httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jos...@slive.ca>
Subject Re: Basic Authentication from C
Date Thu, 02 May 2002 14:56:45 GMT
On Thu, 2 May 2002 rufustfirefly@subdimension.com wrote:

> I've been trying to hack the xmlrpc-c library to support
> server-side basic authentication, but I can't find any
> environmental variable or method of accessing the password
> that should be passed by basic authentication. Some servers
> use HTTP_AUTHENTICATION, others use AUTH_PASS or
> REMOTE_PASS, but I can't find any instance of these in the
> apache source.
>
> Is there a way to access the Basic: header, either through
> environmental variables or another trick?

For important security reasons, you can access the password only if you
are running as an apache module, not if you are running as a cgi script.
The password is not placed in the environment.

(There is a SECURITY_HOLE_PASS_AUTHORIZATION compile time define (or
something similar) that will allow this, but it is certainly not
recommended.)

Joshua.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message