- Publicity: Public Only All
http-auth-procs.tcl
Use OpenACS user logins for HTTP authentication
- Location:
- packages/acs-tcl/tcl/http-auth-procs.tcl
Procedures in this file
- http_auth::authorize (public)
- http_auth::basic_authentication_decode (public)
- http_auth::register_filter (public)
- http_auth::set_user_id (public)
- http_auth::site_node_authorize (public)
Detailed information
http_auth::authorize (public)
http_auth::authorize conn args why
Check HTTP authentication for an OpenACS user account and call the registered procedure to handle the URL to check permissions
- Parameters:
- conn (required)
- args (required)
- why (required)
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
http_auth::basic_authentication_decode (public)
http_auth::basic_authentication_decode authorization
Implements decoding of authorization header as defined in RFC 7617 "username" containing a colon character is invalid (see RFC 7617, Section 2).
- Parameters:
- authorization (required)
- content of "Authorization:" reply header field, such as e.g. "Basic 29234k3j49a"
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
http_auth::register_filter (public)
http_auth::register_filter [ -url_pattern url_pattern ] [ -proc proc ]
Setup HTTP authentication for a URL pattern
- Switches:
- -url_pattern (optional)
- Follows ns_register_filter rules for defining the pattern to match.
- -proc (optional)
- Name of Tcl procedure to call to check permissions. Use this to figure out what object the URL pattern matches to. This proc should accept two named parameters user_id and url. Should return a valid Tcl true or false value. If empty the site_node matching the URL will be checked.
- Returns:
- Tcl true or false
- Author:
- Dave Bauer <dave@solutiongrove.com>
- Created:
- 2007-03-08
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
http_auth::set_user_id (public)
http_auth::set_user_id
Get the user_id from HTTP authentication headers. NOTE: This should be handled through SSL since plain HTTP auth is easy to decode
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
http_auth::site_node_authorize (public)
http_auth::site_node_authorize [ -user_id user_id ] [ -url url ]
Procedure to take HTTP authenticated user_id and check site_node permissions. Default if http auth is proc is not specified.
- Switches:
- -user_id (optional)
- -url (optional)
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.