Ian Bicking wrote:
> Okay, now I really want to get HTTP authentication working. Here's
> where I am:
> The Zope mod_rewrite style kind of works, but I can't get it to actually
> set an environmental variable -- either for mod_webkit or WebKit.cgi.
> You can put the authentication header in the URL as a get variable,
> though (of course, this is a big ol' security hole -- but at least it
> shows it kind of works). So this is one problem.
> With HTTPAdapter.py, of course there is no problem -- it passes
> everything on. However, either way I don't really know what to do with
> the value once I get it. If I try to login as test:test in the realm
> "Password Required", a header like this is sent:
> Authorization: Basic dGVzdDp0ZXN0
> That's the only extra header. It's not plaintext, that's for sure.
> (Same in Mozilla and NS 4)
user_passwd= "%s:%s" % (username,passwd)
>>> import base64
['MAXBINSIZE', 'MAXLINESIZE', '__all__', '__builtins__', '__doc__',
'__name__', 'binascii', 'decode', 'decodestring', 'encode',
'encodestring', 'test', 'test1']
There's an ACL script I also just came across
that might be of interest:
Radio Free Asia