to display in the basic authentication dialog. Defaults
41 to restricted area.
42
44 This middleware expects that the application has a full access to the
45 headers sent by clients in PSGI environment. That is normally the case
46 with standalone Perl PSGI web servers such as Starman or
47 HTTP::Server::Simple::PSGI.
48
49 However, in a web server configuration where you can't achieve this
50 (i.e. using your application via Apache's mod_cgi), this middleware
51 does not work since your application can't know the value of
52 "Authorization:" header.
53
54 If you use Apache as a web server and CGI to run your PSGI application,
55 you can either a) compile Apache with
56 "-DSECURITY_HOLE_PASS_AUTHORIZATION" option, or b) use mod_rewrite to
57 pass the Authorization header to the application with the rewrite rule
58 like following.
59
60 RewriteEngine on
61 RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
62
64 Tatsuhiko Miyagawa
65
67 Plack
68
69
70
71perl v5.36.0 2022-09-12 Plack::Middleware::Auth::Basic(3)