#!/usr/bin/perl -Tw
use strict;
use CGI qw( header );

print header(-status=>'401 Unauthorized');
[download]

Paris Sinclair    |    4a75737420416e6f74686572
pariss@efn.org    |    205065726c204861636b6572
I wear my Geek Code on my finger.

Thank you, I tried that, but I can't get past the popup window, I always get "Authorisation failed."

In which case you can get the username out of the REMOTE_USER environment variable, but you won't be able to get the password unless you're using mod_perl.

In any case, you should take a look at this older thread: Getting username and password from the URL.

Thanks for the link, this is a starting point. Yes, I'm using mod_perl. The reason I asked this is that I have a PHP application that authenticates via a MySQL database (a table with usernames and encrypted passwords). PHP does pretty good WWW Authentication, you can get at the supplied parameters via $PHP_AUTH_USER and $PHP_AUTH_PW (after sending a 401 header).
I already tried to use Apache::AuthDBI, but the problem is that the passwords in the database are MySQL-encrypted, and Apache::AuthDBI prefers plain text or crypt(8) passwords. Bad luck. But with that Apache->request stuff I think it can be done. I'll give it a try.

Why not use mod_auth_mysql? You can then use MySQL-encrypted passwords with no problem.

Note that there are some quirks in mod_auth_mysql, one of which is that the Auth_MySQL_Empty_Passwords directive does the opposite of what it's supposed to. Another quirk is that usernames are compared case-insensitively.

I've hacked my copy of mod_auth_mysql so that it fixes these problems (and actually adds case-insensitivity as a feature). Let me know if you want it. These things may not affect you of course, so you may not need my version.

You'll need to add mod_perl handlers for this. Look at The mod_perl Guide for more info.

You can do it with FastCGI too, I believe. I think FastCGI supports authentication as well as normal request handling. Information on that would probably come from the fastcgi.com web site.