>>>>
This may seem off subject but, If you bare with me, I don't think it is. I am interested in using the cookie based system referred to in the programming the apache api book but oftend wonder this.<<<<
Can you count on everyone to use cookies.
Sometime back I wrote a module based on Apache::AuthCookie called Apache::AuthCookieURL that uses cookies, or falls back to munged URLs if cookies were not enabled. It's on CPAN.
I wrote it for a site where people come in from public libraries. The requirement was that it had to do sessions even if cookies were disabled (as it was common for the public libraries to have cookies disabled).
It's been a while since I looked at it. I had added a way to disable the authen requirement for areas of the site (or everywhere), so it could be used just for dealing with sessions.
Do be careful about session hijacking.
Bill Moseley
mailto:[EMAIL PROTECTED]
