[AWS] AWS 2.0p : Small Request
Warren W. Gay VE3WWG
ve3wwg at cogeco.ca
Fri Jun 18 05:02:10 CEST 2004
I am just beginning to explore this AWS 2.0p, and I
have to say that I am very impressed. A special
thanks goes out to Dmitriy Anisimkov and Pascal Obry
for their efforts and for their willingness to share
this work.
I have a small request:
I want to be able to test for and authenticate (digest)
if necessary in a centralized function. Let's call it
Authenticate(). I want to have more than one routine to
handle the requests, so I want to centralize the
authentication testing in one function.
I have come up with something like the following (not
completely tested):
function Authenticate(Request : AWS.Status.Data) return AWS.Response.Data is
use type AWS.Response.Authentication_Mode;
use type AWS.Status.Authorization_Type;
User : constant String := AWS.Status.Authorization_Name(Request);
Password : constant String := Get_Password(User); -- DATABASE LOOKUP --
Client_Mode : constant AWS.Status.Authorization_Type := AWS.Status.Authorization_Mode(Request);
begin
case Client_Mode is
when AWS.Status.Basic =>
if ( Auth_Mode = AWS.Response.Any or else Auth_Mode = AWS.Response.Basic )
and then AWS.Status.Authorization_Password(Request) = Password then
return AWS.Response.Empty; -- OK
end if;
when AWS.Status.Digest =>
if ( Auth_Mode = AWS.Response.Any or else Auth_Mode = AWS.Response.Digest )
and then AWS.Status.Check_Digest(Request,Password) then
if AWS.Digest.Check_Nonce(AWS.Status.Authorization_Nonce(Request)) then
return AWS.Response.Empty; -- OK
else
return AWS.Response.Authenticate("AWS Restricted usage",Auth_Mode,Stale => True);
end if;
end if;
when AWS.Status.None =>
null;
end case;
return AWS.Response.Authenticate("AWS Restricted usage",Auth_Mode);
end Authenticate;
The caller will do something like this:
function Serve_Restricted(Request : AWS.Status.Data) return AWS.Response.Data is
R : AWS.Response.Data := Authenticate(Request);
begin
if not Is_Authenticated(R) then
return R;
end if;
return Serve_Page(Request);
end Serve_Restricted;
In the Authenticate routine above, I really wanted to use the function
AWS.Response.Empty when there was not authentication problem. However,
there is no API method of testing for "empty". Here it comes..
I would like a predicate function like:
function Is_Empty(Response : AWS.Response.Data) return Boolean;
If I had this function, then Is_Authenticated can be just renamed
to AWS.Response.Is_Empty.
The comments in the spec say this sets Data_Mode = No_Data and Status_Code = 204.
But I would much rather code an Is_Empty() call, knowing that if any
changes were to occur in the future, they would be transparent to me.
The use of the AWS.Response.Data object feels a little heavy to use
this way for each and every request, for authentication. Are there
other ways that authentication tests can be made lighter weight
than this? I suppose I could code a procedure instead, since the
the AWS.Response.Data object is not limited. Then I could just
return a Boolean instead for "not authenticated" etc.
It may still be a good idea to provide an Is_Empty() call
however.
DOCUMENTATION:
I noticed mention of Session() is missing on page 21, as it
pertains to configuration options (3.4 Configuration Options).
Thanks, Warren.
--
Warren W. Gay VE3WWG
http://home.cogeco.ca/~ve3wwg
More information about the AWS
mailing list