Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
documentation:latest:applications:authbasic [2016/03/09 20:55]
xguimard
documentation:latest:applications:authbasic [2019/12/05 15:48] (current)
coudot [Configuration]
Line 15: Line 15:
 <​html></​blockquote></​html>​ <​html></​blockquote></​html>​
  
-So HTTP Basic Autentication ​is managed trough an HTTP header (''​Authorization''​),​ that can be forged by LL::NG, with this precautions:​+So HTTP Basic Authentication ​is managed trough an HTTP header (''​Authorization''​),​ that can be forged by LL::NG, with this precautions:​
   * Data should not contains accents or special characters, as HTTP protocol only allow ASCII values in header (but depending on the HTTP server, you can use ISO encoded values)   * Data should not contains accents or special characters, as HTTP protocol only allow ASCII values in header (but depending on the HTTP server, you can use ISO encoded values)
   * You need to forward the password, which can be the user main password (if [[..passwordstore|password is stored in session]], or any user attribute (if you keep secondary passwords in users database).   * You need to forward the password, which can be the user main password (if [[..passwordstore|password is stored in session]], or any user attribute (if you keep secondary passwords in users database).
Line 27: Line 27:
 Authorization => "Basic "​.encode_base64("​$uid:​$_password",​ ""​) Authorization => "Basic "​.encode_base64("​$uid:​$_password",​ ""​)
 </​code>​ </​code>​
- 
-<note important>​Don'​t forget to add an empty string as second argument of encode_base64 to avoid insert of "​newline"​ characters</​note>​ 
  
 LL::NG provides a special function named [[..extendedfunctions#​basic|basic]] to build this header. LL::NG provides a special function named [[..extendedfunctions#​basic|basic]] to build this header.