The PLT Web server provides basic authentication following RFC 2617. These passwords are stored in passwords. The Web server caches passwords for performance reasons. Requesting the URL http://localhost/conf/refresh-passwords reloads the password file. The format is:
'((realm path-regexp (name password) ...) ...)
- A unique identifier for this set of passwords.
- A regular expression applied to the resource. If it matches, then this set of passwords is used for this resource.
- The login name for a user. Note that case-sensitivity depends on the current settings in MzScheme.
- The password, unencrypted, for the user.
For example, to hide anything in the
/secret/ directory under the
host-root, but allow access to bubba with the password
bbq and Billy with the password BoB, use
'(("secret stuff" "/secret(/.*)?" (bubba "bbq") (|Billy| "BoB")))