Authorization question

[Martin]

I have a web site set up (intranet only - no internet access) in
which, when I receive a page request with an empty authorized user and
password, I issue a 401 response that pops up the userid/password
prompt on the user's browser. I would like to do some server-side
processing when they click OK on that - how can I detect that the
request I'm receiving is from that prompt? Is there something unique
about it that I can detect?

 

[David Dorward]

I have a web site set up (intranet only - no internet access) in
which, when I receive a page request with an empty authorized user and
password, I issue a 401 response that pops up the userid/password
prompt on the user's browser. I would like to do some server-side
processing when they click OK on that - how can I detect that the
request I'm receiving is from that prompt? Is there something unique
about it that I can detect?

No, you can only detect that someone is using basic authentication, how they
told their browser to send their credentials is impossible to detect.

How you get that information on the server rather depends on the language
and libraries you are working with, most come with some built in way to get
the username and password.

 

[Toby Inkster]

I issue a 401 response that pops up the userid/password prompt on the
user's browser. I would like to do some server-side processing when they
click OK on that - how can I detect that the request I'm receiving is
from that prompt?

It will include the "Authorization" HTTP header.

Really it sounds like you're re-inventing the wheel though.
http://httpd.apache.org/docs/howto/auth.html