Re: Does Digest Access Authentication work?

Gisle Aas (aas@bergen.sn.no)
Wed, 09 Oct 1996 18:16:40 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jonathan Berg: "Problems installing libnet-1.01"
Previous message: Harald Rosenfeldt: "Missng files getopt.pl and wwwdates.pl"
Maybe in reply to: Gisle Aas: "Does Digest Access Authentication work?"

In message <199610081331.PAA28452@bergen.sn.no>, Gisle Aas writes:
> I tried to set it up against an apache_1.1.1 server without much luck.

It worked when I finally got the "Realm" set up correctly in the
server configuration files, but libwww-perl produced a warning about
"Use of uninitialized value" because apache does not use the 'opaque'
attribute.

I fixed it like this:


Index: UserAgent.pm
===================================================================
RCS file: /f/stovner/utvikling/CVSROOT/aas/perl/mods/libwww-perl/lib/LWP/UserAgent.pm,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -r1.37 -r1.38
--- UserAgent.pm	1996/10/07 09:37:55	1.37
+++ UserAgent.pm	1996/10/08 14:30:43	1.38
@@ -1,4 +1,4 @@
-# $Id: UserAgent.pm,v 1.37 1996/10/07 09:37:55 aas Exp $
+# $Id: UserAgent.pm,v 1.38 1996/10/08 14:30:43 aas Exp $
 
 package LWP::UserAgent;
 
@@ -368,13 +368,13 @@
 		my($digest) = $md5->hexdigest;
 		$md5->reset;
 
-		my %resp = map { $_, $mda{$_} } qw(realm nonce opaque);
+		my %resp = map { $_ => $mda{$_} } qw(realm nonce opaque);
 		@resp{qw(username uri response)} =
 		  ($uid, $request->url->path, $digest);
 
 		if (defined $uid and defined $pwd) {
 		    my(@order) = qw(username realm nonce uri response);
-		    if($request->method =~ /^POST|PUT$/) {
+		    if($request->method =~ /^(?:POST|PUT)$/) {
 			$md5->add($request->content);
 			my($content) = $md5->hexdigest;
 			$md5->reset;
@@ -384,7 +384,11 @@
 			push(@order, "message-digest");
 		    }
 		    push(@order, "opaque");
-		    my @pairs  = map { "$_=" . qq("$resp{$_}") } @order;
+		    my @pairs;
+		    for (@order) {
+			next unless defined $resp{$_};
+			push(@pairs, "$_=" . qq("$resp{$_}"));
+		    }
 		    my $header = "$scheme " . join(", ", @pairs);
 
 		    # Need to check this isn't a repeated fail!
@@ -400,7 +404,7 @@
 		    }
 
 		    my $referral = $request->clone;
-		    $referral->header('Extension' => "Security/Digest");
+		    #$referral->header('Extension' => "Security/Digest");
 		    $referral->header('Authorization' => $header);
 		    return $self->request($referral, $arg, $size, $response);
 		} else {

Next message: Jonathan Berg: "Problems installing libnet-1.01"
Previous message: Harald Rosenfeldt: "Missng files getopt.pl and wwwdates.pl"
Maybe in reply to: Gisle Aas: "Does Digest Access Authentication work?"