Basic access authentication
Iman Rahmatizadeh edited this page Oct 4, 2015
·
2 revisions
by AUGER Mickael (form France)
This document explains the use of basic access authentication defined by HTTP protocol. This method uses the base64 encoding.
The joined archive contains the following files :
basic_auth/ → library to use the basic authentication (detailed below)
basic_auth.c
basic_auth.h
Makefile
webapp/
etc/ → original etc folder
kloned.conf
www/
index.kl1
basic_example.kl1 → protected page by basic authentication (detailed below)
example_without_basic.kl1 → standard KL1 page
Makefile → used for tests with the 2.1.1 KLone version
README.TXT → simple user manual
To use the “basic_auth” library you can add the “basic_auth” folder in your mainly project’s folder and modify the mainly “Makefile” like :
SUBDIR += $(CURDIR)/basic_auth
WEBAPP_LDADD += $(CURDIR)/basic_auth/libbasic_auth.a
This is the contents of “basic_auth.h” file :
//maximum length of string concatenation of login and password
//used by "base64decode" function
#define MAX_SIZE_OF_LOGIN_PASSWORD 100
/**
* Test if the user (client) is connected.
* This function must be call by all pages protected by password.
* @param _request request (global var) of KLone server
* @param _response response (global var) of KLone server
* @param _out standard output (global var) of KLone server
* @return false if the user is not connected
*/
bool is_connected(request_t *_request, response_t *_response,io_t *_out);
/**
* Split a string by character.
* The last word of array is NULL
* Warning : this array must be free after use with the 'free_explode' function
* @param str the input string
* @param separator the boundary character
* @return a array with NULL like last value
*/
char** explode(const char* str, char separator);
/**
* Free an array initialized by the "explode" function
* @param var the array
*/
void free_explode(char **var);
/**
* Decode a base64 string like "login:password"
* Warning : free the returned string after use
* @param encodedstring string encoded in base64
* @return decoded string like "login:password"
*/
char *base64decode(const char *encodedstring);
Warning : the used static login/password is “toto/1234” (see the source code of “is_connected” function to modify it)
The use of “basic_auth” library is very simple. The page template is :
<%!
#include "basic_auth/basic_auth.h"
%><%
if(!is_connected(request,response,out))
return ;
%>
accessible contents after authentication
Rem : the not protected pages are KL1 or KLX standard page.
Here an example of protected page by basic access authentication. This example is “basic_example.kl1” file :
<%!
#include "basic_auth/basic_auth.h"
%><%
if(!is_connected(request,response,out))
return ;
%><html>
<head>
<title>Basic access authentication</title>
</head>
<body>
<p style="color:red:font-weight:bold">Access authorized !<p>
</body></html>
- What is Basic authentication
- List of HTTP status codes :