Good call. This way, you do not have to bother with authentication at all, as this will be handled by the web server. The downside is that you have no way to influence how the authentication dialog looks (the user's browser will produce one), but maybe this is not so important.

Once you protect your CGI script with basic web authentication, you can retrieve the user ID like this:

my $q = new CGI;
my $userid = $q->remote_user;
[download]