5.9 Password Protection

Version: 4.1

5.9 Password Protection

(require web-server/dispatchers/dispatch-passwords)

The web-server/dispatchers/dispatch-passwords module defines a dispatcher constructor that performs HTTP Basic authentication filtering.

(make
[
#:password-file password-file

#:authentication-responder authentication-responder])

→

(-> void)

dispatcher?
password-file : path-string? = "passwords"

authentication-responder

:

((url url?) (header header?) . -> . response?)

=

(gen-authentication-responder "forbidden.html")

The first returned value is a procedure that refreshes the password file used by the dispatcher.

The dispatcher that is returned does the following: Checks if the request contains Basic authentication credentials, and that they are included in password-file. If they are not, authentication-responder is called with a header that requests credentials. If they are, then next-dispatcher is invoked.

password-file is parsed as:

  (list ([domain : string?]
         [path : string-regexp?]
         (list [user : symbol?]
               [pass : string?])
         ...)
        ...)

For example:

'(("secret stuff" "/secret(/.*)?" (bubba "bbq") (Billy "BoB")))

top← prev up next →

1	Running the Web Server
2	Scheme Servlets
3	Web Language Servlets
4	Configuration
5	Dispatchers
6	Web Config Unit
7	Web Server Unit
8	Continuation Managers
9	Internal
10	Troubleshooting
11	Acknowledgements
	Index

5.1	General
5.2	Mapping URLs to Paths
5.3	Sequencing
5.4	Timeouts
5.5	Lifting Procedures
5.6	Filtering Requests
5.7	Procedure Invocation upon Request
5.8	Logging
5.9	Password Protection
5.10	Virtual Hosts
5.11	Serving Files
5.12	Serving Scheme Servlets
5.13	Serving Web Language Servlets
5.14	Statistics