Yes, I believe that Apache::AuthCookie supports that as well. -----Original Message----- From: Karen J. Cravens [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 03, 2003 5:09 PM To: [EMAIL PROTECTED] Subject: Re: [htmltmpl] securing an H::T site with username/password w/session mgt1
On Wed, 3 Sep 2003, Ron Mahoney wrote: RM>On the other hand if you are coding for a mod_perl enabled server RM>that you have full control over then I would recommend you take a RM>look at Apache::AuthCookieDBI ( a subclass of Apache::AuthCookie ). RM>You can either use it directly or as a model for how to code the RM>authentication and authorization phases of Apache. Once that's setup RM>and working all you have to do is drop in .htaccess files in whatever RM>directory you want protected (or put it in the Directory section in RM>your httpd.conf) and say what groups or users are authorized to run RM>these scripts. I'm in the process of setting up a new (well, replacement) server and was thinking about playing with Apache::AuthCookieDBI/mod_auth_cookie_mysql, but if somebody can answer my question it'll save me some experimentation. What *I* need is something like Puneet's setup, except that I don't need sessions, per se, just the ability to log out (which is just a matter of expiring the cookie, in this case). But what I'm not finding in any of the documentation is whether it's possible to configure a critter such that it doesn't *demand* authentication. That is, if the cookie's there, Apache will authenticate and pass it on in the environment, but if it's not, it'll still allow access to the file (or in my case, script). ObHTML::Template: All the scripts being granted access to will use HTML::Template, except the wiki, and I'm seriously considering rewriting TWiki so that *it* uses H::T too. -- Karen J. Cravens [EMAIL PROTECTED] ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Html-template-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/html-template-users ------------------------------------------------------------------------------ This message is intended only for the personal and confidential use of the designated recipient(s) named above. If you are not the intended recipient of this message you are hereby notified that any review, dissemination, distribution or copying of this message is strictly prohibited. This communication is for information purposes only and should not be regarded as an offer to sell or as a solicitation of an offer to buy any financial product, an official confirmation of any transaction, or as an official statement of Lehman Brothers. Email transmission cannot be guaranteed to be secure or error-free. Therefore, we do not represent that this information is complete or accurate and it should not be relied upon as such. All information is subject to change without notice. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Html-template-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/html-template-users
