Skip Menu |

Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the WWW-Mechanize CPAN distribution.

Report information
The Basics
Id: 4642
Status: resolved
Priority: 0/
Queue: WWW-Mechanize
People
Owner: MARKSTOS [...] cpan.org
Requestors: acp7 [...] citmail.buffalo.edu
Thomas.Mark [...] bls.gov
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Thu Dec 11 12:35:48 2003 acp7 [...] citmail.buffalo.edu - Ticket created
From: "Potozniak, Andrew" <acp7 [...] citmail.buffalo.edu>
To: "'bug-www-mechanize [...] rt.cpan.org'" <bug-www-mechanize [...] rt.cpan.org>
Subject: Authentication without realm, server and port
Date: Thu, 11 Dec 2003 12:35:41 -0500
Simple hack to get authentication without realm, server, and port: use HTTP::Request; use WWW::Mechanize; my $req; #get username and password from somewhere. my ($username, $password); $req = new HTTP::Request GET => "$params{uri}"; $req->authorization_basic($username, $password); my $mech = WWW::Mechanize->new; $mech->request($req); ---------------------------------------------------------------------------- -------- Andrew Potozniak Administrative Computing Student Assistant State University of New York at Buffalo Computer Science Major ---------------------------------------------------------------------------- -------- "All that is visible must grow beyond itself; extend into the realm of the invisible." (TRON 1982) Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html
  Thu Oct 07 18:08:49 2004 Thomas.Mark [...] bls.gov - Ticket #7929: Ticket created
From: "Thomas, Mark - BLS CTR" <Thomas.Mark [...] bls.gov>
To: "'bug-www-mechanize [...] rt.cpan.org'" <bug-www-mechanize [...] rt.cpan.org>
Subject: FW: Patch to add basic authentication to Mech
Date: Thu, 7 Oct 2004 17:43:49 -0400
Patch attached. Show quoted text
-----Original Message----- From: Andy Lester [mailto:andy@petdance.com] Sent: Thursday, October 07, 2004 10:54 AM To: Thomas, Mark - BLS CTR Subject: Re: Patch to add basic authentication to Mech On Thu, Oct 07, 2004 at 10:53:37AM -0400, Thomas, Mark - BLS CTR (Thomas.Mark@bls.gov) wrote:
> I already checked, and the only ticket that mentions authentication > (4642) is a suggestion for a workaround in user code... the only thing > you'd need to do is mark it resolved. > > Do you want the patch against 1.05_02?
That would indeed be best. Thanks, Andy -- Andy Lester => andy@petdance.com => www.petdance.com => AIM:petdance

Message body is not shown because sender requested not to inline it.

  Sun Oct 17 09:23:04 2004 MARKSTOS [...] cpan.org - Ticket #7929: Ticket 7929 MergedInto ticket 4642.
  Mon Oct 18 20:42:28 2004 MARKSTOS [...] cpan.org - Status changed from 'new' to 'open'
  Mon Oct 18 20:42:38 2004 MARKSTOS [...] cpan.org - Taken
  Mon Oct 18 20:52:00 2004 MARKSTOS [...] cpan.org - Status changed from 'open' to 'stalled'
  Mon Oct 18 20:52:00 2004 MARKSTOS [...] cpan.org - Correspondence added
RT-Send-CC: petdance
[Thomas.Mark@bls.gov - Thu Oct 7 18:08:49 2004]: Show quoted text
> Patch attached. > > -----Original Message----- > From: Andy Lester [mailto:andy@petdance.com] > Sent: Thursday, October 07, 2004 10:54 AM > To: Thomas, Mark - BLS CTR > Subject: Re: Patch to add basic authentication to Mech > > > On Thu, Oct 07, 2004 at 10:53:37AM -0400, Thomas, Mark - BLS CTR > (Thomas.Mark@bls.gov) wrote:
> > I already checked, and the only ticket that mentions authentication > > (4642) is a suggestion for a workaround in user code... the only
> thing
> > you'd need to do is mark it resolved. > > > > Do you want the patch against 1.05_02?
Thanks for the patch. Why is this necessary, though? Doesn't work well enough to just put the username and password in the URL? http://user:pass@domain.com Also, without tests, it's not clear that what you are doing will actually work. Your use of $self->{'basic_authentication'} is different than LWP, for example.
  Tue Oct 19 09:49:53 2004 Guest - Correspondence added
From: Thomas.Mark [...] bls.gov
[MARKSTOS - Mon Oct 18 20:52:00 2004]: Show quoted text
> Thanks for the patch. Why is this necessary, though? Doesn't work > well > enough to just put the username and password in the URL? > > http://user:pass@domain.com
Didn't know that was supported. Perhaps a documentation patch would be in order. However, that doesn't cache the username/password, so it would have to be issued on each request. Show quoted text
> Also, without tests, it's not clear that what you are doing will > actually work. Your use of $self->{'basic_authentication'} is > different > than LWP, for example.
That caches the authentication in the Mech object. If I remember correctly, it's exactly the way it is done in LWP::UserAgent in its credentials() and get_basic_credentials() methods. According to the LWP docs, get_basic_credentials() is designed to be overridden in a subclass, much the way I did. If you think it would be cleaner to have the new methods invoke SUPER::credentials() instead of caching in the Mech object then I'll be glad to update the patch. As far as whether it works, I use this patch in production and it works fine. Or was that a hint that there should be tests? :-) Testing basic authentication would require a 'net connection at test time and a server with basic auth that never changes, wouldn't it? I'll have to check how LWP does it.
  Tue Oct 19 09:49:58 2004 The RT System itself - Status changed from 'stalled' to 'open'
  Tue Oct 19 20:38:37 2004 mark [...] summersault.com - Correspondence added
Date: Tue, 19 Oct 2004 19:32:37 -0500
From: Mark Stosberg <mark [...] summersault.com>
To: alias mech <www-mechanize-development [...] lists.sourceforge.net>
CC: Guest via RT <bug-WWW-Mechanize [...] rt.cpan.org>
Subject: Fwd: [cpan #4642] Authentication without realm, server and port
RT-Send-Cc:
Hello, Feedback is requested from the Mech dev list on "if" and "how" we want to update the basic auth handling. Below is a submitted proposed patch, followed by some discussion of it. The spirit of Mech is basically to make LWP more user friendly, which I believe is the spirit of this patch. However, I want to make sure our API is designed well the first time around to be sufficiently flexible. That's why I want your feedback. Please CC'ing the bugy system on responses as well. Thanks. Mark --- Mechanize.pm Sat Oct 2 16:56:45 2004 +++ Mechanize.pm.1 Thu Oct 7 17:31:04 2004 @@ -1293,7 +1293,46 @@ close $fh; } + +=head2 $mech->set_basic_credentials($username, $password) + +Allows you to set the username/password for basic authentication. + + $mech->set_basic_credentials('melbrooks','12345'); + $mech->set_basic_credentials(); #clears the credentials + +=cut + +sub set_basic_credentials { + my ($self, $login, $password) = @_; + if ($login and $password) { + push @{ $self->{'basic_authentication'}}, $login, $password; + } else { + delete $self->{'basic_authentication'}; + } +} + =head1 OVERRIDDEN L<LWP::UserAgent> METHODS + +=head2 $mech->get_basic_credentials() + +An overloaded version of C<get_basic_credentials()> in L<LWP::UserAgent>. +This method returns a username and password, if supplied by +C<set_basic_credentials()>. Normally, you will not need to +use this function, as it is called by L<LWP::UserAgent> automatically. + +=cut + +sub get_basic_credentials { + my($self, $realm, $uri, $proxy) = @_; + return if $proxy; + + if (exists $self->{'basic_authentication'}) { + return @{ $self->{'basic_authentication'} }; + } + + return (undef, undef); +} =head2 $mech->redirect_ok() ----- Forwarded message from Guest via RT <bug-WWW-Mechanize@rt.cpan.org> ----- Subject: [cpan #4642] Authentication without realm, server and port From: Guest via RT <bug-WWW-Mechanize@rt.cpan.org> Date: Tue, 19 Oct 2004 09:49:58 -0400 (EDT) To: undisclosed-recipients: ; This message about WWW-Mechanize was sent to you by guest <> via rt.cpan.org Full context and any attached attachments can be found at: <URL: https://rt.cpan.org/Ticket/Display.html?id=4642 > [MARKSTOS - Mon Oct 18 20:52:00 2004]: Show quoted text
> Thanks for the patch. Why is this necessary, though? Doesn't work > well > enough to just put the username and password in the URL? > > http://user:pass@domain.com
Didn't know that was supported. Perhaps a documentation patch would be in order. However, that doesn't cache the username/password, so it would have to be issued on each request. Show quoted text
> Also, without tests, it's not clear that what you are doing will > actually work. Your use of $self->{'basic_authentication'} is > different > than LWP, for example.
That caches the authentication in the Mech object. If I remember correctly, it's exactly the way it is done in LWP::UserAgent in its credentials() and get_basic_credentials() methods. According to the LWP docs, get_basic_credentials() is designed to be overridden in a subclass, much the way I did. If you think it would be cleaner to have the new methods invoke SUPER::credentials() instead of caching in the Mech object then I'll be glad to update the patch. As far as whether it works, I use this patch in production and it works fine. Or was that a hint that there should be tests? :-) Testing basic authentication would require a 'net connection at test time and a server with basic auth that never changes, wouldn't it? I'll have to check how LWP does it. Show quoted text
----- End forwarded message ----- -- http://mark.stosberg.com/
  Sat Aug 19 07:32:51 2006 MARKSTOS [...] cpan.org - Correspondence added
A patch in the just-released Mech 1.2 addresses this request. This ticket can be resolved. Mark
  Sat Aug 19 08:38:49 2006 PETDANCE [...] cpan.org - Status changed from 'open' to 'resolved'