CGI::Application::Plugin::Authentication, switch from DBI to htpasswd

chris- has asked for the wisdom of the Perl Monks concerning the following question:

Hi, I just started with CGI::Application. I have an example where login against a mysql-DB works. I want to change that in that way, that for authentication a htpasswd file is uses.

  $self->authen->config(
    DRIVER => [ 'DBI',
      DBH         => $self->dbh,
      TABLE       => 'user_info',
      CONSTRAINTS => {
        'user_info.username'     => '__CREDENTIAL_1__',
        'MD5:user_info.password' => '__CREDENTIAL_2__'
      },
    ],

    STORE                => 'Session',
    LOGOUT_RUNMODE       => 'logout',
    LOGIN_RUNMODE        => 'login',
    POST_LOGIN_RUNMODE   => 'okay',
    RENDER_LOGIN         => \&my_login_form,
  );
[download]

Authentication::Driver::HTPasswd says:

DRIVER => ['HTPasswd', '/etc/apache/htpasswd', '/etc/apache/otherhtpas
+swd']
[download]

but if I change the DRIVER to:

    DRIVER => [
       'HTPasswd',
       '/srv/www/my/.htpasswd'
       ],
[download]

it seems obvious to me that it will not work. Where can I say that e.g. md5 is used in the htpasswd file, what the user name is used and so on. Is there any example? I think I missed an essential part. Txs, chris

Comment on CGI::Application::Plugin::Authentication, switch from DBI to htpasswd Select or Download Code

Replies are listed 'Best First'.
Re: CGI::Application::Plugin::Authentication, switch from DBI to htpasswd by Corion (Patriarch) on Jan 08, 2009 at 11:12 UTC
I think `.htpasswd` files are colon separated files. In the first column is the user name and in the second column is the (has of the) password. Or something like this - I've only interacted with them using the `htpasswd` program. But the username and password are stored positionally in the `htpasswd` files. On second thought, likely the format is just the same as of plain `passwd` files.	[reply] [d/l] [select]
Re^2: CGI::Application::Plugin::Authentication, switch from DBI to htpasswd by chris- (Initiate) on Jan 16, 2009 at 12:05 UTC
Here is how it works: `$self->authen->config ( DRIVER => [ 'Authen::Simple::Passwd', path => '/srv/www/cgi-bin/WebApp4/.htpasswd', ], );` [download] If passwords in htpasswd file are encrypted with md5, it decrypts it with md5, if it is with crypt() then it uses crypt() for decrypting. No options needed! To know that makes live easier.	[reply] [d/l]
Re^2: CGI::Application::Plugin::Authentication, switch from DBI to htpasswd by chris- (Initiate) on Jan 13, 2009 at 14:56 UTC
Update: The code just seems to work if I stick to unix crypt() and my code as mentioned above. But how can I use CGI::Application::Plugin::Authentication with the more secure md5 method with htpasswd?	[reply]