Ocsigenserver authbasic usage

papatango · October 20, 2017, 6:10pm

Does anyone have a working example of how to use the < authbasic > tag in the conf.in file? So far I have had no luck getting it to work. What are the “actions” to which the instructions refer? Alternatively, is there any way to inspect headers myself in my .eliom file where I write service handlers? My gut feeling is no, but I’m not entirely certain.

jpdeplaix · October 22, 2017, 3:14pm

What “actions” are you referring to ?
Here is an example partially taken from the doc which uses the “plain” method (http://ocsigen.org/ocsigenserver/2.8/manual/authbasic):

<host charset="utf-8" hostfilter="*">
  <site dir="yourprivatedirectory">
    <authbasic realm="whatever">
      <plain login="me" password="mypassword" />
    </authbasic>
  </site>
</host>

Otherwise, using those provided functions maybe you could do what you want inside an eliom app: http://ocsigen.org/ocsigenserver/2.8/api/Authbasic

papatango · October 22, 2017, 6:42pm

Thank you for the reply.

I will try this soon. In the meantime, from that same page itself:

“To add an authentication layer to a site, add the following lines before
the actions defining the restricted part of your site.”

I have no idea what that means. Before? What “actions”?

I appreciate the example, but I’m still confused how this tag works. How
would I require basic authentication for only a portion of a site?

Thank you.

-Paul

Vincent_Balat · October 23, 2017, 8:13am

The configuration file describes the actions to be executed by the server when it receives a request.
For example : try a static file, then an Eliom page, then compress the result.
You put the authbasic configuration in the right host/site of your site,
before page generation (staticmod, eliom, etc.)

It is also possible to inspect header from Eliom, using module Ocsigen_headers.

– Vincent

jpdeplaix · October 23, 2017, 10:04pm

I appreciate the example, but I’m still confused how this tag works. How
would I require basic authentication for only a portion of a site?

It depends. Does the portion of the site you want authentication for, depends on something-else than a simple directory ?
What do you want to do with it ?
Currently, the example I showed you above does protect the directory “/yourprivatedirectory” with the password “mypassword” and “me” as login.

papatango · October 28, 2017, 8:10pm

Thank you Jacques and Vincent.

I was able to get the < authbasic > tag to work within parent < site > and < host > tags, in conjunction with an eliom module that defines a set of services and handlers. I was trying to protect the services defined in that eliom module, so all is well. I confirmed everything works with curl.

Topic		Replies	Views
How to make ocsigen-start https only? Learning ocsigen , ocsigenserver	6	1223	October 15, 2020
Does pgocaml/eliom enable sslmode=verify-full? Learning ocsigen , eliom , ocsigenserver , pgocaml	2	612	November 2, 2020
Writing a simple chat app in ocsigen Learning ocsigen	2	1086	June 12, 2020
Ocsigen.org is down? Ecosystem ocsigen	7	1168	September 28, 2017
Debugging client-side code in Eliom Ecosystem ocsigen , eliom	0	868	November 5, 2017

Ocsigenserver authbasic usage

Related Topics