Kremer
In the uTasker project we support only basic authentication so you will also be disappointed but I can give a couple of notes about its implementation:
1. The HTTP server must collect the GET infomation (possibly over multiple frames, which makes it a little bit trickier) and sort the "authorization basic" string plus the Base 64 encoded user name and password.
2. Once the '\r' at the end of this information has been received, the content can be decoded using base64 algorithm to get back to plain text (since theoretically anyone can do this base 64 encoded info is not really worth much more that plain text but it will at least work against 'lazy' evesdroppers).
3. If the info doesn't match, the server serves a small page with the following example content:
HTTP/1.0 401\r\nWWW-Authenticate: Basic realm=""MY WEBSERVER""\r\n\r\n
The 401 will cause the browser to offer the password dialog box.
4. Only when the user name and password match should the http server serve the requested page and react to any received commands. The serving part is simple because it either does it or re-serves the 401 side again. Handling commands is a little more complicated since the authentication information arrives usually after the data and so the data has to be buffered until the authentication has been completed (which may not be in the same TCP frame) but this is more an implementation detail.
However I can say that we do dynamic and controllable web server support (not cgi but something similar) allowing flexible control and do support the post method. In the uTasker demo project (free for non-commercial use) it is even possible to securely upload new code to the target using http post, which requires only a 2k byte boot program...
[document here:
http://www.utasker.com/docs/uTasker/uTaskerBootLoader.PDF]
Regards
Message Edited by mjbcswitzerland on 2007-02-1010:45 AM