BasicAuthPlugin Schema

The BasicAuthPlugin schema defines the configuration for HTTP Basic Authentication in Rusty Beam. This plugin challenges users for username/password credentials and validates them against a user file.

Schema Definition

Schema URL: https://rustybeam.net/schema/BasicAuthPlugin

Parent Schema: https://rustybeam.net/schema/AuthPlugin

Properties

Configuration Example

<td itemprop="plugin" itemscope itemtype="https://rustybeam.net/schema/BasicAuthPlugin">
    <span itemprop="library">file://./plugins/librusty_beam_basic_auth.so</span>
    <span itemprop="realm">Admin Area</span>
    <span itemprop="authfile">file://./auth/users.html</span>
</td>

User File Format

The authfile should contain Credential items with authentication information:

<tr itemscope itemtype="https://rustybeam.net/schema/Credential">
    <td><span itemprop="username">admin</span></td>
    <td><span itemprop="password">$2b$12$LQv3c1yqBWVHxkd0LHAkCOYz6TtxMQJqhN8/LeF</span></td>
    <td><span itemprop="role">administrators</span></td>
</tr>

Authentication Flow

1. Client makes request to protected resource
2. Plugin challenges with HTTP 401 and WWW-Authenticate: Basic realm="[realm]"
3. Client sends credentials in Authorization: Basic [base64] header
4. Plugin validates credentials against authfile
5. Sets authenticated_user metadata for downstream plugins

Integration

With Authorization Plugin

Basic Auth typically runs before Authorization plugin to establish user identity. The Authorization plugin then uses the authenticated_user metadata to check permissions.

Browser Behavior

Browsers will display a login dialog when challenged with Basic Auth. For modern applications, consider using OAuth2 plugins instead for better user experience.

Security Considerations

See Also

• AuthPlugin - Parent schema
• Credential - Authentication credential schema
• AuthorizationPlugin - Role-based access control
• Basic Auth Plugin Documentation
• RFC 7617: HTTP Basic Authentication