!ArcWeb/PublicHTML/authorise

Home » Personal collection » Acorn hard disk » apps » web » !ArcWeb/PublicHTML/authorise

This website contains an archive of files for the Acorn Electron, BBC Micro, Acorn Archimedes, Commodore 16 and Commodore 64 computers, which Dominic Ford has rescued from his private collection of floppy disks and cassettes.

Some of these files were originally commercial releases in the 1980s and 1990s, but they are now widely available online. I assume that copyright over them is no longer being asserted. If you own the copyright and would like files to be removed, please contact me.

Tape/disk:	Home » Personal collection » Acorn hard disk » apps » web
Filename:	!ArcWeb/PublicHTML/authorise
Read OK:	✔
File size:	080C bytes
Load address:	0000
Exec address:	0000

Duplicates

There is 1 duplicate copy of this file in the archive:

Personal collection » Acorn ADFS disks » Greaseweazled » adfs_1.6M_ArcWeb.adf » !ArcWeb/PublicHTML/authorise
Personal collection » Acorn hard disk » apps » web » !ArcWeb/PublicHTML/authorise

<title>WWW Authentication</title>
<body>
<h1>WWW Authentication</h1>

Information providers may decide to protect their pages by password in
order to restrict who can see them.  (eg. <a
"href=http://www.acorn.co.uk/acorn/clan/private/Home">Acorn's Clan only
pages</a>). To do this they construct a password file at the server end and
put an access control file in the clan home directory, giving a symbolic name
by which any files under that directory need to be accessed.  Acorn chose
"AcornClan" as their authentication 'realm' .  This means that if you send a
normal request to www.acorn.co.uk asking for one of the clan pages, you will
get back:

<pre>

HTTP/1.0 401 Unauthorized
Server: CERN/3.0 (or similar)
Date: .... etc. etc.
WWW-Authenticate: Basic "AcornClan"
Content-Type: text/html

&lt;title&gt;Unauthorized&lt;/title&gt;
&lt;h1&gt;401 Unauthorized&lt;/h1&gt;Your browser does not appear to support user
authentication.

</pre>

At which point, ArcWeb will prompt you for a user name and password
which will satisfy the "AcornClan" realm of www.acorn.co.uk.  So you
enter the user name and password and press RETURN and ArcWeb will
resend the request but include an extra header.  For example,
suppose I enter user name 'Aladdin' and password 'open sesame', the
following header will be sent with the repeated request:

<pre>

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

</pre>

where it has converted the user name and password to a simple non-clear
text format (note: this is <em>NOT SECURE</em> - any base64 decoder can decode
that string I've given above back into 'Aladdin:open sesame')  Note
that the authentication information is cached by ArcWeb until it
quits (unless you set the option in the configuration window to stop it
deleting the cache upon exit), and that if you attempt to access another
page under the clan hierarchy, then ArcWeb will speculatively add the
cached authentication information to the original request in an attempt
to pre-empt any challenge.

<hr>
<address>Stewart Brodie<br>21st November 1995</address>

00000000  3c 74 69 74 6c 65 3e 57  57 57 20 41 75 74 68 65  |<title>WWW Authe|
00000010  6e 74 69 63 61 74 69 6f  6e 3c 2f 74 69 74 6c 65  |ntication</title|
00000020  3e 0a 3c 62 6f 64 79 3e  0a 3c 68 31 3e 57 57 57  |>.<body>.<h1>WWW|
00000030  20 41 75 74 68 65 6e 74  69 63 61 74 69 6f 6e 3c  | Authentication<|
00000040  2f 68 31 3e 0a 0a 49 6e  66 6f 72 6d 61 74 69 6f  |/h1>..Informatio|
00000050  6e 20 70 72 6f 76 69 64  65 72 73 20 6d 61 79 20  |n providers may |
00000060  64 65 63 69 64 65 20 74  6f 20 70 72 6f 74 65 63  |decide to protec|
00000070  74 20 74 68 65 69 72 20  70 61 67 65 73 20 62 79  |t their pages by|
00000080  20 70 61 73 73 77 6f 72  64 20 69 6e 0a 6f 72 64  | password in.ord|
00000090  65 72 20 74 6f 20 72 65  73 74 72 69 63 74 20 77  |er to restrict w|
000000a0  68 6f 20 63 61 6e 20 73  65 65 20 74 68 65 6d 2e  |ho can see them.|
000000b0  20 20 28 65 67 2e 20 3c  61 0a 22 68 72 65 66 3d  |  (eg. <a."href=|
000000c0  68 74 74 70 3a 2f 2f 77  77 77 2e 61 63 6f 72 6e  |http://www.acorn|
000000d0  2e 63 6f 2e 75 6b 2f 61  63 6f 72 6e 2f 63 6c 61  |.co.uk/acorn/cla|
000000e0  6e 2f 70 72 69 76 61 74  65 2f 48 6f 6d 65 22 3e  |n/private/Home">|
000000f0  41 63 6f 72 6e 27 73 20  43 6c 61 6e 20 6f 6e 6c  |Acorn's Clan onl|
00000100  79 0a 70 61 67 65 73 3c  2f 61 3e 29 2e 20 54 6f  |y.pages</a>). To|
00000110  20 64 6f 20 74 68 69 73  20 74 68 65 79 20 63 6f  | do this they co|
00000120  6e 73 74 72 75 63 74 20  61 20 70 61 73 73 77 6f  |nstruct a passwo|
00000130  72 64 20 66 69 6c 65 20  61 74 20 74 68 65 20 73  |rd file at the s|
00000140  65 72 76 65 72 20 65 6e  64 20 61 6e 64 0a 70 75  |erver end and.pu|
00000150  74 20 61 6e 20 61 63 63  65 73 73 20 63 6f 6e 74  |t an access cont|
00000160  72 6f 6c 20 66 69 6c 65  20 69 6e 20 74 68 65 20  |rol file in the |
00000170  63 6c 61 6e 20 68 6f 6d  65 20 64 69 72 65 63 74  |clan home direct|
00000180  6f 72 79 2c 20 67 69 76  69 6e 67 20 61 20 73 79  |ory, giving a sy|
00000190  6d 62 6f 6c 69 63 20 6e  61 6d 65 0a 62 79 20 77  |mbolic name.by w|
000001a0  68 69 63 68 20 61 6e 79  20 66 69 6c 65 73 20 75  |hich any files u|
000001b0  6e 64 65 72 20 74 68 61  74 20 64 69 72 65 63 74  |nder that direct|
000001c0  6f 72 79 20 6e 65 65 64  20 74 6f 20 62 65 20 61  |ory need to be a|
000001d0  63 63 65 73 73 65 64 2e  20 20 41 63 6f 72 6e 20  |ccessed.  Acorn |
000001e0  63 68 6f 73 65 0a 22 41  63 6f 72 6e 43 6c 61 6e  |chose."AcornClan|
000001f0  22 20 61 73 20 74 68 65  69 72 20 61 75 74 68 65  |" as their authe|
00000200  6e 74 69 63 61 74 69 6f  6e 20 27 72 65 61 6c 6d  |ntication 'realm|
00000210  27 20 2e 20 20 54 68 69  73 20 6d 65 61 6e 73 20  |' .  This means |
00000220  74 68 61 74 20 69 66 20  79 6f 75 20 73 65 6e 64  |that if you send|
00000230  20 61 0a 6e 6f 72 6d 61  6c 20 72 65 71 75 65 73  | a.normal reques|
00000240  74 20 74 6f 20 77 77 77  2e 61 63 6f 72 6e 2e 63  |t to www.acorn.c|
00000250  6f 2e 75 6b 20 61 73 6b  69 6e 67 20 66 6f 72 20  |o.uk asking for |
00000260  6f 6e 65 20 6f 66 20 74  68 65 20 63 6c 61 6e 20  |one of the clan |
00000270  70 61 67 65 73 2c 20 79  6f 75 20 77 69 6c 6c 0a  |pages, you will.|
00000280  67 65 74 20 62 61 63 6b  3a 0a 0a 3c 70 72 65 3e  |get back:..<pre>|
00000290  0a 0a 48 54 54 50 2f 31  2e 30 20 34 30 31 20 55  |..HTTP/1.0 401 U|
000002a0  6e 61 75 74 68 6f 72 69  7a 65 64 0a 53 65 72 76  |nauthorized.Serv|
000002b0  65 72 3a 20 43 45 52 4e  2f 33 2e 30 20 28 6f 72  |er: CERN/3.0 (or|
000002c0  20 73 69 6d 69 6c 61 72  29 0a 44 61 74 65 3a 20  | similar).Date: |
000002d0  2e 2e 2e 2e 20 65 74 63  2e 20 65 74 63 2e 0a 57  |.... etc. etc..W|
000002e0  57 57 2d 41 75 74 68 65  6e 74 69 63 61 74 65 3a  |WW-Authenticate:|
000002f0  20 42 61 73 69 63 20 22  41 63 6f 72 6e 43 6c 61  | Basic "AcornCla|
00000300  6e 22 0a 43 6f 6e 74 65  6e 74 2d 54 79 70 65 3a  |n".Content-Type:|
00000310  20 74 65 78 74 2f 68 74  6d 6c 0a 0a 26 6c 74 3b  | text/html..&lt;|
00000320  74 69 74 6c 65 26 67 74  3b 55 6e 61 75 74 68 6f  |title&gt;Unautho|
00000330  72 69 7a 65 64 26 6c 74  3b 2f 74 69 74 6c 65 26  |rized&lt;/title&|
00000340  67 74 3b 0a 26 6c 74 3b  68 31 26 67 74 3b 34 30  |gt;.&lt;h1&gt;40|
00000350  31 20 55 6e 61 75 74 68  6f 72 69 7a 65 64 26 6c  |1 Unauthorized&l|
00000360  74 3b 2f 68 31 26 67 74  3b 59 6f 75 72 20 62 72  |t;/h1&gt;Your br|
00000370  6f 77 73 65 72 20 64 6f  65 73 20 6e 6f 74 20 61  |owser does not a|
00000380  70 70 65 61 72 20 74 6f  20 73 75 70 70 6f 72 74  |ppear to support|
00000390  20 75 73 65 72 0a 61 75  74 68 65 6e 74 69 63 61  | user.authentica|
000003a0  74 69 6f 6e 2e 0a 0a 3c  2f 70 72 65 3e 0a 0a 41  |tion...</pre>..A|
000003b0  74 20 77 68 69 63 68 20  70 6f 69 6e 74 2c 20 41  |t which point, A|
000003c0  72 63 57 65 62 20 77 69  6c 6c 20 70 72 6f 6d 70  |rcWeb will promp|
000003d0  74 20 79 6f 75 20 66 6f  72 20 61 20 75 73 65 72  |t you for a user|
000003e0  20 6e 61 6d 65 20 61 6e  64 20 70 61 73 73 77 6f  | name and passwo|
000003f0  72 64 0a 77 68 69 63 68  20 77 69 6c 6c 20 73 61  |rd.which will sa|
00000400  74 69 73 66 79 20 74 68  65 20 22 41 63 6f 72 6e  |tisfy the "Acorn|
00000410  43 6c 61 6e 22 20 72 65  61 6c 6d 20 6f 66 20 77  |Clan" realm of w|
00000420  77 77 2e 61 63 6f 72 6e  2e 63 6f 2e 75 6b 2e 20  |ww.acorn.co.uk. |
00000430  20 53 6f 20 79 6f 75 0a  65 6e 74 65 72 20 74 68  | So you.enter th|
00000440  65 20 75 73 65 72 20 6e  61 6d 65 20 61 6e 64 20  |e user name and |
00000450  70 61 73 73 77 6f 72 64  20 61 6e 64 20 70 72 65  |password and pre|
00000460  73 73 20 52 45 54 55 52  4e 20 61 6e 64 20 41 72  |ss RETURN and Ar|
00000470  63 57 65 62 20 77 69 6c  6c 0a 72 65 73 65 6e 64  |cWeb will.resend|
00000480  20 74 68 65 20 72 65 71  75 65 73 74 20 62 75 74  | the request but|
00000490  20 69 6e 63 6c 75 64 65  20 61 6e 20 65 78 74 72  | include an extr|
000004a0  61 20 68 65 61 64 65 72  2e 20 20 46 6f 72 20 65  |a header.  For e|
000004b0  78 61 6d 70 6c 65 2c 0a  73 75 70 70 6f 73 65 20  |xample,.suppose |
000004c0  49 20 65 6e 74 65 72 20  75 73 65 72 20 6e 61 6d  |I enter user nam|
000004d0  65 20 27 41 6c 61 64 64  69 6e 27 20 61 6e 64 20  |e 'Aladdin' and |
000004e0  70 61 73 73 77 6f 72 64  20 27 6f 70 65 6e 20 73  |password 'open s|
000004f0  65 73 61 6d 65 27 2c 20  74 68 65 0a 66 6f 6c 6c  |esame', the.foll|
00000500  6f 77 69 6e 67 20 68 65  61 64 65 72 20 77 69 6c  |owing header wil|
00000510  6c 20 62 65 20 73 65 6e  74 20 77 69 74 68 20 74  |l be sent with t|
00000520  68 65 20 72 65 70 65 61  74 65 64 20 72 65 71 75  |he repeated requ|
00000530  65 73 74 3a 0a 0a 3c 70  72 65 3e 0a 0a 41 75 74  |est:..<pre>..Aut|
00000540  68 6f 72 69 7a 61 74 69  6f 6e 3a 20 42 61 73 69  |horization: Basi|
00000550  63 20 51 57 78 68 5a 47  52 70 62 6a 70 76 63 47  |c QWxhZGRpbjpvcG|
00000560  56 75 49 48 4e 6c 63 32  46 74 5a 51 3d 3d 0a 0a  |VuIHNlc2FtZQ==..|
00000570  3c 2f 70 72 65 3e 0a 0a  77 68 65 72 65 20 69 74  |</pre>..where it|
00000580  20 68 61 73 20 63 6f 6e  76 65 72 74 65 64 20 74  | has converted t|
00000590  68 65 20 75 73 65 72 20  6e 61 6d 65 20 61 6e 64  |he user name and|
000005a0  20 70 61 73 73 77 6f 72  64 20 74 6f 20 61 20 73  | password to a s|
000005b0  69 6d 70 6c 65 20 6e 6f  6e 2d 63 6c 65 61 72 0a  |imple non-clear.|
000005c0  74 65 78 74 20 66 6f 72  6d 61 74 20 28 6e 6f 74  |text format (not|
000005d0  65 3a 20 74 68 69 73 20  69 73 20 3c 65 6d 3e 4e  |e: this is <em>N|
000005e0  4f 54 20 53 45 43 55 52  45 3c 2f 65 6d 3e 20 2d  |OT SECURE</em> -|
000005f0  20 61 6e 79 20 62 61 73  65 36 34 20 64 65 63 6f  | any base64 deco|
00000600  64 65 72 20 63 61 6e 20  64 65 63 6f 64 65 0a 74  |der can decode.t|
00000610  68 61 74 20 73 74 72 69  6e 67 20 49 27 76 65 20  |hat string I've |
00000620  67 69 76 65 6e 20 61 62  6f 76 65 20 62 61 63 6b  |given above back|
00000630  20 69 6e 74 6f 20 27 41  6c 61 64 64 69 6e 3a 6f  | into 'Aladdin:o|
00000640  70 65 6e 20 73 65 73 61  6d 65 27 29 20 20 4e 6f  |pen sesame')  No|
00000650  74 65 0a 74 68 61 74 20  74 68 65 20 61 75 74 68  |te.that the auth|
00000660  65 6e 74 69 63 61 74 69  6f 6e 20 69 6e 66 6f 72  |entication infor|
00000670  6d 61 74 69 6f 6e 20 69  73 20 63 61 63 68 65 64  |mation is cached|
00000680  20 62 79 20 41 72 63 57  65 62 20 75 6e 74 69 6c  | by ArcWeb until|
00000690  20 69 74 0a 71 75 69 74  73 20 28 75 6e 6c 65 73  | it.quits (unles|
000006a0  73 20 79 6f 75 20 73 65  74 20 74 68 65 20 6f 70  |s you set the op|
000006b0  74 69 6f 6e 20 69 6e 20  74 68 65 20 63 6f 6e 66  |tion in the conf|
000006c0  69 67 75 72 61 74 69 6f  6e 20 77 69 6e 64 6f 77  |iguration window|
000006d0  20 74 6f 20 73 74 6f 70  20 69 74 0a 64 65 6c 65  | to stop it.dele|
000006e0  74 69 6e 67 20 74 68 65  20 63 61 63 68 65 20 75  |ting the cache u|
000006f0  70 6f 6e 20 65 78 69 74  29 2c 20 61 6e 64 20 74  |pon exit), and t|
00000700  68 61 74 20 69 66 20 79  6f 75 20 61 74 74 65 6d  |hat if you attem|
00000710  70 74 20 74 6f 20 61 63  63 65 73 73 20 61 6e 6f  |pt to access ano|
00000720  74 68 65 72 0a 70 61 67  65 20 75 6e 64 65 72 20  |ther.page under |
00000730  74 68 65 20 63 6c 61 6e  20 68 69 65 72 61 72 63  |the clan hierarc|
00000740  68 79 2c 20 74 68 65 6e  20 41 72 63 57 65 62 20  |hy, then ArcWeb |
00000750  77 69 6c 6c 20 73 70 65  63 75 6c 61 74 69 76 65  |will speculative|
00000760  6c 79 20 61 64 64 20 74  68 65 0a 63 61 63 68 65  |ly add the.cache|
00000770  64 20 61 75 74 68 65 6e  74 69 63 61 74 69 6f 6e  |d authentication|
00000780  20 69 6e 66 6f 72 6d 61  74 69 6f 6e 20 74 6f 20  | information to |
00000790  74 68 65 20 6f 72 69 67  69 6e 61 6c 20 72 65 71  |the original req|
000007a0  75 65 73 74 20 69 6e 20  61 6e 20 61 74 74 65 6d  |uest in an attem|
000007b0  70 74 0a 74 6f 20 70 72  65 2d 65 6d 70 74 20 61  |pt.to pre-empt a|
000007c0  6e 79 20 63 68 61 6c 6c  65 6e 67 65 2e 0a 0a 3c  |ny challenge...<|
000007d0  68 72 3e 0a 3c 61 64 64  72 65 73 73 3e 53 74 65  |hr>.<address>Ste|
000007e0  77 61 72 74 20 42 72 6f  64 69 65 3c 62 72 3e 32  |wart Brodie<br>2|
000007f0  31 73 74 20 4e 6f 76 65  6d 62 65 72 20 31 39 39  |1st November 199|
00000800  35 3c 2f 61 64 64 72 65  73 73 3e 0a              |5</address>.|
0000080c

Our privacy policy is here.
Last updated: 10 Jun 2024, 13:20 UTC
Website designed by .