Folks, A basic question about implementing user authentication by means of CGI (and Perl if recommended):
I haven't found a script online or in a book that will do what I want (see below). HTTP Basic Authentication doesn't provide for explicit log-out. I'd rather not use cookies so users behind proxies won't have trouble with this site. Can anyone tell me: A. can it be done securely w/o huge program, incredible CGI/Perl skill, or server hacking? B. Where a concept/code starting point could be found? (URL or book - I don't want a specific code answer at this point.) Thanks in advance for your time on this one, 4 My criteria: I. Account structure I want: unique user accounts users are members of groups (a la Unix) use of HTTP's ".passwd" is OK II. Platform I'd use: OS: Win, Unix, or Linux Server: Apache or IIS Dev.: MacPerl5 III. Security of log-in: secure transmission of username & password IV. Behaviour I want: 1. (from public web page) All users see username/password log-in fields. 2. Rejected log-in gets error message (page or pop-up) and is returned to log-in page. 3. successful log-ins sent to username-specific page. This page and all others exclusively for this user account are visible only this user (except those pages appropriate to this user's group). 4. (from any of this user's pages) Log-out by clicking "log-out" link. 5. Logged-out users sent to some public "thank you/farewell" page on site. -- -- (207) 874-0678 [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
