3.66. <AuthBy URL> Previous topic Parent topic Child topic Next topic

This clause authenticates using HTTP from any URL. It can use any given CGI or ASP, that validates user name and password. It requires the Digest::MD5 and HTTP::Request and LWP::UserAgent Perl modules in libwww-perl-5.63 or later. They are part of CPAN. For more information, see Section 2.1.2. CPAN. <AuthBy URL> supports both GET and POST Method for http query strings.
The user name and password being authenticated are passed as URL tags to the program (i.e. it does not use the web server's HTTP authentication). The CGI or ASP can then validate the user name and password and return a string that indicates whether the authentication succeeded or not. Passwords may be sent in the clear, or Unix crypt or MD5 encrypted. Example CGI scripts are available in the goodies directory of your Radiator distribution. See goodies/README.
This module was contributed by Mauro Crovato <mauro@crovato.com.ar>. See the example configuration file in goodies/url.cfg in your Radiator distribution.
AuthBy URL understands also the same parameters as <AuthBy xxxxxx>. For more information, see Section 3.26. <AuthBy xxxxxx>.
The libwww module that AuthBy URL uses can also support HTTPS requests. In order to enable this support, you must build and install either the Crypt::SSLeay or IO::Socket::SSL Perl modules before building the libwww module (see the README.SSL in the libwww distribution for more details). After that you can specify an HTTPS URL with something like:
AuthUrl https://www.mysite.com/validate.cgi