- library
- http
- http_unix_daemon.pl -- Run SWI-Prolog HTTP server as a Unix system daemon
- thread_httpd.pl -- Threaded HTTP server
- http_wrapper.pl -- Server processing of an HTTP request
- http_header.pl -- Handling HTTP headers
- http_stream.pl -- HTTP Streams
- http_exception.pl -- Map Prolog exceptions to HTTP errors
- http_path.pl -- Abstract specification of HTTP server locations
- http_dispatch.pl -- Dispatch requests in the HTTP server
- http_host.pl -- Obtain public server location
- http_ssl_plugin.pl -- SSL plugin for HTTP libraries
- http_parameters.pl -- Extract parameters (GET and POST) from HTTP requests
- http_client.pl -- HTTP client library
- http_multipart_plugin.pl -- Multipart form-data plugin
- http_hook.pl -- HTTP library hooks
- html_write.pl -- Write HTML text
- html_quasiquotations.pl -- HTML quasi quotations
- mimetype.pl -- Determine mime-type for a file
- jquery.pl -- Provide JQuery
- html_head.pl -- Automatic inclusion of CSS and scripts links
- http_server_files.pl -- Serve files needed by modules from the server
- term_html.pl -- Represent Prolog terms as HTML
- json.pl -- Reading and writing JSON serialization
- http_open.pl -- HTTP client library
- http_session.pl -- HTTP Session management
- http_openid.pl -- OpenID consumer and server library
- yadis.pl -- Yadis discovery
- ax.pl -- Attribute Exchange library
- http_authenticate.pl -- Authenticate HTTP connections using 401 headers
- http_json.pl -- HTTP JSON Plugin module
- http_dirindex.pl -- HTTP directory listings
- js_write.pl -- Utilities for including JavaScript
- js_grammar.pl -- JavaScript grammar
- http_cors.pl -- Enable CORS: Cross-Origin Resource Sharing
- json_convert.pl -- Convert between JSON terms and Prolog application terms
- http_dyn_workers.pl -- Dynamically schedule HTTP workers.
- http_error.pl -- Decorate uncaught HTTP exceptions with stack-trace
- hub.pl -- Manage a hub for websockets
- websocket.pl -- WebSocket support
- http_log.pl -- HTTP Logging module
- mimepack.pl -- Create a MIME message
- http
- http_authenticate(+Type, +Request, -Fields)
- True if Request contains the information to continue according
to Type. Type identifies the required authentication technique:
- basic(+PasswordFile)
- Use HTTP
Basic
authetication and verify the password from PasswordFile. PasswordFile is a file holding usernames and passwords in a format compatible to Unix and Apache. Each line is record with:
separated fields. The first field is the username and the second the password hash. Password hashes are validated using crypt/2.
Successful authorization is cached for 60 seconds to avoid overhead of decoding and lookup of the user and password data.
http_authenticate/3 just validates the header. If authorization is not provided the browser must be challenged, in response to which it normally opens a user-password dialogue. Example code realising this is below. The exception causes the HTTP wrapper code to generate an HTTP 401 reply.
( http_authenticate(basic(passwd), Request, Fields) -> true ; throw(http_reply(authorise(basic, Realm))) ).
- Arguments:
-
Fields - is a list of fields from the password-file entry. The first element is the user. The hash is skipped. - To be done
- - Should we also cache failures to reduce the risc of DoS attacks?