Recipe 6.14 Obtaining the Password Used to Authenticate

Previous page
Table of content
Next page

Problem

You want to get the password that the user authenticated with.

Solution

Standard Apache modules do not make this value available. It is, however, available from the Apache API if you wish to write your own authentication methods.

In the Apache 1.3 API, you need to investigate the ap_get_basic_auth_pw function. In the 2.0 API, look at the get_basic_auth function.

If you write an authentication handler with mod_perl, you can retrieve the username and password with the get_username function:

 my ($username, $password) = get_username($r);

Discussion

For security reasons, although the username is available as an environment variable, the password used to authenticate is not available in any simple manner. The rationale behind this is that it would be a simple matter for unscrupulous individuals to capture passwords so that they could then use them for their own purposes. Thus the decision was made to make passwords near to impossible to attain.

The only way to change this is to rebuild the server from the sources with a particular (strongly discouraged) compilation flag. Alternately, if you write your own authentication module, you would of course have access to this value, as you would need to verify it in your code.

See Also

  • Recipe 6.13


Previous page
Table of content
Next page
Apache Cookbook
Apache Cookbook: Solutions and Examples for Apache Administrators
ISBN: 0596529945
EAN: 2147483647
Year: 2006
Pages: 215
Authors: Rich Bowen, Ken Coar
BUY ON AMAZON
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
The Complete Cisco VPN Configuration Guide
Cisco IOS Cookbook (Cookbooks (OReilly))
Sap Bw: a Step By Step Guide for Bw 2.0
.NET-A Complete Development Cycle
User Interfaces in C#: Windows Forms and Custom Controls
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy