#
# httpauth.rb -- HTTP access authentication
#
# Author: IPR -- Internet Programming with Ruby -- writers
# Copyright (c) 2000, 2001 TAKAHASHI Masayoshi, GOTOU Yuuzou
# Copyright (c) 2002 Internet Programming with Ruby writers. All rights
# reserved.
#
# $IPR: httpauth.rb,v 1.14 2003/07/22 19:20:42 gotoyuzo Exp $
require 'webrick/httpauth/basicauth'
require 'webrick/httpauth/digestauth'
require 'webrick/httpauth/htpasswd'
require 'webrick/httpauth/htdigest'
require 'webrick/httpauth/htgroup'
module WEBrick
##
# HTTPAuth provides both basic and digest authentication.
#
# To enable authentication for requests in WEBrick you will need a user
# database and an authenticator. To start, here's an Htpasswd database for
# use with a DigestAuth authenticator:
#
# config = { :Realm => 'DigestAuth example realm' }
#
# htpasswd = WEBrick::HTTPAuth::Htpasswd.new 'my_password_file'
# htpasswd.auth_type = WEBrick::HTTPAuth::DigestAuth
# htpasswd.set_passwd config[:Realm], 'username', 'password'
# htpasswd.flush
#
# The +:Realm+ is used to provide different access to different groups
# across several resources on a server. Typically you'll need only one
# realm for a server.
#
# This database can be used to create an authenticator:
#
# config[:UserDB] = htpasswd
#
# digest_auth = WEBrick::HTTPAuth::DigestAuth.new config
#
# To authenticate a request call #authenticate with a request and response
# object in a servlet:
#
# def do_GET req, res
# @authenticator.authenticate req, res
# end
#
# For digest authentication the authenticator must not be created every
# request, it must be passed in as an option via WEBrick::HTTPServer#mount.
module HTTPAuth
module_function
def _basic_auth(req, res, realm, req_field, res_field, err_type,
block) # :nodoc:
user = pass = nil
if /^Basic\s+(.*)/o =~ req[req_field]
userpass = $1
user, pass = userpass.unpack("m*")[0].split(":", 2)
end
if block.call(user, pass)
req.user = user
return
end
res[res_field] = "Basic realm=\"#{realm}\""
raise err_type
end
##
# Simple wrapper for providing basic authentication for a request. When
# called with a request +req+, response +res+, authentication +realm+ and
# +block+ the block will be called with a +username+ and +password+. If
# the block returns true the request is allowed to continue, otherwise an
# HTTPStatus::Unauthorized error is raised.
def basic_auth(req, res, realm, &block) # :yield: username, password
_basic_auth(req, res, realm, "Authorization", "WWW-Authenticate",
HTTPStatus::Unauthorized, block)
end
##
# Simple wrapper for providing basic authentication for a proxied request.
# When called with a request +req+, response +res+, authentication +realm+
# and +block+ the block will be called with a +username+ and +password+.
# If the block returns true the request is allowed to continue, otherwise
# an HTTPStatus::ProxyAuthenticationRequired error is raised.
def proxy_basic_auth(req, res, realm, &block) # :yield: username, password
_basic_auth(req, res, realm, "Proxy-Authorization", "Proxy-Authenticate",
HTTPStatus::ProxyAuthenticationRequired, block)
end
end
end
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| httpauth | Folder | 0755 |
|
|
| httpservlet | Folder | 0755 |
|
|
| accesslog.rb | File | 4.31 KB | 0644 |
|
| cgi.rb | File | 7.97 KB | 0644 |
|
| compat.rb | File | 912 B | 0644 |
|
| config.rb | File | 5.56 KB | 0644 |
|
| cookie.rb | File | 3.88 KB | 0644 |
|
| htmlutils.rb | File | 680 B | 0644 |
|
| httpauth.rb | File | 3.33 KB | 0644 |
|
| httpproxy.rb | File | 9.65 KB | 0644 |
|
| httprequest.rb | File | 14.7 KB | 0644 |
|
| httpresponse.rb | File | 11 KB | 0644 |
|
| https.rb | File | 1.87 KB | 0644 |
|
| httpserver.rb | File | 7.69 KB | 0644 |
|
| httpservlet.rb | File | 669 B | 0644 |
|
| httpstatus.rb | File | 5.13 KB | 0644 |
|
| httputils.rb | File | 12.71 KB | 0644 |
|
| httpversion.rb | File | 1.57 KB | 0644 |
|
| log.rb | File | 3.96 KB | 0644 |
|
| server.rb | File | 8.42 KB | 0644 |
|
| ssl.rb | File | 6.67 KB | 0644 |
|
| utils.rb | File | 6.44 KB | 0644 |
|
| version.rb | File | 384 B | 0644 |
|