> > CGI's remote_user() > > rturns $ENV{'REMOTE_USER'}; > > While > > sub user_name { > > my ($self) = self_or_CGI(@_); > > return $self->http('from') || $ENV{'REMOTE_IDENT'} || > > $ENV{'REMOTE_USER'}; } > > > > SO if I'm trying to get the login name I should use > user_name since it > > will return REMOTE_USER or REMOTE_IDENT > > > > A web server usually ties the REMOTE_USER environment > variable to 'Basic Authorization' (that is the technical > term). This is implemented via apache in many ways, but the > one people are probably most familiar with is .htaccess. > > This type of authorization scheme is 0% secure without SSL. > > > My question is: > > > > What is $self->http('from') ? > > Is it possible/likely that $self->http('from') or REMOTE_IDENT will > > have a value that is not their authentication username while > > REMOTER_USER might be but it will never get to REMOTE_USER > since one > > of the others are defined? > > > > I ask because In Perl in aNutshell it's says user_name() is > unreliable > > but doesn't say that about remote_user. > > 'From' is an old http client header that some browsers sent > to the server. It usually stored the email address of the > account running the client. Obviously, nowadays probably all > browsers consider it insecure to send the users email, so > that header is usually skipped. > > > No takers huh? Ok, I'll shorten it ;p > > > Any opinions trying to get the Authentication User Name > from CGI this > > way: > > > my $user = remote_user() || user_name(); > > I would not use the user_name() function. remote_user() > returns the string typed in to the 'User Name:' labeled text > box when that window pops up and you access a resource > protected by Basic Authorization. > > Todd W.
Thanks for the info Todd, I figured that From was possibly an email address but couldn't image what server would Send the address to everybody! Thanks for your clarification and pointers! Have a good one! Dan -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]