[EMAIL PROTECTED] (John Walker) wrote:
>I'm writing some stuff with CGI under mod perl. The users have to
>authenticate prior to even getting to the script... However, some of my
>users have more than one login with separate privlidges... (provided by
>the script). I want them to be able to log out and then log back in as
>someone else, but I can't quite figure out how to "UN-Authenticate".
>(DE-Authenticate?)
You can't do it with standard auth, you need cookie-based auth or another
alternative. Check out Apache::AuthCookie.
The login credentials are stored in the browser, and browsers don't provide any
logout mechanism. It's been one of the most glaring oversights since version 1
of Netscape, in my opinion.
>I'm using CGI.pm under Apache::Registry, so I don't have a nice $r
>object to see if I could do something like $c->user = ""; which I'm
>guessing would barf anyway.
You can call Apache->request() to get the $r object. But you're right, that
would barf.
------------------- -------------------
Ken Williams Last Bastion of Euclidity
[EMAIL PROTECTED] The Math Forum
