[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [libmicrohttpd] HTTP Authentication using libmicrohttpd
|
From: |
Sebastian |
|
Subject: |
Re: [libmicrohttpd] HTTP Authentication using libmicrohttpd |
|
Date: |
Tue, 01 Jul 2008 22:33:11 +0200 |
Hello,
> I need to write an application which can authenticate a user against
> stored passwords in a file. I need to know if I can do this using
> libmicrohttpd or not?
Yes, you can.
But you have to understand that this library still expects _you_ to fill
the http headers with the appropriate content. For example, your
application would respond on the first request of a new connection with
an "Authorization" header containing the accepted encryption (e.g.
BASIC) and the realm (e.g. "Secret Area"). It is then your application's
responsibilty to check the content of the answer for the proper
authentication. It then can "remember" that this connection already has
been authenticated or it is free to challenge the connecting client
again. This is up to you.
But what you will have to do by all means is to read the RFCs describing
these mechanisms in great detail (and pretty mandatory). They are to be
followed for compatible behaviour of your application. For basic
authentication this would be rfc2617.
Hope that helps
Sebastian