X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FCatalyst%2FAuthentication%2FCredential%2FHTTP.pm;h=13defab46d8c6cc9d865c98aed20e570549a3a30;hb=5490d6f6456e8abfa409900ee64ebb5714fd382d;hp=da79a9a4256ae159b9a9ad7cb6cc2c8bfafd5c2b;hpb=61d22a88137fa6ec4265c2f211cdfd121c10bc4c;p=catagits%2FCatalyst-Authentication-Credential-HTTP.git

diff --git a/lib/Catalyst/Authentication/Credential/HTTP.pm b/lib/Catalyst/Authentication/Credential/HTTP.pm
index da79a9a..13defab 100644
--- a/lib/Catalyst/Authentication/Credential/HTTP.pm
+++ b/lib/Catalyst/Authentication/Credential/HTTP.pm
@@ -18,6 +18,8 @@ __PACKAGE__->mk_accessors(qw/
     realm
     algorithm
     use_uri_for
+    no_unprompted_authorization_required
+    require_ssl
 /);
 
 our $VERSION = '1.013';
@@ -50,14 +52,24 @@ sub authenticate {
     my ( $self, $c, $realm, $auth_info ) = @_;
     my $auth;
 
+    $self->authentication_failed( $c, $realm, $auth_info )
+        if $self->require_ssl ? $c->req->scheme ne 'https' : 0;
+
     $auth = $self->authenticate_digest($c, $realm, $auth_info) if $self->_is_http_auth_type('digest');
     return $auth if $auth;
 
     $auth = $self->authenticate_basic($c, $realm, $auth_info) if $self->_is_http_auth_type('basic');
     return $auth if $auth;
 
-    $self->authorization_required_response($c, $realm, $auth_info);
-    die $Catalyst::DETACH;
+    $self->authentication_failed( $c, $realm, $auth_info );
+}
+
+sub authentication_failed {
+    my ( $self, $c, $realm, $auth_info ) = @_;
+    unless (!$self->no_unprompted_authorization_required) {
+        $self->authorization_required_response($c, $realm, $auth_info);
+        die $Catalyst::DETACH;
+    }
 }
 
 sub authenticate_basic {