NAME
    Catalyst::Plugin::Authentication::Credential::HTTP - HTTP Basic and
    Digest authentication for Catalyst.

SYNOPSIS
        use Catalyst qw/
            Authentication
            Authentication::Store::Moose
            Authentication::Credential::HTTP
        /;

        __PACKAGE__->config->{authentication}{http}{type} = 'any'; # or 'digest' or 'basic'
        __PACKAGE__->config->{authentication}{users} = {
            Mufasa => { password => "Circle Of Life", },
        };

        sub foo : Local {
            my ( $self, $c ) = @_;

            $c->authorization_required( realm => "foo" ); # named after the status code ;-)

            # either user gets authenticated or 401 is sent

            do_stuff();
        }

        # with ACL plugin
        __PACKAGE__->deny_access_unless("/path", sub { $_[0]->authenticate_http });

        sub end : Private {
            my ( $self, $c ) = @_;

            $c->authorization_required_response( realm => "foo" );
            $c->error(0);
        }

DESCRIPTION
    This moduule lets you use HTTP authentication with
    Catalyst::Plugin::Authentication. Both basic and digest authentication
    are currently supported.

METHODS
    authorization_required %opts
        Tries to "authenticate_http", and if that fails calls
        "authorization_required_response" and detaches the current action
        call stack.

        This method just passes the options through untouched.

    authenticate_http %opts
        Looks inside "$c->request->headers" and processes the digest and
        basic (badly named) authorization header.

        This will only try the methods set in the configuration.

        See the next two methods for what %opts can contain.

    authenticate_basic %opts
    authenticate_digest %opts
        Try to authenticate one of the methods without checking if the
        method is allowed in the configuration.

        %opts can contain "store" (either an object or a name), "user" (to
        disregard %the username from the header altogether, overriding it
        with a username or user %object).

    authorization_required_response %opts
        Sets "$c->response" to the correct status code, and adds the correct
        header to demand authentication data from the user agent.

        Typically used by "authorization_required", but may be invoked
        manually.

        %opts can contain "realm", "domain" and "algorithm", which are used
        to build %the digest header.

    store_digest_authorization_nonce $key, $nonce
    get_digest_authorization_nonce $key
        Set or get the $nonce object used by the digest auth mode.

        You may override these methods. By default they will call "get" and
        "set" on "$c->cache".

CONFIGURATION
    All configuration is stored in
    "YourApp->config->{authentication}{http}".

    This should be a hash, and it can contain the following entries:

    store
        Either a name or an object -- the default store to use for HTTP
        authentication.

    type
        Can be either "any" (the default), "basic" or "digest".

        This controls "authorization_required_response" and
        "authenticate_http", but not the "manual" methods.

AUTHORS
    Yuval Kogman, "nothingmuch@woobling.org"

    Jess Robinson

    Sascha Kiefer "esskar@cpan.org"

COPYRIGHT & LICENSE
            Copyright (c) 2005-2006 the aforementioned authors. All rights
            reserved. This program is free software; you can redistribute
            it and/or modify it under the same terms as Perl itself.