Very simple method to require a basic auth username and password.
If the http request doesn't include the required credentials, it throws a
HTTP 401 error, and an exception to cancel your handler. Do NOT catch the
AuthorizationRequiredException exception thrown by this if you want the
http basic auth prompt to work for the user!
Note: basic auth does not provide great security, especially over unencrypted HTTP;
the user's credentials are sent in plain text on every request.
If you are using Apache, the HTTP_AUTHORIZATION variable may not be sent to the
application. Either use Apache's built in methods for basic authentication, or add
something along these lines to your server configuration:
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
To ensure the necessary data is available to cgi.d.
Very simple method to require a basic auth username and password. If the http request doesn't include the required credentials, it throws a HTTP 401 error, and an exception to cancel your handler. Do NOT catch the AuthorizationRequiredException exception thrown by this if you want the http basic auth prompt to work for the user!
Note: basic auth does not provide great security, especially over unencrypted HTTP; the user's credentials are sent in plain text on every request.
If you are using Apache, the HTTP_AUTHORIZATION variable may not be sent to the application. Either use Apache's built in methods for basic authentication, or add something along these lines to your server configuration:
RewriteEngine On RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]To ensure the necessary data is available to cgi.d.