On Wed, 3 Sep 2003, Ron Mahoney wrote: RM>On the other hand if you are coding for a mod_perl enabled server that you have RM>full control over then I would recommend you take a look at RM>Apache::AuthCookieDBI ( a subclass of Apache::AuthCookie ). You can either use RM>it directly or as a model for how to code the authentication and authorization RM>phases of Apache. Once that's setup and working all you have to do is drop in RM>.htaccess files in whatever directory you want protected (or put it in the RM>Directory section in your httpd.conf) and say what groups or users are RM>authorized to run these scripts.
I'm in the process of setting up a new (well, replacement) server and was thinking about playing with Apache::AuthCookieDBI/mod_auth_cookie_mysql, but if somebody can answer my question it'll save me some experimentation. What *I* need is something like Puneet's setup, except that I don't need sessions, per se, just the ability to log out (which is just a matter of expiring the cookie, in this case). But what I'm not finding in any of the documentation is whether it's possible to configure a critter such that it doesn't *demand* authentication. That is, if the cookie's there, Apache will authenticate and pass it on in the environment, but if it's not, it'll still allow access to the file (or in my case, script). ObHTML::Template: All the scripts being granted access to will use HTML::Template, except the wiki, and I'm seriously considering rewriting TWiki so that *it* uses H::T too. -- Karen J. Cravens [EMAIL PROTECTED] ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Html-template-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/html-template-users
