http://mivo.truxoft.com
MIVO!
miva beyond limits

MIVA^®  RESOURCES:  Authorization with MvCALL

by Ivo Truxa, 11/25/2000

1. Calling password protected URLs with Miva
2. The BasicAuth function and a sample call
3. Useful links
4. User Comments

Recent versions of Miva (up to 3.76, as for now) do not support HTTP authentication and therefore it is normally not possible to access any password protected pages with Miva MvCALL (I mean HTTP authorization password protection).

The basic HTTP authorization uses simple and insecure base-64 encoding algorithm to transmit the username and the password to the server. Base-64 encoding is used also for encoding binary files into e-mail attachments. If you have installed MimeConv 2.0 on your system, you can use this program for passing the authorization data through MvCALL and process the password-protected pages by your Miva script.

top

I wrote a short function that returns a string to be used as a MvCALL URL argument for password protected documents:
Have a look at the code here - basicAuth().

Be sure to install the MimeConv application before testing the function. The function would be used in MvCALL in the following way:

Basic Authorization is the most usual authorization, so the function should work in the vast majority of cases. However, other types of authentication with a securer encoding may be required by some servers. Most of the encryptions could be written in Miva as well.

If you do not want or cannot install MimeConv on your system, you can encode the user name and password in another way (e.g. locally on your workstation using the Windows version of MimeConv, using another base-64 encoder, sending as binary attachment or looking at the HTTP headers sent by your browser). The string to be encoded, has to be in this form:

Once you have the base-64 encoded strign, you can pass it to the server in this way:

top

top

Miva and some other terms used on this page are registerd trademarks of the Miva Corporation
copyright  truXoft  © 1997-2008